Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
50€ - Trojaner mal wieder...

50€ - Trojaner mal wieder...


Plagegeister aller Art und deren Bekämpfung: 50€ - Trojaner mal wieder...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.03.2012, 20:26   #1
eike91
 
50€ - Trojaner mal wieder... - Standard

50€ - Trojaner mal wieder...


Hallo, auch ich habe mir den 50€-Trojaner eingefangen. Vorhin wurde mein Bildschirm plötzlich schwarz mit der Meldung "Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert" und der Aufforderung, 50 € für ein Update zu zahlen. Habe mir bereits im abgesicherten Modus OTL heruntergeladen und einen QuickScan durchgeführt, Logfiles siehe unten.

Vielen Dank im Voraus für eure Hilfe.

Eike

OTL-Logfile:

OTL logfile created on: 14.03.2012 20:14:56 - Run 1
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Users\Eike\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,79 Gb Total Physical Memory | 3,28 Gb Available Physical Memory | 86,34% Memory free
7,59 Gb Paging File | 7,07 Gb Available in Paging File | 93,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 93,71 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 427,59 Gb Total Space | 427,49 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 2,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EIKE-NOTEBOOK | User Name: Eike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Eike\Desktop\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (NitroReaderDriverReadSpool) -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe (Nitro PDF Software)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SearchAnonymizer) -- C:\Users\Eike\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (66671092) -- C:\Windows\SysNative\drivers\66671092.sys (Kaspersky Lab)
DRV:64bit: - (setup_9.0.0.722_14.03.2012_06-25drv) -- C:\Windows\SysNative\drivers\6667109.sys (Kaspersky Lab)
DRV:64bit: - (66671091) -- C:\Windows\SysNative\drivers\66671091.sys (Kaspersky Lab)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{1C8348D9-930C-4A43-BC2D-3317E48A933E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{49A1EAB0-1144-4A07-8F2E-E6A8A4DD5FA0}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{4E3CFD44-98A2-4069-88AE-41A2E1CCE162}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6963712E636F6D2F7365617263682F726573756C74732E7068703F713D7B7365617263685465726D737D2663685F69643D6F7364&st={sea rchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{6A0AF959-D626-4115-874B-2C77F0525E64}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{A8030CB7-5E47-4409-B6C1-C06F03B00237}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F75726365 3D3426637469643D435432373336343736&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{FEB66B4D-C854-4D57-8B4D-8CA70166ADA2}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=8bf3c4b8-2688-417c-995d-022582a01b25&pid=freewarede&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=2&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/Chem3D,version=12.0: C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/ChemDraw,version=12.0: C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 10:22:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.26 15:25:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@shopping-preise.de: C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\extensions\mail@shopping-preise.de

