Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Dropper.Gen hat mich erwischt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.12.2010, 00:28   #1
mcfaul
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Hallo zusammen

Habe vor ein paar Tagen die Info bekommen (AVIR), dass ich mir den TR/Dropper.Gen eingehandelt habe. Durch verschieben der infizierten files in die Quarantäne ist das aber nicht behebbar und jedesmal beim Neustart ist er wieder da. Wie kann man das beheben?
Kann mir da jemand helfen?

Danke mal im Voraus
Mcfaul

Alt 19.12.2010, 10:37   #2
rea
/// Helfer-Team
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Hallo mcfaul,

deine Angaben sind ja mal wirklich dürftig, aber nunja...



Vorweg ein paar Hinweise (Bitte beachten!):

  • Lies meine Anleitung für dich sorgfältig durch, bevor du beginnst. Führe alle Schritte unbedingt der Reihe nach aus, da manchmal der eine Punkt den anderen voraussetzt.
  • Wenn dir etwas im Verlauf der Bereinigung unklar ist, frage bitte in deinem Thread nach, bevor du weitermachst - doofe Fragen gibt es nicht.
  • Lade alle hier angeordneten Programme nur durch die jeweiligen Links herunter! Wenn ein Link nicht funktionieren sollte, melde dich bitte.
  • Installiere während der Bereinigung keine weiteren Programme, ausser denen, die wir dir für die Bereinigung anordnen.
  • Berichte zu jedem Schritt, ob Du ihn abgearbeitet hast, bzw. ob und welche Probleme dabei aufgetreten sind.
  • Sollten beim Abarbeiten der Anleitung Probleme auftauchen, bitte vorerst nicht weitermachen, sondern stoppen und das Problem hier im Thread schildern.
  • Editiere alle persönlichen Daten wie z.B. vollständige Namen realer und privater Personen aus den geforderten Logfiles, bevor du sie postest.
  • Und falls eine Antwort mal länger dauern wird, freu ich mich auch über einen hinweis



Ich geb mir Mühe, alles zu finden, was nicht auf dein System gehört, aber muss dich darauf hiweisen, dass Formatieren und Neuaufsetzen in den meisten Fällen die schnellste und sicherste Variante ist ein sauberes System zu bekommen. Wenn du trotzdem bereinigen möchtest, folgt hier die Anleitung:





1.) Avira Antivir - Was wurde gefunden?

Damit wir uns die Funde deines Antivirenprogrammes mal genau ansehen können, gehe bitte wie folgt vor:
  • Starte Avira Antivir
  • Unter dem Reiter Übersicht auf Ereignisse klicken
  • Dort bitte überprüfen, dass oben Alle angehakt sind und unter Filter nur das Kästchen Fund, die anderen bitte auslassen.
  • Alle Funde markieren (Sofern vorhanden)
  • Oben auf den runden Pfeil klicken (Ausgewählte Ereignisse exportieren)
  • Unter dem vorgegebenen Namen abspeichern und den Inhalt dieser .txt-Datei hier ebenfalls posten.






2.) Systemscan mit OTL
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop.
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.
__________________

__________________

Alt 28.12.2010, 13:12   #3
rea
/// Helfer-Team
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Hallo mcfaul,

gehts hier noch weiter? Ansonsten lösche ich diesen Thread in einer Woche aus meinen Abos.
__________________
__________________

Alt 25.02.2011, 00:36   #4
mcfaul
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Sorry, hatten einen Total-Crash.
Bin erst jetzt mit meinem neuen Computer wieder soweit, aber zum Glück dzt. keine Probleme.
Danke trotzdem für die angebotene Hilfe.

