| Conny_1986 | 09.10.2012 15:48 |
habe jetzt soweit alles nach der anleitung durchgeführt OTL.TXTOTL Logfile: Code:
OTL logfile created on: 09.10.2012 12:54:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Conny\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1022,18 Mb Total Physical Memory | 522,73 Mb Available Physical Memory | 51,14% Memory free
2,00 Gb Paging File | 1,16 Gb Available in Paging File | 58,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 28,62 Gb Free Space | 38,45% Space Free | Partition Type: NTFS
Computer Name: CONNY-PC | User Name: Conny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.09 12:54:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Conny\Desktop\OTL.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011.06.28 15:08:48 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 23:58:19 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.04 04:14:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2010.02.18 13:28:44 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.18 13:26:44 | 001,047,368 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.17 06:42:06 | 000,105,632 | ---- | M] (Corel) -- C:\Programme\Common Files\Corel\Standby\Standby.exe
PRC - [2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2008.05.09 13:04:24 | 000,090,112 | ---- | M] (IDT, Inc.) -- C:\Programme\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe
PRC - [2006.10.31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006.10.27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006.10.26 20:24:54 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2006.09.28 21:21:04 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
========== Modules (No Company Name) ==========
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
========== Services (SafeList) ==========
SRV - [2012.09.21 15:14:14 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.28 15:08:48 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 23:58:19 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.08.08 18:10:23 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.08.08 16:34:45 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.02.18 13:26:44 | 001,047,368 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.18 13:22:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.05.09 13:04:24 | 000,090,112 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006.10.31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.10.26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2011.06.28 15:08:59 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 15:08:59 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.08.08 15:46:53 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.05.09 13:05:36 | 000,650,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.11.08 10:29:52 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007.02.20 16:44:00 | 004,457,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Österreich: Hotmail, Messenger, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle und mehr bei MSN AT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 D8 16 71 95 5A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = Suche
IE - HKCU\..\SearchScopes,DefaultScope = {48639E64-816C-1E71-A11F-AF2D7041DC94}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{48639E64-816C-1E71-A11F-AF2D7041DC94}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&pc=Z013&form=ZGAIDF
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.08.27 22:47:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.10.16 18:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Extensions
[2010.10.16 18:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.09 01:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: news.ORF.at
CHR - Extension: Skype Click to Call = C:\Users\Conny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Programme\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Programme\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Programme\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [dmctut] C:\Users\Conny\AppData\Roaming\dmctut.dll (Ray Hinchliffe)
O4 - HKLM..\Run: [HKLM] C:\Windows\System32\firefox\firefox.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [shlbme] rundll32.exe File not found
O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [uadup] rundll32.exe File not found
O4 - HKCU..\Run: [HKCU] C:\Windows\System32\firefox\firefox.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\firefox\firefox.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Windows\system32\firefox\firefox.exe (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Conny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Conny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32670B16-D541-40F7-885B-B09C62CBE8D8}: DhcpNameServer = 10.0.0.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF991DB5-4927-4658-80EF-FB7C3AAD8598}: DhcpNameServer = 192.168.100.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.09 12:53:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Conny\Desktop\OTL.exe
[2012.10.09 12:49:53 | 000,000,000 | ---D | C] -- C:\Users\Conny\Desktop\Files für TB
