| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 20-Tan TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.10.2010, 18:07
| #1 |
 |  20-Tan Trojaner Hey Leute, leider ist auch bei mir der 20-Tan Trojaner auf der Onlinebanking Seite der Sparkasse aufgetreten. Ich habe natürlich sofort mein Zugang sperren lassen. Jetzt muss nurnoch der Trojaner weg. Die Frage, wie? Ich habe bereits verschiedene Beiträge gelesen, aber irgendwie werd ich aus dem ganzen noch nicht schlau. Also wie kann ich den Trojaner wirklich entfernen (wenn möglich ohne Formatierung), und woher weiß ich, dass er wirklich weg ist. Ich habe bereits Antimalware mit Komplettsuchlauf über mein System laufen lassen. Ohne einen Fund. Also wie verfahre ich jetzt am besten weiter? Mit der OTL.exe!? Ich würde mich ich freuen, wenn ich mit eurer Hifle mein Problem gelöst bekomme. Gruß, Marcel |
|
21.10.2010, 18:58
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | 20-Tan TrojanerZitat:
__________________ |
|
21.10.2010, 19:08
| #3 | |
| | 20-Tan Trojaner Aso, ok.
__________________Na denn: Zitat:
|
|
21.10.2010, 19:23
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Ok, und weitere / ältere Logs gibt es nicht?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.10.2010, 19:43
| #5 | ||
| | 20-Tan Trojaner Doch, noch 2 Quick-Scans Zitat:
Zitat:
|
|
21.10.2010, 19:51
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ --> 20-Tan Trojaner |
|
21.10.2010, 20:36
| #7 |
| | 20-Tan Trojaner So die beiden logfiles. OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.10.2010 21:03:55 - Run 1 OTL by OldTimer - Version 3.2.16.0 Folder = C:\Users\****\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 366,72 Gb Total Space | 102,64 Gb Free Space | 27,99% Space Free | Partition Type: NTFS Drive D: | 550,13 Gb Total Space | 504,54 Gb Free Space | 91,71% Space Free | Partition Type: NTFS Drive E: | 6,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: **** | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\mswinext.exe (Microsoft Corp.) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\EXPERTool\TBPANEL.exe (Gainward Co.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.) PRC - C:\Program Files (x86)\Sitecom\Common\RaUI.exe (Sitecom Europe BV) PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) PRC - C:\Program Files (x86)\Sitecom\Common\RalinkRegistryWriter.exe () PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\MMEDIA\TV Jukebox 3.5\tvjbMonitor.exe () PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\****\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\SysNative\TUProgSt.exe (TuneUp Software) SRV:64bit: - (TuneUp.Defrag) -- C:\Windows\SysNative\TuneUpDefragService.exe (TuneUp Software) SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG) SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Shared\Database2\bin\fbserver.exe (MAGIX®) SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink) SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\Sitecom\Common\RalinkRegistryWriter.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (BTHprint) -- C:\Windows\SysNative\drivers\BTHPRINT.SYS (Microsoft Corporation) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech ) DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan) DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\drivers\PSDVdisk.sys (Egis Incorporated) DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\drivers\PSDNServ.sys (Egis Incorporated) DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\drivers\psdfilter.sys (Egis Incorporated) DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation) DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys () DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.) DRV - (Cardex) -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0309&m=aspire_m5711 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0309&m=aspire_m5711 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0309&m=aspire_m5711 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101021145142\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: msntoolbar@msn.com:6.0 FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010.03.06 11:09:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010.08.28 23:40:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.08.28 23:40:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.21 14:53:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.21 14:53:33 | 000,000,000 | ---D | M] [2010.10.21 14:53:57 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2010.10.21 15:01:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\5jzvbcry.default\extensions [2010.10.21 15:01:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\5jzvbcry.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.10.21 14:53:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009.11.06 23:36:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.08.08 15:38:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.12 22:24:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.10.12 22:24:52 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.10.12 22:24:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.10.12 22:24:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.10.12 22:24:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.21 17:10:30 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101021145142\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe () O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated) O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [tvjbmonitor] C:\Program Files (x86)\MMEDIA\TV Jukebox 3.5\tvjbMonitor.