[2011.05.30 18:01:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eike\AppData\Roaming\mozilla\Extensions
[2012.03.10 23:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eike\AppData\Roaming\mozilla\Firefox\Profiles\3t0hc7ei.default\extensions
[2012.03.10 17:47:08 | 000,000,000 | ---D | M] (Freeware.de Community Toolbar) -- C:\Users\Eike\AppData\Roaming\mozilla\Firefox\Profiles\3t0hc7ei.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}
[2012.01.04 17:02:32 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Eike\AppData\Roaming\mozilla\Firefox\Profiles\3t0hc7ei.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.13 14:30:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Eike\AppData\Roaming\mozilla\Firefox\Profiles\3t0hc7ei.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.07.22 15:15:36 | 000,000,000 | ---D | M] ("bug489729") -- C:\Users\Eike\AppData\Roaming\mozilla\Firefox\Profiles\3t0hc7ei.default\extensions\bug489729@alice0775
[2012.03.10 18:44:53 | 000,001,087 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\11-suche.xml
[2012.03.10 18:44:53 | 000,001,131 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\conduit.xml
[2012.03.10 18:44:53 | 000,002,422 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\englische-ergebnisse.xml
[2012.03.10 18:44:53 | 000,010,703 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\gmx-suche.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-1.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-2.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-3.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-4.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-5.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-6.xml
[2012.03.10 18:44:53 | 000,001,103 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin-7.xml
[2012.03.10 18:44:53 | 000,001,120 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\icqplugin.xml
[2012.03.10 18:44:53 | 000,002,708 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\lastminute.xml
[2012.03.10 18:44:53 | 000,005,682 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\webde-suche.xml
[2012.03.10 18:44:53 | 000,002,188 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\{6ADFFA94-5A6E-49D7-B926-239151B4BBE0}.xml
[2012.03.10 18:44:53 | 000,002,077 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\{6B526B4C-9D96-48F9-A184-B0188FAC8B02}.xml
[2012.03.10 18:44:53 | 000,001,870 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Mozilla\Firefox\Profiles\3t0hc7ei.default\searchplugins\{FC13FB38-297D-46E0-9C8F-11B313147B3C}.xml
[2011.11.09 07:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.09 01:32:25 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
() (No name found) -- C:\USERS\EIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3T0HC7EI.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
() (No name found) -- C:\USERS\EIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3T0HC7EI.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.02.18 10:22:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.17 20:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.03.10 18:44:53 | 000,001,684 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.10 18:44:53 | 000,001,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.10 18:44:53 | 000,001,271 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.10 18:44:53 | 000,007,051 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.10 18:44:53 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.10 18:44:53 | 000,001,170 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Eike\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SkypeM] C:\Users\Eike\AppData\Local\Skype\Skype.exe (Twain Working Group)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_14.03.2012_06-25.lnk = C:\Users\Eike\Desktop\DE-Cleaner powered by Kaspersky\setup_9.0.0.722_14.03.2012_06-25\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Eike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Eike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Eike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Eike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05087AF5-09D3-4071-B730-1F485CA40E76}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.29 17:06:55 | 000,155,648 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.09.11 13:55:33 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2005.03.14 16:30:41 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{36b6d7ac-89f7-11df-8f2a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{36b6d7ac-89f7-11df-8f2a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2005.09.29 17:06:55 | 000,155,648 | R--- | M] ()
O33 - MountPoints2\{b2cc3dd6-289b-11e1-8262-20cf300a6b7e}\Shell - "" = AutoRun
O33 - MountPoints2\{b2cc3dd6-289b-11e1-8262-20cf300a6b7e}\Shell\AutoRun\command - "" = F:\install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.03.14 20:08:29 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Eike\Desktop\OTL.exe
[2012.03.14 19:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.03.14 19:43:26 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\6667109.sys
[2012.03.14 19:43:26 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\66671091.sys
[2012.03.14 19:43:26 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\66671092.sys
[2012.03.14 19:43:25 | 000,000,000 | ---D | C] -- C:\Users\Eike\Desktop\DE-Cleaner powered by Kaspersky
[2012.03.10 20:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts-Simulator 2009
[2012.03.10 20:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts-Simulator 2009
[2012.03.10 19:19:56 | 000,000,000 | ---D | C] -- C:\Users\Eike\Documents\My Games
[2012.03.10 18:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011 Demo
[2012.03.10 18:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011 Demo
[2012.03.10 18:44:53 | 000,000,000 | ---D | C] -- C:\Users\Eike\AppData\Roaming\Opera
[2012.03.10 18:44:53 | 000,000,000 | ---D | C] -- C:\Users\Eike\AppData\Roaming\DesktopIconForAmazon
[2012.03.10 18:44:49 | 000,000,000 | ---D | C] -- C:\Users\Eike\AppData\Roaming\OCS
[2012.03.10 17:46:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.03.10 17:46:46 | 000,000,000 | ---D | C] -- C:\Users\Eike\AppData\Local\Conduit
[2012.03.10 17:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freeware.de
[2012.03.10 17:46:32 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll
[2012.03.10 17:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.03.10 17:35:39 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.03.10 17:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.03.10 17:35:01 | 000,000,000 | ---D | C] -- C:\Users\Eike\AppData\Roaming\DAEMON Tools Lite
[2012.03.10 17:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.03.03 13:43:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.02.21 16:27:43 | 000,000,000 | ---D | C] -- C:\Users\Eike\Documents\Physik 1
[2012.02.21 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\Eike\Documents\Physik 2
[2012.02.21 16:26:04 | 000,000,000 | ---D | C] -- C:\Users\Eike\Documents\OC-GPR