McFaul

Alt 26.02.2011, 18:42   #5
mcfaul
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Hallo Rea

Habe jetzt meinen 2.Computer mal unter die Lupe genommen (verwendet normal nur meine Familie und ich zum Video-Schneiden) und AVIRA hat eine JAVA-Malware gefunden. Ich bin Deiner Anleitung mal gefolgt & poste hier die AVIRA-Ereignisse & die beiden OTL-reports:

Ereignisse.txt:
Code:
ATTFilter
Exportierte Ereignisse:

26.02.2011 13:43 [Scanner] Malware gefunden
      Die Datei 'E:\WOLFGANG-PC\Backup Set 2011-02-13 190001\Backup Files 2011-02-20 
      190004\Backup files 1.zip'
      enthielt einen Virus oder unerwünschtes Programm 'JAVA/Agent.FK' [virus].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4818516c.qua' 
      verschoben!

26.02.2011 13:43 [Scanner] Malware gefunden
      Die Datei 
      'C:\Users\Wolfgang\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2fbd2795-7a
      aae0bf'
      enthielt einen Virus oder unerwünschtes Programm 'JAVA/Agent.FK' [virus].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '508e7ec1.qua' 
      verschoben!
         
OTL.txt:
Code:
ATTFilter
OTL logfile created on: 26.02.2011 18:26:24 - Run 1
OTL by OldTimer - Version 3.2.22.0     Folder = C:\Users\Wolfgang\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 27,00% Memory free
8,00 Gb Paging File | 4,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 65,20 Gb Free Space | 7,00% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 661,27 Gb Free Space | 70,99% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 0,08 Gb Free Space | 0,01% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 551,26 Gb Free Space | 59,18% Space Free | Partition Type: NTFS
Drive L: | 1397,26 Gb Total Space | 73,48 Gb Free Space | 5,26% Space Free | Partition Type: NTFS
Drive M: | 279,39 Gb Total Space | 171,46 Gb Free Space | 61,37% Space Free | Partition Type: NTFS
Drive N: | 1863,01 Gb Total Space | 1574,48 Gb Free Space | 84,51% Space Free | Partition Type: NTFS
 
Computer Name: WOLFGANG-PC | User Name: Wolfgang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.26 17:59:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Wolfgang\Downloads\OTL.exe
PRC - [2011.02.13 01:32:08 | 001,650,504 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
PRC - [2011.02.13 01:32:07 | 000,939,848 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.02.13 01:32:06 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011.01.11 23:05:48 | 001,718,280 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\svchost.exe
PRC - [2011.01.11 23:05:48 | 001,718,280 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\svchost.exe
PRC - [2010.12.10 22:23:05 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.10 22:16:03 | 000,397,688 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe
PRC - [2010.12.10 14:39:09 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.03 20:34:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.03 20:34:17 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.09.22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010.05.04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.04.26 10:06:44 | 000,096,112 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
PRC - [2010.03.18 10:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.11.17 18:03:54 | 000,083,456 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
PRC - [2009.11.15 18:09:38 | 000,601,088 | ---- | M] (Hauppauge Computer Works) -- C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.05.19 18:39:44 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.03.17 17:40:00 | 000,767,312 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
PRC - [2008.01.18 20:26:54 | 000,253,952 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE\CameraMonitor.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.26 17:59:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Wolfgang\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009.07.14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.04.19 19:53:03 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2011.02.13 01:32:06 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.12.10 14:39:09 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.03 20:34:17 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.05.04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.04.20 00:17:20 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.12.26 23:50:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.15 18:09:38 | 000,601,088 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE -- (HauppaugeTVServer)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.02.13 01:32:11 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010.11.24 20:29:37 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.07.22 12:37:32 | 000,125,888 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.03.02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.01.12 05:37:34 | 000,325,152 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.01 18:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.11.04 15:15:18 | 000,631,360 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mod7700.sys -- (mod7700)
DRV:64bit: - [2009.11.04 15:15:18 | 000,023,744 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ModRc.sys -- (MODRC)
DRV:64bit: - [2009.10.17 06:25:54 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2009.08.05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.18 06:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.10 04:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.09 13:43:00 | 000,249,600 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw47x64.sys -- (hcw47000)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.01.09 14:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008.05.20 17:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008.02.06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.02.09 14:52:44 | 000,023,296 | ---- | M] (WideViewer Electronics CO., LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BDA_Capture_225_x64.sys -- (BDA_Capture_225)
DRV:64bit: - [2007.01.09 13:23:50 | 000,023,552 | ---- | M] (WideView Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BDA_Loader_225_x64.sys -- (BDA_Loader_225)
DRV - [2011.02.13 01:32:25 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2010.07.22 12:37:32 | 000,125,888 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.04.20 00:06:46 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2006.11.14 10:31:00 | 000,022,784 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\afc.sys -- (Afc)
DRV - [2003.09.20 20:23:06 | 000,009,728 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDIO.sys -- (ElbyCDIO)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://sport.orf.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D BC 73 D4 5F 86 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BittorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://sport.orf.at/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.10 22:23:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.13 10:12:34 | 000,000,000 | ---D | M]
 