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk = C:\Users\****\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies) O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mobiola Web Camera for S60.lnk = C:\Program Files (x86)\Mobiola Web Camera for S60\webcam.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8:64bit: - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8:64bit: - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8:64bit: - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} hxxp://download.sopcast.cn/download/SOPCORE.CAB (Reg Error: Key error.) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} hxxp://messenger.zone.msn.com/binary/Chess.cab57176.cab (ZoneChess Object) O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.10 23:33:59 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:34:03 | 000,439,056 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:34:02 | 007,864,832 | R--- | M] () - E:\autorun.dat -- [ UDF ] O32 - AutoRun File - [2010.09.10 23:33:38 | 000,000,141 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{56a92b1b-fb9a-11de-bf68-000a3a84ce4b}\Shell - "" = AutoRun O33 - MountPoints2\{56a92b1b-fb9a-11de-bf68-000a3a84ce4b}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found O33 - MountPoints2\{63589cc4-17c5-11df-b967-000a3a84ce4b}\Shell - "" = AutoRun O33 - MountPoints2\{63589cc4-17c5-11df-b967-000a3a84ce4b}\Shell\AutoRun\command - "" = J:\StartSetup.exe -- File not found O33 - MountPoints2\K\Shell - "" = AutoRun O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: ciphtend - (C:\Windows\system32\compeout.dll) - C:\Windows\SysWOW64\compeout.dll () O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.21 17:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.10.21 17:18:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2010.10.21 17:10:29 | 000,000,000 | ---D | C] -- C:\_OTL [2010.10.21 15:28:55 | 009,578,056 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\****\Desktop\SUPERAntiSpyware.exe [2010.10.21 12:54:46 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes [2010.10.21 12:54:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.10.21 12:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.21 12:54:31 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.10.21 12:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.10.21 11:37:34 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\****\Desktop\mbam-setup.exe [2010.10.13 08:41:42 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2010.10.13 08:41:42 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.10.13 08:41:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.10.13 08:41:40 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2010.10.13 08:41:39 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2010.10.13 08:41:38 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2010.10.13 08:41:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2010.10.13 08:41:38 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2010.10.13 08:41:38 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2010.10.13 08:41:30 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.10.13 08:41:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.10.13 08:41:30 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.10.13 08:41:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.10.13 08:41:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.10.13 08:41:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.10.13 08:41:29 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.10.13 08:41:29 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.10.13 08:41:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.10.13 08:41:29 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.10.13 08:41:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.10.13 08:41:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.10.13 08:41:29 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.10.13 08:41:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.10.13 08:41:24 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2010.10.13 08:41:23 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2010.10.13 08:41:22 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2010.10.13 08:41:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2010.10.13 08:41:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2010.10.12 20:49:07 | 000,000,000 | ---D | C] -- C:\Users\****\Handy [2010.10.11 18:24:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2010.10.11 18:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2010.10.10 13:02:55 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Tunngle [2010.10.10 13:02:55 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Tunngle [2010.10.10 13:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2010.10.10 13:02:53 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys [2010.10.10 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\LogMeIn Hamachi [2010.10.10 12:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.10.09 15:21:13 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\GameRanger [2010.10.04 13:33:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pc-profi-Chart_de2010 [2010.10.02 21:32:52 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Unity [2010.10.02 21:32:18 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Electronic Arts [2009.09.26 16:14:04 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\****\AppData\Roaming\pcouffin.sys [2009.03.03 10:46:58 | 000,049,152 | R--- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll ========== Files - Modified Within 30 Days ========== [2010.10.21 20:48:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.21 20:09:00 | 000,009,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.21 20:09:00 | 000,009,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.21 20:02:54 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.21 20:00:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml [2010.10.21 20:00:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.21 20:00:16 | 2146,873,343 | -HS- | M] () -- C:\hiberfil.sys [2010.10.21 17:18:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2010.10.21 17:11:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2010.10.21 17:10:30 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2010.10.21 15:30:16 | 009,578,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\****\Desktop\SUPERAntiSpyware.exe [2010.10.21 14:53:35 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.10.21 12:54:38 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.21 11:38:46 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\****\Desktop\mbam-setup.exe [2010.10.20 11:40:25 | 000,051,712 | -H-- | M] () -- C:\Windows\SysWow64\compeout.dll [2010.10.15 08:08:26 | 000,659,104 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.10.15 08:08:26 | 000,619,388 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.10.15 08:08:26 | 000,131,534 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.10.15 08:08:26 | 000,107,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.10.15 08:08:25 | 001,507,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.10.14 10:08:03 | 001,529,904 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.13 19:33:54 | 002,338,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.10.11 18:24:49 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2010.10.10 13:02:24 | 000,001,453 | ---- | M] () -- C:\Users\****\Desktop\Hamachi.lnk [2010.10.10 12:06:22 | 000,001,103 | ---- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2010.10.10 12:06:22 | 000,001,089 | ---- | M] () -- C:\Users\****\Desktop\GameRanger.lnk [2010.10.04 13:33:50 | 000,001,042 | ---- | M] () -- C:\Users\****\Desktop\pc-profi-Chart Planspiel*Börse 2010.lnk [2010.09.29 16:15:36 | 000,001,572 | ---- | M] () -- C:\Users\****\Desktop\Fifa 11.lnk [2010.09.26 09:31:55 | 000,001,708 | ---- | M] () -- C:\Users\****\Desktop\pes2011demo.lnk ========== Files Created - No Company Name ========== [2010.10.21 14:53:35 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.10.21 12:54:38 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.20 11:40:25 | 000,051,712 | -H-- | C] () -- C:\Windows\SysWow64\compeout.dll [2010.10.11 18:25:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2010.10.11 18:24:49 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2010.10.10 13:02:24 | 000,001,453 | ---- | C] () -- C:\Users\****\Desktop\Hamachi.lnk [2010.10.10 12:06:22 | 000,001,103 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2010.10.10 12:06:22 | 000,001,089 | ---- | C] () -- C:\Users\****\Desktop\GameRanger.lnk [2010.10.04 13:33:50 | 000,001,042 | ---- | C] () -- C:\Users\****\Desktop\pc-profi-Chart Planspiel*Börse 2010.lnk [2010.09.29 16:15:36 | 000,001,572 | ---- | C] () -- C:\Users\****\Desktop\Fifa 11.lnk [2010.09.26 09:31:55 | 000,001,708 | ---- | C] () -- C:\Users\****\Desktop\pes2011demo.lnk [2010.06.07 20:13:23 | 000,014,848 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.25 16:00:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\mupkernps11.dll [2010.04.19 00:23:56 | 000,000,017 | ---- | C] () -- C:\Users\****\AppData\Local\resmon.resmoncfg [2010.04.14 15:53:42 | 001,529,904 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.03.29 08:30:53 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini [2010.03.27 15:25:34 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2010.03.22 01:42:22 | 000,000,083 | ---- | C] () -- C:\Users\****\AppData\Local\X-Plane Installer.prf [2010.03.21 22:16:29 | 000,000,048 | ---- | C] () -- C:\Users\****\AppData\Local\x-plane_install.txt [2010.02.26 17:27:27 | 001,367,040 | ---- | C] () -- C:\Windows\SysWow64\VitaminCtrl.dll [2009.12.15 18:32:39 | 000,000,600 | ---- | C] () -- C:\Users\****\AppData\Roaming\winscp.rnd [2009.09.26 16:14:32 | 000,000,671 | ---- | C] () -- C:\Users\****\AppData\Roaming\vso_ts_preview.xml [2009.09.26 16:14:23 | 000,000,034 | ---- | C] () -- C:\Users\****\AppData\Roaming\pcouffin.log [2009.09.26 16:14:04 | 000,099,384 | ---- | C] () -- C:\Users\****\AppData\Roaming\inst.exe [2009.09.26 