[2012.10.08 11:31:48 | 000,177,664 | ---- | C] (Ray Hinchliffe) -- C:\Users\Conny\AppData\Roaming\dmctut.dll
[2012.09.21 15:48:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\firefox
[2012.09.21 15:48:37 | 001,075,200 | ---- | C] (WinZip Computing, S.L.) -- C:\Users\Conny\AppData\Roaming\zip.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.09 12:54:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Conny\Desktop\OTL.exe
[2012.10.09 12:50:59 | 000,000,000 | ---- | M] () -- C:\Users\Conny\defogger_reenable
[2012.10.09 12:38:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.09 12:15:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.09 12:14:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.09 10:56:10 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 10:56:10 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 10:51:05 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.09 10:50:46 | 803,872,768 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.08 11:31:48 | 000,177,664 | ---- | M] (Ray Hinchliffe) -- C:\Users\Conny\AppData\Roaming\dmctut.dll
[2012.09.21 16:54:12 | 000,000,792 | ---- | M] () -- C:\Users\Conny\AppData\Roaming\Connyv3.3.0.0.vbs
[2012.09.21 15:48:46 | 000,154,283 | -H-- | M] () -- C:\Users\Conny\AppData\Roaming\Conny-wchelper.dll
[2012.09.21 15:48:37 | 001,075,200 | ---- | M] (WinZip Computing, S.L.) -- C:\Users\Conny\AppData\Roaming\zip.exe
[2012.09.21 15:48:36 | 000,101,955 | ---- | M] () -- C:\Users\Conny\AppData\Roaming\me.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.09 12:50:59 | 000,000,000 | ---- | C] () -- C:\Users\Conny\defogger_reenable
[2012.09.21 16:54:12 | 000,000,792 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\Connyv3.3.0.0.vbs
[2012.09.21 15:48:46 | 000,154,283 | -H-- | C] () -- C:\Users\Conny\AppData\Roaming\Conny-wchelper.dll
[2012.09.21 15:48:36 | 000,101,955 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\me.jpg
[2012.07.11 15:58:51 | 000,124,928 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\uadup.dll
[2012.06.13 22:34:05 | 000,139,776 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\shlbme.dll
[2011.06.19 19:39:29 | 000,000,000 | ---- | C] () -- C:\Users\Conny\AppData\Local\{C0CA2758-088B-4F9C-BC10-F4006C93096B}
[2011.06.19 19:23:02 | 000,000,000 | ---- | C] () -- C:\Users\Conny\AppData\Local\{7739FDA9-E4C6-4111-A493-5CECDEC9604B}
[2011.05.05 01:31:39 | 000,013,826 | -HS- | C] () -- C:\Users\Conny\AppData\Local\i2152v11p7d4sg8
[2011.05.05 01:31:39 | 000,013,826 | -HS- | C] () -- C:\ProgramData\i2152v11p7d4sg8
[2011.03.07 18:33:49 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.03.07 18:33:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.10.16 18:47:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.09.14 12:19:47 | 000,000,088 | RHS- | C] () -- C:\ProgramData\ED5232CE4B.sys
[2010.09.14 12:19:45 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.08 19:04:27 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012.10.09 10:51:14 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-1256000398-2896390412-820788443-1000\$5a4e273500eb688096663104a53ef100\n. -- File not found
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\$Recycle.Bin\S-1-5-18\$5a4e273500eb688096663104a53ef100\n. -- File not found
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.09.21 15:54:44 | 000,000,000 | -H-D | M] -- C:\Users\Conny\AppData\Roaming\CC0D762A
[2011.08.07 15:42:56 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\DVDVideoSoft
[2011.08.07 15:41:52 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.09.14 17:39:37 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\IrfanView
[2011.09.21 13:05:44 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\LimeWire
[2010.10.16 18:47:10 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Thunderbird
[2010.08.08 16:34:38 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\TuneUp Software
[2010.09.14 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Ulead Systems
[2012.07.13 14:28:55 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\xsecva
========== Purity Check ==========
< End of report >
--- --- --- EXTRA.TXTOTL Logfile: Code:
OTL Extras logfile created on: 09.10.2012 12:54:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Conny\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1022,18 Mb Total Physical Memory | 522,73 Mb Available Physical Memory | 51,14% Memory free
2,00 Gb Paging File | 1,16 Gb Available in Paging File | 58,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 28,62 Gb Free Space | 38,45% Space Free | Partition Type: NTFS
Computer Name: CONNY-PC | User Name: Conny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B2920232-19DA-44FC-835F-68E427EAE2CE}" = PC Camera (0022.2009.1125.1004)
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.11.727
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.40.602
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"IrfanView" = IrfanView (remove only)
"LimeWire" = LimeWire 5.5.13
"Mozilla Thunderbird 15.0.1 (x86 de)" = Mozilla Thunderbird 15.0.1 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"PPTmovie" = PPTexpert PPTmovie
"Search Toolbar" = Search Toolbar