[2010.01.26 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Extensions
[2010.01.26 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.02.26 00:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\e2vd991n.default\extensions
[2011.01.30 17:05:11 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Wolfgang\AppData\Roaming\mozilla\Firefox\Profiles\e2vd991n.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.04.20 20:20:54 | 000,002,253 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\e2vd991n.default\searchplugins\askcom.xml
[2010.12.10 22:22:14 | 000,000,935 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\e2vd991n.default\searchplugins\conduit.xml
[2010.06.22 23:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.22 23:50:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.10 21:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\WOLFGANG\PROGRAM FILES (X86)\DNA
[2007.08.29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll
[2008.09.10 00:09:32 | 000,079,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
[2010.06.22 23:50:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.23 17:01:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 17:01:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 17:01:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 17:01:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 17:01:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.19 19:38:46 | 000,001,352 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1   activate.adobe.com
O1 - Hosts: 127.0.0.1   practivate.adobe.com
O1 - Hosts: 127.0.0.1   ereg.adobe.com
O1 - Hosts: 127.0.0.1   activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1   wip3.adobe.com
O1 - Hosts: 127.0.0.1   3dns-3.adobe.com
O1 - Hosts: 127.0.0.1   3dns-2.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1   ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1   activate-sea.adobe.com
O1 - Hosts: 127.0.0.1   wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1   activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1   wwis-dubc1-vip60.adobe.com
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Program Files (x86)\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe (Corel Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [Google Updater] C:\Users\Wolfgang\AppData\Roaming\Microsoft\svchost.exe ()
O4 - HKCU..\Run: [GVJJLDJ6W3XTZ]  File not found
O4 - HKCU..\Run: [HKCU] C:\Users\Wolfgang\AppData\Roaming\winupdater\winupdater.exe (Microsoft Corporation)
O4 - HKCU..\Run: [iexplorer]  File not found
O4 - HKCU..\Run: [winssl]  File not found
O4 - HKCU..\RunOnce: [Google Updater] C:\Users\Wolfgang\AppData\Roaming\Microsoft\svchost.exe ()
O4 - HKCU..\RunServices: [Google Updater] C:\Users\Wolfgang\AppData\Roaming\Microsoft\svchost.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 192.168.0.254 213.33.99.70
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.04 16:09:30 | 000,000,000 | RH-D | M] - N:\autorun -- [ NTFS ]
O33 - MountPoints2\{2561eca4-465f-11df-b9d0-90e6ba30e433}\Shell - "" = AutoRun
O33 - MountPoints2\{2561eca4-465f-11df-b9d0-90e6ba30e433}\Shell\AutoRun\command - "" = N:\AutoRun.exe
O33 - MountPoints2\{5acaf5a7-658e-11df-88d3-90e6ba30e433}\Shell - "" = AutoRun
O33 - MountPoints2\{5acaf5a7-658e-11df-88d3-90e6ba30e433}\Shell\AutoRun\command - "" = O:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.26 18:14:19 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Desktop\avir-check
[2011.02.26 01:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011.02.22 22:02:37 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.22 22:02:36 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.22 22:02:36 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.22 22:02:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.20 17:44:52 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\AVS4YOU
[2011.02.20 17:44:32 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011.02.20 17:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011.02.20 17:44:06 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2011.02.20 17:44:05 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxhw32.dll
[2011.02.13 21:30:58 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\Documents\Corel User Files
[2011.02.13 21:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite 12
[2011.02.13 21:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011.02.13 21:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2011.02.13 10:14:02 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011.02.13 01:32:28 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011.02.13 01:32:26 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011.02.13 01:30:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfgang\AppData\Local\Sunbelt Software