16:14:04 | 000,007,859 | ---- | C] () -- C:\Users\****\AppData\Roaming\pcouffin.cat [2009.09.26 16:14:04 | 000,001,167 | ---- | C] () -- C:\Users\****\AppData\Roaming\pcouffin.inf [2009.07.27 20:35:51 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.07.21 23:53:21 | 000,000,036 | -H-- | C] () -- C:\Windows\SysWow64\swk.ini [2009.07.21 23:43:45 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Roaming\AVSMediaPlayer.m3u [2009.07.21 23:38:49 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.07.21 23:38:49 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.25 23:02:21 | 000,000,000 | ---- | C] () -- C:\Windows\cdplayer.ini [2009.06.16 22:49:41 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.03.21 14:38:37 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2009.03.21 14:38:37 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2009.03.03 03:47:14 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2009.03.03 03:47:10 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2009.03.03 03:27:04 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [2002.04.17 15:29:42 | 000,651,264 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll [2002.04.17 15:29:42 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll ========== LOP Check ========== [2009.06.17 22:59:05 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.# [2009.11.06 23:49:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acer GameZone Console [2009.11.08 19:03:02 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Azureus [2010.10.13 10:27:41 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Canon [2010.08.01 17:55:00 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DAEMON Tools Lite [2010.02.12 13:00:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DAEMON Tools Pro [2009.11.06 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Desktopicon [2010.10.02 21:32:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Electronic Arts [2009.11.06 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\eSobi [2010.10.10 12:06:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\GameRanger [2010.10.12 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ICQ [2009.11.06 23:50:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech [2009.11.06 23:50:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PennerBox.EF83139ADA9E7663098D1414AE96317BD29C5F77.1 [2009.12.25 16:02:37 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ScummVM [2010.06.07 20:49:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Software Informer [2010.05.19 23:55:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer [2009.11.06 23:50:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\thriXXX [2009.11.06 23:50:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TuneUp Software [2010.10.11 18:31:47 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Tunngle [2010.03.05 16:10:54 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Ubisoft [2010.08.28 14:01:40 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vso [2010.10.02 18:24:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:9D1B94FD @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:47626ACA < End of report > Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.10.2010 21:03:55 - Run 1
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Users\****\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 366,72 Gb Total Space | 102,64 Gb Free Space | 27,99% Space Free | Partition Type: NTFS
Drive D: | 550,13 Gb Total Space | 504,54 Gb Free Space | 91,71% Space Free | Partition Type: NTFS
Drive E: | 6,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{2BEA2CD8-1A5D-4ADC-B000-C2A3207A6FCD}" = MobileMe Control Panel
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40B38ACD-8720-48F0-B5B0-29C37ADCDECB}" = Windows Live Language Selector
"{45D7A5CC-D03E-4AD9-BDD5-67D96C843349}" = Windows Live Remote Service
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{79A68C93-ED14-4E92-A960-FBB5B6578562}" = Windows Live MIME IFilter
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{846FB754-B377-4299-A459-7AB57DA4163C}" = Windows Live Remote Client Resources
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{907819B4-4543-4007-B3CC-63B23CB0074E}" = Windows Live Family Safety
"{9151385C-9B53-4058-8DC6-6257BE5CB4E9}" = Windows Live ID Sign-in Assistant
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D01D6E-EA9D-4AC8-8B56-844A37091803}" = Windows Live Remote Service Resources
"{9BEA9A7D-2FE1-4315-B93C-44C5B373DC40}" = Windows Live Family Safety
"{B0150E57-EF3C-5FB3-0F59-7421A8F0368A}" = ATI Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BA28586D-6AAF-48E3-ACAE-C0D457641985}" = Windows Live Remote Client Resources
"{BBB56AF7-E80F-411B-8B0D-E94352F7CFB7}" = Windows Live Remote Client
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C648B105-94EA-4AE0-8083-F08A4291841A}" = Windows Live Family Safety
"{CA4F6CCC-6C05-4263-9564-F862EAD6F36A}" = Windows Live Remote Service Resources
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CANONIJINBOXADDON200" = Canon Inkjet Printer Driver Add-On Module V2.00
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07766F89-EFAA-4635-86B7-636B89EA2C0D}" = Bing Bar Platform