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2012 06:53:18 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xea8 Startzeit der fehlerhaften Anwendung: 0x01cda60c4a751263 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 8847c3dd-11ff-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:54:18 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x514 Startzeit der fehlerhaften Anwendung: 0x01cda60c6e78b7e1 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: ac2a086f-11ff-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:55:18 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x84c Startzeit der fehlerhaften Anwendung: 0x01cda60c925637bf Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: d007884d-11ff-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:56:19 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xf1c Startzeit der fehlerhaften Anwendung: 0x01cda60cb63d4105 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: f3ec2f39-11ff-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:57:19 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xaa8 Startzeit der fehlerhaften Anwendung: 0x01cda60cda1b0d2e Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 17cc5dbc-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:58:19 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x780 Startzeit der fehlerhaften Anwendung: 0x01cda60cfdfd51c0 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 3bb104a8-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 06:59:20 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xfc Startzeit der fehlerhaften Anwendung: 0x01cda60d21e45b06 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 5fd1465e-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 07:00:20 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xa50 Startzeit der fehlerhaften Anwendung: 0x01cda60d45ffd808 Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 83b12896-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 07:01:20 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xe78 Startzeit der fehlerhaften Anwendung: 0x01cda60d69e6e14e Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: a7d62f00-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 07:02:21 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xfe4 Startzeit der fehlerhaften Anwendung: 0x01cda60d8e04c0aa Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: cbb61138-1200-11e2-a1b8-0013a907be37
Error - 09.10.2012 07:03:21 | Computer Name = Conny-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x238 Startzeit der fehlerhaften Anwendung: 0x01cda60db1e7053c Pfad der
fehlerhaften Anwendung: C:\Windows\System32\svchost.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: efcf2be0-1200-11e2-a1b8-0013a907be37
[ System Events ]
Error - 08.10.2012 18:26:25 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Tosrfcom
Error - 08.10.2012 18:27:00 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 08.10.2012 18:27:00 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 08.10.2012 18:27:00 | Computer Name = Conny-PC | Source = DCOM | ID = 10005
Description =
Error - 09.10.2012 04:50:54 | Computer Name = Conny-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?10.?2012 um 10:18:31 unerwartet heruntergefahren.
Error - 09.10.2012 04:51:07 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 09.10.2012 04:51:07 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 09.10.2012 04:51:07 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 09.10.2012 04:51:58 | Computer Name = Conny-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Tosrfcom
Error - 09.10.2012 06:38:30 | Computer Name = Conny-PC | Source = DCOM | ID = 10010
Description =
[ TuneUp Events ]
Error - 08.04.2011 15:10:21 | Computer Name = Conny-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
--- --- --- GMER.TXT
GMER Logfile: Code:
GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-10-09 16:32:10
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 HTS541080G9SA00 rev.MB4OC65D
Running: 6dmm24cz.exe; Driver: C:\Users\Conny\AppData\Local\Temp\fgloqpog.sys
---- System - GMER 1.0.15 ----
SSDT 8BF90076 ZwCreateSection
SSDT 8BF9007B ZwSetContextThread
SSDT 8BF90017 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A7E579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82AA2F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 340 82AAA840 4 Bytes [76, 00, F9, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 6E0 82AAABE0 4 Bytes [7B, 00, F9, 8B]
.text ntkrnlpa.exe!RtlSidHashLookup + 7B8 82AAACB8 4 Bytes [17, 00, F9, 8B]
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8C426340, 0x295597, 0xE8000020]
.text autochk.exe 00771204 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text autochk.exe 0077120C 1 Byte [00]
.text autochk.exe 00771210 6 Bytes [BC, E6, 77, 46, 00, 00]
.text autochk.exe 00771217 3 Bytes [80, F2, 0C] {XOR DL, 0xc}