========== Files - Modified Within 30 Days ==========

[2012.03.14 20:14:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.14 20:13:49 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.14 20:08:30 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Eike\Desktop\OTL.exe
[2012.03.14 19:57:56 | 001,726,154 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.14 19:57:56 | 000,740,708 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.14 19:57:56 | 000,696,218 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.14 19:57:56 | 000,159,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.14 19:57:56 | 000,132,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.14 19:52:20 | 000,002,124 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.03.14 19:52:11 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.14 19:43:52 | 000,002,317 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_14.03.2012_06-25.lnk
[2012.03.14 18:48:13 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012.03.14 18:37:53 | 000,001,229 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.03.14 18:22:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.10 20:01:56 | 000,001,285 | ---- | M] () -- C:\Users\Eike\Desktop\Landwirtschafts-Simulator 2009.lnk
[2012.03.10 18:56:11 | 000,001,330 | ---- | M] () -- C:\Users\Eike\Desktop\Landwirtschafts Simulator 2011 Demo.lnk
[2012.03.10 18:44:53 | 000,001,450 | ---- | M] () -- C:\Users\Eike\Desktop\Amazon.lnk
[2012.03.10 17:38:57 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.10 17:38:57 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.10 17:36:45 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.03.10 17:35:39 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.03.01 13:53:05 | 000,001,023 | ---- | M] () -- C:\Users\Eike\Desktop\Dropbox.lnk
[2012.03.01 13:53:05 | 000,001,003 | ---- | M] () -- C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.02.22 21:47:17 | 000,001,316 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold Kingdoms.lnk

========== Files Created - No Company Name ==========

[2012.03.14 19:43:52 | 000,002,317 | ---- | C] () -- C:\Users\Eike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_14.03.2012_06-25.lnk
[2012.03.14 18:48:13 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012.03.10 20:01:56 | 000,001,285 | ---- | C] () -- C:\Users\Eike\Desktop\Landwirtschafts-Simulator 2009.lnk
[2012.03.10 18:56:11 | 000,001,330 | ---- | C] () -- C:\Users\Eike\Desktop\Landwirtschafts Simulator 2011 Demo.lnk
[2012.03.10 18:44:53 | 000,001,450 | ---- | C] () -- C:\Users\Eike\Desktop\Amazon.lnk
[2012.03.10 17:46:32 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.03.10 17:36:45 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.02.22 21:47:17 | 000,001,316 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold Kingdoms.lnk
[2012.01.17 19:22:43 | 000,000,537 | ---- | C] () -- C:\Users\Eike\AppData\Roaming\solvents.map
[2011.05.31 17:54:40 | 001,623,544 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.11 18:15:08 | 000,874,048 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011.02.11 18:15:08 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011.02.11 18:15:08 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.07.07 19:54:56 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.07.07 19:30:26 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== LOP Check ==========

[2011.12.15 18:14:20 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Advanced Chemistry Development
[2011.05.31 14:21:10 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Asus WebStorage
[2012.03.10 17:38:44 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\DAEMON Tools Lite
[2012.01.16 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\DAEMON Tools Pro
[2012.03.10 18:44:53 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\DesktopIconForAmazon
[2011.05.31 17:34:29 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Downloaded Installations
[2012.03.14 19:52:47 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Dropbox
[2011.09.14 22:39:31 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\DVDVideoSoft
[2011.09.14 22:39:24 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.07 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\FileZilla
[2011.06.29 19:45:22 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Firefly Studios
[2012.03.14 18:49:41 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\ICQ
[2011.10.04 16:13:23 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\LyX2.0
[2011.12.19 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\MusicNet
[2011.05.31 18:56:25 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Nitro PDF
[2012.03.10 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\OCS
[2012.03.14 19:49:57 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Onfyvu
[2011.06.09 10:10:46 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\OpenOffice.org
[2012.03.10 18:44:53 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Opera
[2012.02.05 19:45:21 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\SoftGrid Client
[2011.05.31 17:54:17 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\TP
[2011.12.19 19:59:36 | 000,000,000 | ---D | M] -- C:\Users\Eike\AppData\Roaming\Ydnaut
[2009.07.14 06:08:49 | 000,011,446 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C8B8CEBD