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F4447FC-BA95-46D7-A433-F9DD47E81031}" = Nero 8 Essentials
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19666E73-D9E5-44D4-8F33-037ED151ECBC}" = Firebird SQL Server - MAGIX Edition
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19DD26A7-F0DD-472E-887F-44128C31163C}" = Windows Live Messenger
"{1A5B743C-FD87-48D0-9386-C4CCB5D3552C}" = Windows Live Sync Beta
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{248e4799-db04-4b1a-902c-194669f995ce}" = Nero Move it
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{3274D32D-3DA2-4AB9-9BD0-B4EDC6E03B7F}" = Windows Live Essentials-Betaversion
"{336C4194-47FA-40A8-8D65-21000CA5186E}" = Pro Evolution Soccer 2011 DEMO
"{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}" = Das große Tafelwerk interaktiv
"{380B7FE0-32A3-439A-B65C-B4ED55CADBF4}" = Windows Live Fotogalerie-Betaversion
"{3932CA01-E514-48A1-8D2D-B9DA712C58B5}" = Windows Live Writer
"{394A36B7-A693-48FD-AA14-DC17E291A378}" = Windows Live Writer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3D8621A6-42D4-46C9-B7B3-21566E7620FE}" = Messenger Companion
"{3F26BD75-95CD-4754-926F-E44C4528D0B9}" = Windows Live Movie Maker
"{3F62782D-2798-4540-B493-F6472197900E}" = Microsoft Search Enhancement Pack
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{41A15ABD-081B-43DC-91A5-8727265E8D77}" = Windows Live Photo Common
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{49C98C60-BAC3-4C92-AF4F-E890FD312D60}" = DER HERR DER RINGE: DIE GEFÄHRTEN
"{4D4E652E-6229-4C69-8EBD-AE0C6AE3BB69}" = Windows Live Sync-ActiveX-Steuerelement für Remoteverbindungen
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F88F5D8-767A-4EB4-9AFA-A7CBCC69D767}" = Windows Live SOXE
"{51559F51-2FAC-11D6-9FBF-0050DA5BC5D1}" = AEGIS Client
"{51559F52-2FAC-11D6-9FBF-0050DA5BC5D1}" = AEGIS Client
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10
"{54488589-76BC-4A3F-AC4F-71EBAD657850}" = Windows Live Communications Platform
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5BFD1EBB-0BC8-47AE-BD7C-8368E9CDD006}" = Windows Live Photo Gallery Beta
"{5EE59813-493A-4C10-A2BF-3647670CD7D6}" = Windows Live UX Platform Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{6425C9F0-D520-4F5B-9F68-C0DC643787AA}" = Windows Live Messenger
"{66069562-D3AF-4515-B1FD-7EE4DE5CE7D2}" = Windows Live PIMT Platform
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files (x86)\Acer GameZone\GameConsole
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.2.100
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}" = Camtasia Studio 5
"{7E432D8D-D78A-44A8-9FE8-B8942F7FD01F}" = Windows Live UX Platform
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}" = Beetle Junior
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}" = Magic Match Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}" = Magic Farm
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5323B7-45CB-48AB-B7E3-1C22BA63DA4C}" = Windows Vista Demo Screen Saver
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{915F574A-CFE9-4A13-851B-E37D58A41BF2}" = Windows Live Writer
"{91973772-A002-446D-8A67-B410553AD8F9}" = Windows Live SOXE Definitions
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95A4E899-87EF-43C7-99E3-9ED5342FBF12}" = Windows Live Movie Maker
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}" = FIFA 10 - Demo
"{9D6FAA1A-D87C-4F3E-B6C0-2646DC238CCF}" = Windows Live Mail
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A7920A06-258A-4E57-B391-95B8E3B92A3A}" = Windows Live Essentials Beta
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{ADFCF98D-9CB4-414F-B2F0-AF96E0302A3C}" = Windows Live Photo Common-Betaversion
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B33CAFFE-01C2-4D10-9E74-74C1E13E0C04}" = Windows Live Messenger Companion Core
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9D682DD-724A-4F18-B714-1B6AB423FD08}" = Windows Live Writer
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}" = Need for Speed™ SHIFT Demo
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0A30BAA-295D-4F7F-8776-FD09FD57E2E2}" = Windows Live Installer
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A232BD-D257-468B-9086-BBDFD4EE5809}" = Messenger Companion
"{C7A6AD68-9152-482B-9769-6E08231F0BD7}" = Windows Live Messenger
"{CB0BAFE9-B307-4FB7-8977-E09CA551246E}" = Windows Live Sync Beta
"{CED9B1E8-FFCB-4497-9DFC-F0B20146896E}" = Windows Live Mail
"{CF092689-6ADF-4C86-A8DA-31B0B448A36C}" = Junk Mail filter update
"{CF119AF4-6943-407F-B416-B4D77E6A7BDD}" = Windows Live Sync ActiveX Control for Remote Connections
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D75608C0-FBE2-4A0D-9A7A-871F08305949}" = Windows Live Writer Resources
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DBCC555E-9DC5-4095-8B87-FDE406010689}" = Windows Live UX Platform Language Pack
"{DC158DF7-6B36-4C6F-BC91-109014297994}" = FIFA 11 Demo
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{defa5390-8533-47b5-81f7-3816916bdc6f}" = Nero Move it Help
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{e390ab9b-2ba2-4336-923c-aa1648cb01b2}" = Nero Move it Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Wireless Network 300N Adapter
"{EAD90079-5C9F-4BB0-98D2-93CD2F29EB09}" = Windows Live Writer Resources