[2011.02.13 01:29:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2011.02.13 01:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011.02.13 01:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011.02.13 01:29:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2011.02.13 00:04:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.13 00:04:52 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.13 00:04:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.13 00:04:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.13 00:04:52 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.13 00:04:52 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.13 00:04:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.13 00:04:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.13 00:04:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.13 00:04:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.13 00:04:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.13 00:04:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.13 00:04:40 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.13 00:04:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.13 00:04:38 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.13 00:04:38 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.13 00:04:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.13 00:04:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.13 00:04:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.13 00:04:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.13 00:04:37 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.13 00:04:35 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.13 00:04:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.13 00:04:33 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.13 00:04:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.13 00:04:33 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.13 00:04:30 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.13 00:04:30 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.13 00:04:30 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.13 00:04:29 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.13 00:04:25 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.13 00:04:25 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.13 00:04:25 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.13 00:04:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.01.29 14:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.01.29 00:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.01.29 00:40:03 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.01.29 00:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.01.29 00:40:03 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.12.14 03:20:38 | 001,169,224 | ---- | C] (Microsoft Corporation) -- C:\Users\Wolfgang\AppData\Roaming\firefox.exe
[2 C:\Users\Wolfgang\AppData\Roaming\*.tmp files -> C:\Users\Wolfgang\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.26 17:12:33 | 000,000,110 | -H-- | M] () -- C:\aaw7boot.cmd
[2011.02.26 01:06:05 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.26 01:06:05 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.25 23:51:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.25 23:50:56 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.23 01:02:06 | 000,025,600 | ---- | M] () -- C:\Users\Wolfgang\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.23 00:55:50 | 005,027,520 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.23 00:55:50 | 001,892,112 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.23 00:55:50 | 001,486,168 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.23 00:55:50 | 001,324,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.23 00:55:50 | 000,005,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.20 21:34:14 | 000,007,626 | ---- | M] () -- C:\Users\Wolfgang\AppData\Local\Resmon.ResmonCfg
[2011.02.20 17:44:36 | 000,001,293 | ---- | M] () -- C:\Users\Wolfgang\Desktop\AVS4YOU Software Navigator.lnk
[2011.02.20 17:44:16 | 000,001,237 | ---- | M] () -- C:\Users\Wolfgang\Desktop\AVS Video Converter.lnk
[2011.02.15 22:09:39 | 000,017,511 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Miles & More - E-Mail an das Miles & More Service Team.pdf
[2011.02.13 21:59:53 | 003,778,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.13 20:09:00 | 000,252,874 | ---- | M] () -- C:\Users\Wolfgang\Desktop\DVD-Wiederherstellung.JPG
[2011.02.13 01:32:25 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011.02.13 01:32:23 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2011.02.13 01:32:11 | 000,069,376 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011.02.13 01:29:39 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.02.13 01:23:10 | 000,117,019 | ---- | M] () -- C:\Users\Wolfgang\AppData\Roaming\data.dat
[2011.01.29 14:21:16 | 000,038,950 | ---- | M] () -- C:\Users\Wolfgang\Desktop\Oliver let love cover.jpg
[2011.01.29 14:08:22 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.01.29 00:40:36 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\Users\Wolfgang\AppData\Roaming\*.tmp files -> C:\Users\Wolfgang\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.26 17:12:33 | 000,000,110 | -H-- | C] () -- C:\aaw7boot.cmd
[2011.02.20 17:44:36 | 000,001,293 | ---- | C] () -- C:\Users\Wolfgang\Desktop\AVS4YOU Software Navigator.lnk
[2011.02.20 17:44:16 | 000,001,237 | ---- | C] () -- C:\Users\Wolfgang\Desktop\AVS Video Converter.lnk
[2011.02.15 22:09:39 | 000,017,511 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Miles & More - E-Mail an das Miles & More Service Team.pdf
