| |
| |||||||
Log-Analyse und Auswertung: windows verschlüsselungs trojaner logfilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
28.04.2012, 15:35
| #1 |
| |  windows verschlüsselungs trojaner logfiles hallo Kira! ehrlich gesagt war ich schon ziemlich verzagt, als ich mir diesen windows verschlüsselungs trojaner eingefangen habe, aber deine anweisungen haben mir bisher total gut geholfen. danke erst einmal. es kam auch das fenster mit der zahlungsaufforderung, im abgesicherten modus konnte ich dann aber starten und eine systemwiederherstellung durchführen. aus meine dateien konnte ich und kann ich ganz normal zugreifen; dass etwas verschlüsselt war/ ist, wäre mir nicht aufgefallen nun poste ich mal meine logfiles OTL Code:
ATTFilter OTL logfile created on: 28.04.2012 15:25:39 - Run 1 OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\PAUL\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,57% Memory free 5,98 Gb Paging File | 4,79 Gb Available in Paging File | 80,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 424,66 Gb Total Space | 148,94 Gb Free Space | 35,07% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 30,25 Gb Free Space | 75,62% Space Free | Partition Type: NTFS Computer Name: PAULS_PC | User Name: PAUL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.04.28 15:17:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PAUL\Downloads\OTL.exe PRC - [2012.03.29 10:47:48 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.01 12:46:14 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.12.11 12:23:27 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.05.21 00:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2010.05.21 00:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE PRC - [2009.12.22 13:57:36 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe PRC - [2009.12.17 11:18:24 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009.12.17 11:17:54 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009.11.02 15:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.10.02 14:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009.07.01 19:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2009.07.01 19:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2008.07.04 09:47:18 | 005,726,720 | ---- | M] (ZTE Corporation) -- C:\Programme\MODEM Mobiler Anschluss\MODEM Mobile Connection.exe PRC - [2006.09.01 11:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Programme\WINZIP\WZQKPICK.EXE PRC - [2005.12.20 10:06:54 | 000,323,584 | ---- | M] () -- C:\Programme\Office-Bibliothek\PCLib.exe PRC - [2005.02.16 16:15:20 | 000,581,632 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\agent.exe PRC - [2001.01.04 13:22:40 | 000,135,168 | ---- | M] () -- C:\Windows\System32\TXTUSER.EXE ========== Modules (No Company Name) ========== MOD - [2012.04.11 11:29:45 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll MOD - [2012.04.11 11:29:07 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll MOD - [2012.04.11 11:29:00 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll MOD - [2012.03.29 10:47:48 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.02.17 04:22:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll MOD - [2012.02.17 04:22:11 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll MOD - [2012.02.17 04:22:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll MOD - [2012.02.17 04:22:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll MOD - [2012.02.17 04:22:01 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll MOD - [2011.10.13 18:41:44 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010.11.13 02:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.13 01:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010.05.04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll MOD - [2010.02.04 21:11:30 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3638.29735__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll MOD - [2010.02.04 21:11:30 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3638.29705__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.02.04 21:11:30 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3638.29613__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:30 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.02.04 21:11:30 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:30 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3638.29672__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.02.04 21:11:30 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3638.29685__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3638.29622__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3638.29706__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3638.29666__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3638.29656__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3638.29628__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.02.04 21:11:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3638.29622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.02.04 