.text autochk.exe 0077121C 1 Byte [00]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[676] ADVAPI32.dll!RegSetValueExA 76741B96 5 Bytes JMP 10161C00 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] ADVAPI32.dll!RegSetValueExW 76741C82 5 Bytes JMP 10161CC0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] ADVAPI32.dll!RegSetValueW 7675FA72 5 Bytes JMP 10161B40 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] ADVAPI32.dll!RegSetValueA 7678F529 5 Bytes JMP 10161A80 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!CreateDialogParamW 77B79BFF 5 Bytes JMP 10161E90 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!CreateWindowExW 77B80E51 5 Bytes JMP 6CD17AA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!CreateDialogParamA 77B93E79 5 Bytes JMP 10162010 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!DialogBoxIndirectParamW 77BA4AA7 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!DialogBoxIndirectParamW 77BA4AA7 5 Bytes JMP 6CE658AB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!TrackPopupMenu 77BA4B3B 5 Bytes JMP 10161170 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!DialogBoxParamW 77BA564A 5 Bytes JMP 101621F0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!TrackPopupMenuEx 77BA5F72 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!TrackPopupMenuEx 77BA5F72 5 Bytes JMP 101612D0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!DialogBoxParamA 77BBCF6A 5 Bytes JMP 10162100 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!DialogBoxIndirectParamA 77BBD29C 5 Bytes JMP 6CE6590E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxIndirectA 77BCE8C9 5 Bytes JMP 6CE657DD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxIndirectW 77BCE9C3 5 Bytes JMP 6CE65772 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxExA 77BCEA29 5 Bytes JMP 6CE65710 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxExW 77BCEA4D 5 Bytes JMP 6CE656AE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxA 77BCEA71 5 Bytes JMP 10162370 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] USER32.dll!MessageBoxW 77BCEABF 5 Bytes JMP 10162450 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[676] ole32.dll!OleLoadFromStream 76175B88 5 Bytes JMP 6CE65B74 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ADVAPI32.dll!RegSetValueExA 76741B96 5 Bytes JMP 057C1C00 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ADVAPI32.dll!RegSetValueExW 76741C82 5 Bytes JMP 057C1CC0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ADVAPI32.dll!RegSetValueW 7675FA72 5 Bytes JMP 057C1B40 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ADVAPI32.dll!RegSetValueA 7678F529 5 Bytes JMP 057C1A80 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!CreateDialogParamW 77B79BFF 5 Bytes JMP 057C1E90 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!UnhookWindowsHookEx 77B7CC7B 5 Bytes JMP 6CD27E18 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!CallNextHookEx 77B7CC8F 5 Bytes JMP 6CD094EC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!CreateWindowExW 77B80E51 5 Bytes JMP 6CD17AA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!SetWindowsHookExW 77B8210A 5 Bytes JMP 6CCC4243 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!CreateDialogParamA 77B93E79 5 Bytes JMP 057C2010 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!DialogBoxIndirectParamW 77BA4AA7 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!DialogBoxIndirectParamW 77BA4AA7 5 Bytes JMP 6CE658AB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!TrackPopupMenu 77BA4B3B 5 Bytes JMP 057C1170 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!DialogBoxParamW 77BA564A 5 Bytes JMP 057C21F0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!TrackPopupMenuEx 77BA5F72 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!TrackPopupMenuEx 77BA5F72 5 Bytes JMP 057C12D0 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!DialogBoxParamA 77BBCF6A 5 Bytes JMP 057C2100 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!DialogBoxIndirectParamA 77BBD29C 5 Bytes JMP 6CE6590E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxIndirectA 77BCE8C9 5 Bytes JMP 6CE657DD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxIndirectW 77BCE9C3 5 Bytes JMP 6CE65772 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxExA 77BCEA29 5 Bytes JMP 6CE65710 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxExW 77BCEA4D 5 Bytes JMP 6CE656AE C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxA 77BCEA71 5 Bytes JMP 057C2370 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] USER32.dll!MessageBoxW 77BCEABF 5 Bytes JMP 057C2450 C:\Users\Conny\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ole32.dll!OleLoadFromStream 76175B88 5 Bytes JMP 6CE65B74 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2840] ole32.dll!CoCreateInstance 761C57FC 5 Bytes JMP 6CD18595 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library c:\windows\system32\y (*** hidden *** ) @ C:\Windows\system32\svchost.exe [912] 0x00E40000
Library c:\windows\system32\y (*** hidden *** ) @ C:\Windows\Explorer.EXE [1728] 0x02390000
---- EOF - GMER 1.0.15 ----
--- --- --- AVIRA-MELDUNG
Funde
Objekt: 80000032.@ Fund: TR/ATRAPS.Gen2 Aktion: In Quarantäne verschieben
Zusammenfassung:
Name: TR/ATRAPS.Gen2
Entdeckt am: 08/05/2008
Art: Trojan
In freier Wildbahn: Ja
Gemeldete Infektionen: Niedrig
Verbreitungspotenzial: Niedrig
Schadenspotenzial: Niedrig
Statische Datei: Nein
Engine Version: 7.08.00.16
Allgemein Alias:
Ähnliche Erkennung:
• TR/ATRAPS.Gen |