[2011.02.13 01:47:25 | 000,016,432 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2011.02.13 01:29:39 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.01.29 14:21:15 | 000,038,950 | ---- | C] () -- C:\Users\Wolfgang\Desktop\Oliver let love cover.jpg
[2011.01.29 14:08:22 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.01.29 00:40:36 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.12.14 00:55:27 | 000,062,647 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\SQLite3.dll
[2010.12.13 22:25:24 | 000,062,709 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\Wolfgang3SQLite3.dll
[2010.12.13 01:45:30 | 000,000,000 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\MSWINSCK.OCX
[2010.12.10 21:56:16 | 000,117,019 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\data.dat
[2010.11.15 21:39:44 | 000,127,488 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\winscheduler.exe
[2010.09.15 23:33:52 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.07.18 14:25:40 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini
[2010.06.23 22:03:46 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010.05.28 21:20:33 | 000,022,117 | ---- | C] () -- C:\Users\Wolfgang\AppData\Roaming\mdbu.bin
[2010.03.26 21:48:45 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.01.17 22:41:13 | 000,007,626 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\Resmon.ResmonCfg
[2010.01.17 21:48:41 | 000,003,121 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010.01.17 15:43:07 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\sh33w32.dll
[2010.01.10 23:41:42 | 000,025,600 | ---- | C] () -- C:\Users\Wolfgang\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.07 02:35:13 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2010.01.07 01:56:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.07 01:05:20 | 000,004,096 | -H-- | C] () -- C:\Users\Wolfgang\AppData\Local\keyfile3.drm
[2009.12.27 00:31:26 | 000,033,907 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.27 00:31:19 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
[2009.12.27 00:30:56 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.12.26 21:18:47 | 000,000,507 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.14 14:53:00 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.14 14:52:54 | 000,021,951 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2005.08.02 10:03:10 | 000,001,314 | -H-- | C] () -- C:\Users\Wolfgang\AppData\Roaming\Wolfganglog.dat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.02.26 18:22:39 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\BitTorrent
[2010.07.30 15:16:29 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Blackberry Desktop
[2010.08.29 11:29:02 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Canon
[2010.01.19 01:48:02 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\CD-LabelPrint
[2010.03.06 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\com.adobe.bootstrap
[2010.04.19 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.11 02:28:41 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DNA
[2010.11.03 20:46:18 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoft
[2010.10.01 21:46:18 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.03.21 01:19:14 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\FileZilla
[2010.11.03 20:47:32 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\HandBrake
[2010.05.21 20:13:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\inkscape
[2010.02.28 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\IrfanView
[2010.03.08 22:18:21 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\mirabyte
[2010.10.28 22:30:48 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\MPEG Streamclip
[2010.10.04 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\Research In Motion
[2010.06.23 00:02:41 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\SmartTools
[2010.04.24 20:06:26 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\TeamViewer
[2010.07.18 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\TerraTec
[2010.01.26 23:42:51 | 000,000,000 | ---D | M] -- C:\Users\Wolfgang\AppData\Roaming\TomTom
[2011.01.17 19:31:48 | 000,000,000 | RHSD | M] -- C:\Users\Wolfgang\AppData\Roaming\WinDir
[2005.04.02 03:09:31 | 000,000,000 | RHSD | M] -- C:\Users\Wolfgang\AppData\Roaming\winupdater
[2011.01.22 13:54:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Extra.txt:
Code:
ATTFilter
OTL Extras logfile created on: 26.02.2011 18:26:24 - Run 1
OTL by OldTimer - Version 3.2.22.0     Folder = C:\Users\Wolfgang\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 27,00% Memory free
8,00 Gb Paging File | 4,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 65,20 Gb Free Space | 7,00% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 661,27 Gb Free Space | 70,99% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 0,08 Gb Free Space | 0,01% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 551,26 Gb Free Space | 59,18% Space Free | Partition Type: NTFS
Drive L: | 1397,26 Gb Total Space | 73,48 Gb Free Space | 5,26% Space Free | Partition Type: NTFS
Drive M: | 279,39 Gb Total Space | 171,46 Gb Free Space | 61,37% Space Free | Partition Type: NTFS
Drive N: | 1863,01 Gb Total Space | 1574,48 Gb Free Space | 84,51% Space Free | Partition Type: NTFS
 