< End of report >


Extras.txt

OTL Extras logfile created on: 14.03.2012 20:14:56 - Run 1
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Users\Eike\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,79 Gb Total Physical Memory | 3,28 Gb Available Physical Memory | 86,34% Memory free
7,59 Gb Paging File | 7,07 Gb Available in Paging File | 93,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 93,71 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 427,59 Gb Total Space | 427,49 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 2,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: EIKE-NOTEBOOK | User Name: Eike | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02233C32-A584-4337-9FD1-864F6BC43F67}" = Nitro PDF Reader
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DesktopIconAmazon" = Desktop Icon für Amazon
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"SearchAnonymizer" = SearchAnonymizer
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF Professional Server 5.4 printer)
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam
"WinRAR archiver" = WinRAR 4.01 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = shopping-preise.de - AddOn für Firefox
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{3AB4E8CB-3321-4D43-8A59-885338A6EBF9}" = STATISTICA 8.0.725.0 CS
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{58D379F7-62BC-4748-8237-FE071ECE797C}" = Microsoft SQL Server 2005 Tools
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7240A69A-AC53-46A1-9039-1281DDBBE452}" = Cisco AnyConnect VPN Client
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8C363CB9-9F31-4349-8491-762C42D3FDFB}" = CambridgeSoft Desktop Inventory 12.0
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A1E1083D-249D-483C-AD92-CDCFA230A4C7}" = STATISTICA CambridgeSoft Integration
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (CSSQL05)
"{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi
"{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}" = syncables desktop SE
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{D06EF6C2-62D8-4308-897E-B20FE81712B4}" = CambridgeSoft ChemBioOffice Ultra 2010
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E145D9BE-D521-4527-A85D-2B2D47725506}" = CambridgeSoft ChemScript 12.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{EA8A00F7-42F3-451A-8FE6-B0947FDC393D}" = IKEA HomePlanner Office
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ECE4289B-68C8-4D30-9C65-84CC2052CCFF}" = CambridgeSoft BioAssay 12.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F596E368-2A1D-4896-AB37-C81BFA4DD011}" = CambridgeSoft ENotebook 12.0.1
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F92C4EE6-BEA9-11D7-9E00-0004769EEFEB}" = USA Raser
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ACDLabs in C__Program_Files_ChemSketch_" = ACD/Labs Software in C:\Program Files\ChemSketch\
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS WebStorage" = ASUS WebStorage
"Autobahn Raser IV" = Autobahn Raser IV
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDx 4.0 Open Edition" = DVDx 4.0 Open Edition
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"FarmingSimulator2011DemoDE_is1" = Landwirtschafts Simulator 2011 Demo
"FileZilla Client" = FileZilla Client 3.5.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.14.908
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.7.804
"Freeware.de Toolbar" = Freeware.de Toolbar
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"iMesh" = iMesh
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"LyX20" = LyX 2.0.0-3
"MestReC_is1" = MestReC 4.9.9
"MestReNova LITE" = MestReNova LITE 5.2.5-4731
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TinyCAD" = TinyCAD 2.80.03
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.02.2012 06:29:36 | Computer Name = Eike-Notebook | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 28.02.2012 06:32:13 | Computer Name = Eike-Notebook | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.

Error - 28.02.2012 13:58:48 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm StrongholdKingdoms.exe, Version 1.1.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: a8 Startzeit: 01ccf5fce0c77a17 Endzeit: 55 Anwendungspfad: C:\ProgramData\Firefly
Studios\Stronghold Kingdoms\1.21.1.25\StrongholdKingdoms.exe Berichts-ID: d8b4ade0-6235-11e1-a24d-20cf300a6b7e


Error - 28.02.2012 14:40:01 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm StrongholdKingdoms.exe, Version 1.1.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1128 Startzeit: 01ccf642c13a7784 Endzeit: 15 Anwendungspfad:
C:\ProgramData\Firefly Studios\Stronghold Kingdoms\1.21.1.25\StrongholdKingdoms.exe

Berichts-ID:
9bc83d3e-623b-11e1-a24d-20cf300a6b7e

Error - 28.02.2012 14:44:56 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm StrongholdKingdoms.exe, Version 1.1.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1770 Startzeit: 01ccf648e0e1b651 Endzeit: 16 Anwendungspfad:
C:\ProgramData\Firefly Studios\Stronghold Kingdoms\1.21.1.25\StrongholdKingdoms.exe

Berichts-ID:
4a3b11eb-623c-11e1-88e5-20cf300a6b7e

Error - 28.02.2012 15:10:12 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm StrongholdKingdoms.exe, Version 1.1.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: e54 Startzeit: 01ccf6491514c114 Endzeit: 156 Anwendungspfad:
C:\ProgramData\Firefly Studios\Stronghold Kingdoms\1.21.1.25\StrongholdKingdoms.exe

Berichts-ID:
cb08c544-623f-11e1-88e5-20cf300a6b7e

Error - 29.02.2012 07:02:53 | Computer Name = Eike-Notebook | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 29.02.2012 07:05:30 | Computer Name = Eike-Notebook | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax.

Error - 29.02.2012 17:43:07 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 10.0.2.4428 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d58 Startzeit:
01ccf72636af6e35 Endzeit: 128 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
5b87cd60-631e-11e1-88e5-20cf300a6b7e

Error - 29.02.2012 18:06:13 | Computer Name = Eike-Notebook | Source = Application Hang | ID = 1002
Description = Programm ControlDeck.exe, Version 1.0.6.5 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b44 Startzeit:
01ccf72e2967c47d Endzeit: 16 Anwendungspfad: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

Berichts-ID:
91c65d00-6321-11e1-88d9-72f06d368626

[ Cisco AnyConnect VPN Client Events ]
Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2423 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 14.03.2012 14:52:00 | Computer Name = Eike-Notebook | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory

[ System Events ]
Error - 02.11.2011 09:33:36 | Computer Name = Eike-Notebook | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR17
gefunden.