"{EC7A11C6-B776-43A5-8C40-E468B5476D16}" = Windows Live Photo Common Beta
"{ED486248-8800-40E1-AA2D-C6228CEB9679}" = Windows Live Mail
"{EE7F36D6-F67D-486A-A9D5-01DE1B6F6933}" = Windows Live Movie Maker
"{EF05063D-E51D-461B-933C-BF38E6F27F3B}" = Windows Live Sync Beta
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.5
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4851D03-553C-4ACE-ADBD-CA6BE8451072}" = Singles2
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}" = Windows 7 Upgrade Advisor
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB5AEB8B-D920-4F21-8336-16CFA828B145}" = Mesh Runtime
"{FCE7CF00-581E-4B9B-8794-24A196BBFBC0}" = Windows Live Photo Gallery
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Ask Toolbar_is1" = Ask Toolbar
"Auto Movie Creator_is1" = Auto Movie Creator 3.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Barclays Premier League Flagpack v2" = Barclays Premier League Flagpack v2
"Bridge Builder" = Bridge Builder
"Bridge Builder Demo" = Bridge Builder Demo
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"Catan Online Welt" = Catan Online Welt
"CCleaner" = CCleaner
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EA Download Manager" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"EXPERTool_is1" = EXPERTool 7.8
"FEAR 2 Project Origin_is1" = FEAR 2 Project Origin
"Fifa 10 Crowdpatch" = Fifa 10 Crowdpatch
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Audio Dub_is1" = Free Audio Dub version 1.5
"Free Video Dub_is1" = Free Video Dub version 1.7
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GeoGebra" = GeoGebra
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"Icy Tower v1.4_is1" = Icy Tower v1.4
"ImTOO MOV Converter" = ImTOO MOV Converter
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{49C98C60-BAC3-4C92-AF4F-E890FD312D60}" = DER HERR DER RINGE: DIE GEFÄHRTEN
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Foto Manager 8 D" = MAGIX Foto Manager 8
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Media Suite D" = MAGIX Media Suite
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Menu- & Loadingbackground Patch v10" = Menu- & Loadingbackground Patch v10
"Messenger Plus! Live" = Messenger Plus! Live
"Mobiola Web Camera for S60_is1" = Mobiola Web Camera for S60 3.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"mufin player D" = mufin player
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Next Generation 2010 Graphic Patch" = Next Generation 2010 Graphic Patch
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"pc-profi-Chart_de2010_is1" = pc-profi-Chart_de2010
"RemoteCapture for Canon G1, G2 and Pro90IS v1.1a" = RemoteCapture for Canon G1, G2 and Pro90IS v1.1a
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"ScummVM_is1" = ScummVM 1.0.0
"SopCast" = SopCast 2.0.4
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VLC media player" = VLC media player 1.0.0
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials-Betaversion
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
"Wordpool_is1" = Wordpool 2.7.7
"Xilisoft AVI to DVD Converter" = Xilisoft AVI to DVD Converter
"Xilisoft iPod Manager" = Xilisoft iPod to PC Copy
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.0.0.18
"GameRanger" = GameRanger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.10.2010 14:02:56 | Computer Name = **** | Source = MDC8021X | ID = 1041
Description =
Error - 21.10.2010 14:02:56 | Computer Name = **** | Source = MDC8021X | ID = 1000
Description =
Error - 21.10.2010 14:02:56 | Computer Name = **** | Source = MDC8021X | ID = 1041
Description =
Error - 21.10.2010 14:03:06 | Computer Name = **** | Source = MDC8021X | ID = 1000
Description =
Error - 21.10.2010 14:03:06 | Computer Name = **** | Source = MDC8021X | ID = 1041
Description =
Error - 21.10.2010 14:03:16 | Computer Name = **** | Source = MDC8021X | ID = 1000
Description =
Error - 21.10.2010 14:03:16 | Computer Name = **** | Source = MDC8021X | ID = 1041
Description =
Error - 21.10.2010 14:03:20 | Computer Name = **** | Source = MDC8021X | ID = 1000
Description =
Error - 21.10.2010 14:03:20 | Computer Name = **** | Source = MDC8021X | ID = 1041
Description =
Error - 21.10.2010 14:03:37 | Computer Name = **** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ Media Center Events ]
Error - 10.01.2010 13:59:58 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) AF9015 BDA
Filter
Error - 10.01.2010 14:04:59 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 14.01.2010 18:04:56 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) AF9015 BDA
Filter
Error - 14.01.2010 18:09:56 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 15.01.2010 17:18:39 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 27.01.2010 17:15:06 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) AF9015 BDA
Filter
Error - 27.01.2010 17:21:34 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 17.02.2010 17:25:03 | Computer Name = **** | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) AF9015 BDA
Filter
Error - 20.02.2010 17:17:20 | Computer Name = **** | Source = MCUpdate | ID = 0
Description = 22:17:20 - Fehler beim Herstellen der Internetverbindung. 22:17:20
- Serververbindung konnte nicht hergestellt werden..