Computer Name: WOLFGANG-PC | User Name: Wolfgang | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B561CF4-0C7D-4745-AF53-161E24E44F87}" = Adobe CS4 Italian Speech Analysis Models
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FD653A8-9CFA-4392-B89C-CCDB114DE442}" = Adobe CS4 Spanish Speech Analysis Models
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}" = Adobe CS4 Korean Speech Analysis Models
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}" = Adobe CS4 International English Speech Analysis Models
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C19692-571C-45D2-BAF2-278225787A35}" = ImageMixer 3 SE
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83E222CC-223F-BE8C-0C77-0CEBDC2F9B57}" = Acrobat.com
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7C4EAC-6E38-42E3-85AA-408874A803DE}" = Adobe CS4 German Speech Analysis Models
"{9AACCD0F-2734-4E8C-8C24-2702D4506E93}" = Adobe CS4 French Speech Analysis Models
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_942" = Adobe Acrobat 9.4.2 - CPSID_83708
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}" = Adobe CS4 Japanese Speech Analysis Models
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D4898BA0-7ACA-11DE-8A39-0800200C9A66}_is1" = mirabyte Feed Writer 2.0.0
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8781-9705-0578-2960" = MedienManager 1.0.6
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Adobe_ffcb3f2dd758cc9933975d08d2cd477" = Adobe Premiere Pro CS4
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"BittorrentBar_DE Toolbar" = BittorrentBar_DE Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"DPP" = Canon Utilities Digital Photo Professional 3.8
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"Exifer_is1" = Exifer
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.4
"Free Studio_is1" = Free Studio version 4.9
"Free Video Dub_is1" = Free Video Dub version 1.8
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.6
"HappyFoto-Designer_is1" = HappyFoto-Designer 2.7
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"IrfanView" = IrfanView (remove only)
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"TeamViewer 5" = TeamViewer 5
"TerraTec T5" = TerraTec T5 V3.12.00.00a
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.6
"WFTK" = Canon Utilities WFT Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"FileZilla Client" = FileZilla Client 3.3.2
"sc11-AT_ORF_MAIN" = Ski Challenge 11 (AT)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.10.2010 15:28:36 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:28:36 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:28:36 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:28:36 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:32:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:32:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:32:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:32:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:44:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.10.2010 15:44:53 | Computer Name = Wolfgang-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ Media Center Events ]
Error - 16.01.2010 17:26:15 | Computer Name = Wolfgang-PC | Source = MCUpdate | ID = 0
Description = 22:26:14 - Fehler beim Herstellen der Internetverbindung.  22:26:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.01.2010 17:26:48 | Computer Name = Wolfgang-PC | Source = MCUpdate | ID = 0
Description = 22:26:44 - Fehler beim Herstellen der Internetverbindung.  22:26:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.03.2010 18:28:22 | Computer Name = Wolfgang-PC | Source = MCUpdate | ID = 0
Description = 23:28:22 - Fehler beim Herstellen der Internetverbindung.  23:28:22 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.03.2010 18:28:59 | Computer Name = Wolfgang-PC | Source = MCUpdate | ID = 0
Description = 23:28:52 - Fehler beim Herstellen der Internetverbindung.  23:28:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.06.2010 17:20:13 | Computer Name = Wolfgang-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) USB Digital-TV
 Receiver.
 