Error - 16.11.2011 19:38:12 | Computer Name = Eike-Notebook | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{05087AF5-09D3-4071-B730-1F485CA40E76} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error - 16.11.2011 19:38:12 | Computer Name = Eike-Notebook | Source = NetBT | ID = 4321
Description = Der Name "EIKE-NOTEBOOK :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.1.3 registriert werden. Der Computer mit IP-Adresse 192.168.1.2
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.11.2011 19:38:13 | Computer Name = Eike-Notebook | Source = NetBT | ID = 4321
Description = Der Name "EIKE-NOTEBOOK :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.1.3 registriert werden. Der Computer mit IP-Adresse 192.168.1.2
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 28.11.2011 14:36:14 | Computer Name = Eike-Notebook | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?11.?2011 um 19:34:36 unerwartet heruntergefahren.

Error - 29.11.2011 18:48:22 | Computer Name = Eike-Notebook | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?11.?2011 um 23:47:33 unerwartet heruntergefahren.

Error - 16.01.2012 17:47:24 | Computer Name = Eike-Notebook | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR11
gefunden.

Error - 08.02.2012 16:38:44 | Computer Name = Eike-Notebook | Source = DCOM | ID = 10010
Description =

Error - 27.02.2012 09:30:41 | Computer Name = Eike-Notebook | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?27.?02.?2012 um 14:29:29 unerwartet heruntergefahren.

Error - 29.02.2012 18:04:40 | Computer Name = Eike-Notebook | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?02.?2012 um 23:03:32 unerwartet heruntergefahren.


< End of report >

 

Themen zu 50€ - Trojaner mal wieder...
64-bit, alternate, autorun, bho, bildschirm, blockiert, canon, conduit, converter, defender, document, error, explorer, failed, fehler, firefox, flash player, format, gfnexsrv.exe, google chrome, google earth, home, ip-adresse, kaspersky, microsoft office starter 2010, microsoft office word, mp3, netzwerk, nvidia, plug-in, programm, registry, richtlinie, rundll, searchscopes, security, software, trojaner, usb, version=1.0


« GEMA Virus auf Laptop mit Vista. | Antivir meldet BDS/ZAccess.AX.1 sowie nach einem Scan 4 weitere Funde »


Ähnliche Themen: 50€ - Trojaner mal wieder...


  1. Mal wieder der BKa ,GVU Trojaner
    Log-Analyse und Auswertung - 21.02.2014 (3)
  2. GVU-Trojaner mal wieder...
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (9)
  3. GVU Trojaner, wal wieder
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (3)
  4. Mal wieder der GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 02.08.2012 (19)
  5. Wieder BKA- Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (8)
  6. Mal wieder BKA Trojaner...
    Log-Analyse und Auswertung - 20.12.2011 (13)
  7. BKA-Trojaner mal wieder
    Log-Analyse und Auswertung - 06.08.2011 (3)
  8. Wieder ein BKA Trojaner ...
    Plagegeister aller Art und deren Bekämpfung - 04.08.2011 (32)
  9. Und wieder ein BKA-Trojaner
    Log-Analyse und Auswertung - 17.04.2011 (4)
  10. BKA-Trojaner - mal wieder!
    Log-Analyse und Auswertung - 15.04.2011 (17)
  11. Wieder der BKA Trojaner
    Log-Analyse und Auswertung - 15.04.2011 (11)
  12. Windows Vista startet nicht, fährt sofort wieder runter und gleich wieder hoch...
    Alles rund um Windows - 03.04.2010 (3)
  13. Trojaner wieder da
    Plagegeister aller Art und deren Bekämpfung - 24.04.2009 (6)
  14. trojaner meldet sich wieder und wieder
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (4)
  15. Mal wieder ein Trojaner :-(
    Log-Analyse und Auswertung - 17.05.2006 (2)
  16. Wieder ein Trojaner!
    Log-Analyse und Auswertung - 28.05.2005 (1)
  17. wieder Trojaner?
    Log-Analyse und Auswertung - 02.03.2005 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 50€ - Trojaner mal wieder... - Hallo, auch ich habe mir den 50€-Trojaner eingefangen. Vorhin wurde mein Bildschirm plötzlich schwarz mit der Meldung "Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert" und der Aufforderung, 50 € für ein - 50€ - Trojaner mal wieder......
Archiv
Du betrachtest: 50€ - Trojaner mal wieder... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58