Error - 20.02.2010 17:17:54 | Computer Name = **** | Source = MCUpdate | ID = 0
Description = 22:17:26 - Fehler beim Herstellen der Internetverbindung. 22:17:26
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 20.05.2010 14:23:44 | Computer Name = **** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.10.2010 12:05:38 | Computer Name = **** | Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error - 21.10.2010 12:06:37 | Computer Name = **** | Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error - 21.10.2010 12:06:41 | Computer Name = ****| Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error - 21.10.2010 12:07:41 | Computer Name = **** | Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error - 21.10.2010 14:00:27 | Computer Name = **** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?10.?2010 um 19:57:22 unerwartet heruntergefahren.
Error - 21.10.2010 14:00:17 | Computer Name = **** | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "002268496CD5", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 21.10.2010 14:00:17 | Computer Name = **** | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "002268496CD5", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 21.10.2010 14:00:31 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1083
Error - 21.10.2010 14:00:39 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TBPanel" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 21.10.2010 14:00:52 | Computer Name = **** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "TuneUp Program Statistics Service" wurde mit folgendem
Fehler beendet: %%1153
< End of report >
|
|
21.10.2010, 21:05
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O36 - AppCertDlls: ciphtend - (C:\Windows\system32\compeout.dll) - C:\Windows\SysWOW64\compeout.dll ()
[2009.06.17 22:59:05 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.#
[2010.05.25 16:00:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\mupkernps11.dll
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:9D1B94FD
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:47626ACA
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2010, 21:27
| #9 | |
| | 20-Tan Trojaner Gesagt, getan. Zitat:
|
|
21.10.2010, 22:11
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2010, 22:20
| #11 | |
| | 20-Tan Trojaner das sieht dann wohl so aus Zitat:
|
|
21.10.2010, 22:26
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Starte bitte MBRCheck.exe erneut. Diesmal tippe in das Fenster folgendes ein und bestätige jede Eingabe mit Enter bei
Nun findest Du 2 MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop. Poste mir den Inhalt von beiden .txt Dokumenten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2010, 23:20
| #13 |
| | 20-Tan Trojaner So habe jetzt alle Sachen so eingegebn, wie du gesagt hast, nur leider bootet mein rechner jetzt nicht mehr. Der verlangt ein Medium, von welchem aus er booten kann. Da damals bei meinem Pc leider keine Treiber-CD für das Betriebssytem dabei war, und ich von Win7 nur ein Upgrade habe, habe ich jetzt ein Problem!? |
|
22.10.2010, 14:34
| #14 | |
| | 20-Tan TrojanerZitat:
Hat es Sinn die Festplatte rauszunehmen und extern an einen anderen PC anzuschließen? Oder ist die gefahr, dass ich so den anderen PC auch infizieren könnte zu groß? |
|
23.10.2010, 18:31
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 20-Tan Trojaner Hast Du eine Win7-DVD zur normalen Installation da? Wenn nicht, musst Du Dir so eine besorgen oder leihen. Mit der gehst Du in die Wiederherstellungskonsole => Starten Sie die Wiederherstellungskonsole unter Windows 7 Es ist allgemein problematisch, dass man nicht mehr für Notfälle keine vernünftigen Installations-CDs oder DVDs mehr hat. Wie würdest Du denn vorgehen, wenn Du Windows mal komplett neu installieren musst?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu 20-Tan Trojaner |
| antimalware, beiträge, beste, besten, ebanking, entferne, entfernen, formatierung, frage, gelöst, laufen, leute, natürlich, onlinebanking, otl.exe, problem, problem gelöst, seite, sofort, sparkasse, sperre, sperren, system, trojane, trojaner, verschiedene, wirklich, würde, zugang |
Linear-Darstellung