21:11:30 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3638.29736__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3638.29731__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3638.29659__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3638.29634__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3638.29680__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010.02.04 21:11:29 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3638.29653__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010.02.04 21:11:29 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3638.29664__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010.02.04 21:11:29 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3638.29657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3638.29663__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010.02.04 21:11:29 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010.02.04 21:11:28 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3638.29730__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2010.02.04 21:11:28 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3622.19977__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3622.19970__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.02.04 21:11:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3638.29710__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.02.04 21:11:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3622.19967__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3622.19962__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3622.19963__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3622.19993__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3622.19972__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3622.19974__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.02.04 21:11:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3622.19964__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3622.19967__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.02.04 21:11:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3622.19964__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3622.19965__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3622.19974__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3622.19966__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3622.19978__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3622.19975__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3622.19967__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.02.04 21:11:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3622.19974__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.02.04 21:11:28 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.02.04 21:11:28 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.02.04 21:11:27 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3638.29618__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.02.04 21:11:27 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3638.29694__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.02.04 21:11:27 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3638.29627__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.02.04 21:11:27 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3638.29699__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.02.04 21:11:27 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3638.29698__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.02.04 21:11:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.02.04 21:11:27 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3638.29609__90ba9c70f846762e\APM.Server.dll MOD - [2010.02.04 21:11:27 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3638.29612__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010.02.04 21:11:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.02.04 21:11:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.02.04 21:11:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.02.04 21:11:27 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.02.04 21:11:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.02.04 21:11:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.02.04 21:11:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3622.19967__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.02.04 21:11:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.02.04 21:11:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3622.19968__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010.02.04 21:11:27 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3638.29699__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010.02.04 21:11:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3638.29610__90ba9c70f846762e\AEM.Server.dll MOD - [2009.11.02 15:23:36 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.02 15:20:10 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll MOD - [2009.07.01 19:03:24 | 000,132,384 