Error - 27.06.2010 15:39:06 | Computer Name = Wolfgang-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) USB Digital-TV
 Receiver.
 
Error - 02.07.2010 19:55:59 | Computer Name = Wolfgang-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) USB Digital-TV
 Receiver.
 
[ System Events ]
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:45 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:46 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:46 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
Error - 20.02.2011 12:06:46 | Computer Name = Wolfgang-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk11\DR12.
 
 
< End of report >
         
Ich hoffe, dass Du irgenwann Zeit für eine Analyse findest.

Danke
McFaul


Alt 27.02.2011, 16:14   #6
rea
/// Helfer-Team
 
TR/Dropper.Gen hat mich erwischt - Standard

TR/Dropper.Gen hat mich erwischt



Code:
ATTFilter
O1 - Hosts: 127.0.0.1   activate.adobe.com
O1 - Hosts: 127.0.0.1   practivate.adobe.com
O1 - Hosts: 127.0.0.1   ereg.adobe.com
O1 - Hosts: 127.0.0.1   activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1   wip3.adobe.com
O1 - Hosts: 127.0.0.1   3dns-3.adobe.com
O1 - Hosts: 127.0.0.1   3dns-2.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1   adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1   ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1   activate-sea.adobe.com
O1 - Hosts: 127.0.0.1   wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1   activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1   wwis-dubc1-vip60.adobe.com
         
Scheinbar nutzt du deine gesamte Adobesoftware ohne gültige Lizenz. Bei sowas beschränkt sich hier der Support auf die Anleitung zum Neuaufsetzen. Die findest du, wenn du mal bei den Anleitungen schaust.

Ciao, rea
__________________
--> TR/Dropper.Gen hat mich erwischt

Antwort

Themen zu TR/Dropper.Gen hat mich erwischt
beheben, erwischt, files, infizierte, infizierten, jedesmal, neustart, quarantäne, tagen, tr/dropper.gen, verschieben



Ähnliche Themen: TR/Dropper.Gen hat mich erwischt


  1. TR/Dropper.MSIL.175154 hat mich erwischt
    Log-Analyse und Auswertung - 17.08.2015 (9)
  2. Plus HD 4-2 hat mich erwischt, als Programmanhängsel :-(
    Plagegeister aller Art und deren Bekämpfung - 06.02.2014 (15)
  3. Hat es mich schon erwischt?
    Plagegeister aller Art und deren Bekämpfung - 23.04.2013 (6)
  4. Virus hat mich erwischt und mich Infiziert
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (3)
  5. (2x) Polizeitrojaner hat mich erwischt
    Mülltonne - 03.01.2013 (1)
  6. 50€ Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 13.03.2012 (1)
  7. Der 50€ Virus hat mich erwischt
    Log-Analyse und Auswertung - 16.02.2012 (11)
  8. Spyeye hat mich erwischt...
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (76)
  9. HDD LOW hat mich auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 29.12.2010 (19)
  10. Mich hat's erwischt...
    Log-Analyse und Auswertung - 17.10.2008 (6)
  11. Mich hat es erwischt
    Plagegeister aller Art und deren Bekämpfung - 25.11.2006 (20)
  12. Mich hat's erwischt :(
    Log-Analyse und Auswertung - 15.12.2005 (2)
  13. Mich hats Erwischt!
    Log-Analyse und Auswertung - 16.09.2005 (3)
  14. Mich hat es erwischt! :-(
    Log-Analyse und Auswertung - 03.09.2005 (3)
  15. auch mich hat es erwischt!
    Log-Analyse und Auswertung - 05.03.2005 (2)
  16. MIch hats erwischt
    Log-Analyse und Auswertung - 02.11.2004 (2)
  17. Hat es mich erwischt?
    Antiviren-, Firewall- und andere Schutzprogramme - 03.06.2003 (3)

Zum Thema TR/Dropper.Gen hat mich erwischt - Hallo zusammen Habe vor ein paar Tagen die Info bekommen (AVIR), dass ich mir den TR/Dropper.Gen eingehandelt habe. Durch verschieben der infizierten files in die Quarantäne ist das aber nicht - TR/Dropper.Gen hat mich erwischt...
Archiv
Du betrachtest: TR/Dropper.Gen hat mich erwischt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.