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2008.07.04 09:31:48 | 001,088,000 | ---- | M] () -- C:\Programme\MODEM Mobiler Anschluss\DLL_Netcard_R.dll MOD - [2008.07.02 16:03:22 | 000,265,728 | ---- | M] () -- C:\Programme\MODEM Mobiler Anschluss\language\lan_GE.dll MOD - [2008.06.10 18:59:48 | 001,078,784 | ---- | M] () -- C:\Programme\MODEM Mobiler Anschluss\WaitingForm.dll MOD - [2006.02.09 11:03:16 | 000,040,960 | ---- | M] () -- C:\Programme\Office-Bibliothek\oleacc.dll MOD - [2005.12.20 10:06:54 | 000,323,584 | ---- | M] () -- C:\Programme\Office-Bibliothek\PCLib.exe MOD - [2005.12.20 10:06:54 | 000,176,128 | ---- | M] () -- C:\Programme\Office-Bibliothek\PAGOFFBIB.dll MOD - [2001.03.12 18:02:08 | 000,045,056 | ---- | M] () -- C:\Programme\Office-Bibliothek\KDMod.dll MOD - [2001.03.07 15:09:14 | 000,049,152 | ---- | M] () -- C:\Programme\Office-Bibliothek\KDHook.dll MOD - [2001.01.17 09:50:28 | 000,266,310 | ---- | M] () -- C:\Programme\Office-Bibliothek\ActivePG.dll MOD - [2001.01.04 13:22:40 | 000,135,168 | ---- | M] () -- C:\Windows\System32\TXTUSER.EXE MOD - [1999.12.16 10:33:34 | 000,032,768 | ---- | M] () -- C:\Programme\Office-Bibliothek\kapkey.dll ========== Win32 Services (SafeList) ========== SRV - [2011.07.17 17:54:17 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.01 12:46:14 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.06 00:14:53 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.12.17 11:17:54 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.01 19:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) ========== Driver Services (SafeList) ========== DRV - [2011.07.17 17:54:17 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.17 17:54:17 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.01.19 18:55:06 | 000,996,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) DRV - [2009.12.17 18:52:18 | 005,145,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.09.30 10:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009.09.22 11:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009.09.19 17:52:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.09.19 17:52:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.09.19 17:52:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.27 15:15:04 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data] IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.linkury.com/newtab.html IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\SearchScopes\{3DDEDABB-4693-43EC-BDB3-01F610EDBEEE}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\SearchScopes\{3E6B960D-DD39-4BB5-BFA2-359C13A58BB0}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^AT&apn_uid=72176d28-b647-4af9-a9d0-25a4338ef301&apn_sauid=2E6CFBCB-B691-4164-A959-724CC298B011 IE - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Linkury Smartbar Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.at" FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..keyword.URL: "hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:7317400059&cof=FORID:11&sa=Search&siteurl=search.linkury.com&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Programme\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.29 10:47:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.01 21:29:06 | 000,000,000 | ---D | M] [2010.06.16 20:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PAUL\AppData\Roaming\mozilla\Extensions [2012.04.28 15:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PAUL\AppData\Roaming\mozilla\Firefox\Profiles\xozvwgn1.default\extensions [2012.02.07 20:51:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\PAUL\AppData\Roaming\mozilla\Firefox\Profiles\xozvwgn1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.07.20 18:17:52 | 000,002,571 | ---- | M] () -- C:\Users\PAUL\AppData\Roaming\Mozilla\Firefox\Profiles\xozvwgn1.default\searchplugins\askcom.xml [2012.03.15 22:03:38 | 000,002,412 | ---- | M] () -- C:\Users\PAUL\AppData\Roaming\Mozilla\Firefox\Profiles\xozvwgn1.default\searchplugins\Linkury Smartbar Search.xml [2011.08.21 13:53:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.08.21 13:53:59 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.03.29 10:47:48 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.01.30 21:12:43 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.30 21:12:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.01.30 21:12:43 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.01.30 21:12:43 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.30 21:12:43 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.30 21:12:42 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-3816966075-2006131874-3715856549-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DNS7reminder] C:\Programme\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\PAUL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\PAUL\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.3.96.67 195.3.96.68 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1D055-E35E-4761-85F2-6948EEE9345A}: DhcpNameServer = 217.237.148.70 192.168.123.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBEA6DE-8F1F-466F-969C-649F9BDEE9CE}: DhcpNameServer = 195.3.96.67 195.3.96.68 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{346ade86-5221-11e0-b804-0022200a082d}\Shell - "" = AutoRun O33 - MountPoints2\{346ade86-5221-11e0-b804-0022200a082d}\Shell\AutoRun\command - "" = G:\SETUP.EXE O33 - MountPoints2\{346ade86-5221-11e0-b804-0022200a082d}\Shell\configure\command - "" = G:\SETUP.EXE O33 - MountPoints2\{346ade86-5221-11e0-b804-0022200a082d}\Shell\install\command - "" = G:\SETUP.EXE O33 - MountPoints2\{dd7a1f99-ceec-11df-9692-0022200a082d}\Shell - "" = AutoRun O33 - MountPoints2\{dd7a1f99-ceec-11df-9692-0022200a082d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{dd7a1fbd-ceec-11df-9692-0022200a082d}\Shell - "" = AutoRun O33 - MountPoints2\{dd7a1fbd-ceec-11df-9692-0022200a082d}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.04.28 13:35:52 | 000,000,000 | ---D | C] -- C:\Users\PAUL\AppData\Roaming\Malwarebytes [2012.04.28 13:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.04.28 13:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.04.28 13:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2012.04.28 11:29:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.04.28 10:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2012.04.28 10:09:11 | 000,000,000 | ---D | C] -- C:\Users\PAUL\AppData\Local\Apple [2012.04.28 10:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.04.14 13:04:07 | 000,000,000 | ---D | C] -- C:\Users\PAUL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo [2012.04.14 12:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo [2012.04.11 00:03:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.04.11 00:03:08 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.04.10 22:01:53 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.04.10 22:01:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.04.10 22:01:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.04.10 22:01:51 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.04.10 22:01:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll ========== Files - Modified Within 30 Days ========== [2012.04.28 15:15:19 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.28 15:15:19 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.28 15:07:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.28 15:07:32 | 2406,924,288 | -HS- | M] () -- C:\hiberfil.sys [2012.04.23 14:07:53 | 000,000,232 | ---- | M] () -- C:\Windows\Brownie.ini [2012.04.22 15:51:47 | 000,654,126 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.04.22 15:51:47 | 000,626,298 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.04.22 15:51:47 | 000,130,002 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.04.22 15:51:47 | 000,106,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.04.14 13:04:25 | 000,066,936 | -HS- | M] () -- C:\Windows\dlinfo_0.drv [2012.04.14 13:04:07 | 000,086,528 | ---- | M] () -- C:\Windows\bnetunin.exe [2012.04.14 13:04:07 | 000,061,440 | ---- | M] () -- C:\Windows\DiabUnin.exe [2012.04.14 12:59:32 | 000,011,819 | ---- | M] () -- C:\Windows\DiabUnin.dat [2012.04.14 12:59:32 | 000,002,829 | ---- | M] () -- C:\Windows\DiabUnin.pif [2012.04.04 14:02:21 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI ========== Files Created - No Company Name ========== [2012.04.14 13:04:24 | 000,066,936 | -HS- | C] () -- C:\Windows\dlinfo_0.drv [2012.04.14 13:04:07 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe [2012.04.14 12:58:40 | 000,061,440 | ---- | C] () -- C:\Windows\DiabUnin.exe [2012.04.14 12:58:40 | 000,002,829 | ---- | C] () -- C:\Windows\DiabUnin.pif [2012.04.14 12:58:37 | 000,011,819 | ---- | C] () -- C:\Windows\DiabUnin.dat [2012.01.11 21:40:47 | 000,135,168 | ---- | C] () -- C:\Windows\System32\TXTUSER.EXE [2011.11.04 01:19:37 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini [2011.11.04 01:19:37 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2011.11.04 01:19:31 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.11.04 01:19:08 | 000,000,054 | ---- | C] () -- C:\Windows\System32\bd2030.dat [2011.11.04 01:01:11 | 000,000,232 | ---- | C] () -- C:\Windows\Brownie.ini [2011.11.04 01:01:11 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2011.11.04 01:01:11 | 000,000,040 | ---- | C] () -- C:\Windows\BRDIAG.INI [2011.11.04 01:01:08 | 000,026,624 | ---- | C] () -- C:\Windows\System32\BRGSRC32.DLL [2011.11.04 01:01:08 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2030.INI [2011.11.04 01:01:08 | 000,004,608 | ---- | C] () -- C:\Windows\System32\BRGSRC16.DLL [2011.03.28 20:21:10 | 000,002,115 | ---- | C] () -- C:\Users\PAUL\AppData\Roaming\SAS7_000.DAT [2010.06.02 09:54:33 | 000,000,112 | ---- | C] () -- C:\Users\PAUL\AppData\Roaming\wklnhst.dat [2010.06.02 09:49:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI ========== LOP Check ========== [2012.02.29 15:38:03 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\Canon [2012.03.02 11:31:39 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\Copernic [2012.01.11 21:34:24 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\Duden [2012.02.07 20:51:45 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\DVDVideoSoft [2012.02.07 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\DVDVideoSoftIEHelpers [2010.12.12 04:20:55 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\MAGIX [2011.03.28 19:37:12 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\Nuance [2011.07.15 09:45:48 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\OCS [2012.03.15 20:41:37 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\OpenCandy [2010.11.02 15:25:22 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\OpenOffice.org [2011.07.15 09:45:50 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\Opera [2012.03.15 20:41:28 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\pdfforge [2010.06.16 21:28:42 | 000,000,000 | ---D | M] -- C:\Users\PAUL\AppData\Roaming\SPORE [2012.02.16 21:05:05 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.04.2012 15:25:39 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\PAUL\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,57% Memory free
5,98 Gb Paging File | 4,79 Gb Available in Paging File | 80,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 148,94 Gb Free Space | 35,07% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 30,25 Gb Free Space | 75,62% Space Free | Partition Type: NTFS
Computer Name: PAULS_PC | User Name: PAUL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0125845C-9422-439F-8154-9F3CDE1E7CEB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7AC182BE-887E-4D2E-A23D-B808448EB4A3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{A44FE339-D758-408D-91D6-1BA849DA4AAE}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AF87F3A-D230-454F-B326-B05B822EC367}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3F0B2AE3-7BD1-46DB-A08B-9540AC891EAC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{499A04B3-181D-4F1C-B4FF-D28268C67519}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C9F3E45-2DC9-439D-A304-7B866B0D8025}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{83BC9B91-A37E-4706-AD11-0F9AC67D571F}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{9898EBE3-AF4A-4DFC-8F5F-B409D7F5B172}" = protocol=6 | dir=in | app=c:\spiele\etherlords ii\etherlords2.exe |
"{CA20458D-6BDF-4A83-8CFC-7BF7D64F7D51}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D840DFB0-2425-4B4E-B9F3-87C7DF8EDCE6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E00007C6-9ECE-4B94-807D-F9A263B48DB8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F1219846-961A-46CA-9E3B-24A947BA5496}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{F8D1C07F-981F-4F5D-AA0F-897783A073C3}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{FBEDB2CA-1FD9-4890-8DAA-23450FB56B36}" = protocol=17 | dir=in | app=c:\spiele\etherlords ii\etherlords2.exe |
"{FF6E1818-AC8B-4603-941A-8BCBD4EC0D61}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{51A5D501-543B-4303-B423-A95FC8AB9CD3}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A9DFE265-6C6A-41DE-A3DF-255595B37980}C:\spiele\etherlords ii\etherlords2.exe" = protocol=6 | dir=in | app=c:\spiele\etherlords ii\etherlords2.exe |
"TCP Query User{EBFFA9B6-21C7-45BE-8922-57D9A0B3AD84}C:\spiele\diablo\diablo.exe" = protocol=6 | dir=in | app=c:\spiele\diablo\diablo.exe |
"UDP Query User{462AC273-8315-4DB3-A6AB-57DD263F7EB5}C:\spiele\diablo\diablo.exe" = protocol=17 | dir=in | app=c:\spiele\diablo\diablo.exe |
"UDP Query User{9BF6D5FF-25F5-4B60-9A20-4A9B793298C8}C:\spiele\etherlords ii\etherlords2.exe" = protocol=17 | dir=in | app=c:\spiele\etherlords ii\etherlords2.exe |
"UDP Query User{B90656DC-A22B-4A89-A984-3F252677F11B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07E81454-0868-454C-8B51-4D1E692E6C7A}" = Etherlords II
"{0E521D68-18AE-6BF0-0B45-609B5F37C98F}" = Catalyst Control Center InstallProxy
"{0EE07930-244D-0874-9A5F-73430F6BA26C}" = CCC Help Turkish
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21348CA7-91B6-31CD-3D22-F8E22578944A}" = Catalyst Control Center Graphics Previews Common
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25558E16-EA3D-7979-A0D1-F48436C4AC06}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{279374AF-5170-D9EF-5D1E-BC000022C5FC}" = Catalyst Control Center Core Implementation
"{29A3AEC2-3658-0E1A-F117-9AAF3B11C8B6}" = Catalyst Control Center Graphics Light
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EF50971-6903-2FEB-BBD4-6F249FFA1BDC}" = CCC Help Finnish
"{2F26069E-5097-539E-DC26-015680811ECD}" = ATI Catalyst Install Manager
"{317B8C36-FA9C-AA01-B445-996CEBA8C295}" = CCC Help Swedish
"{3477B789-85E3-DE8E-3C8B-DCAFB41DAFBA}" = CCC Help Japanese
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{400712FF-67FC-4081-688E-7946BAEA2B3B}" = CCC Help English
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52032213-2CD7-4364-B46E-9367DCEC9E73}" = Brother HL-2030
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54971F17-9D16-4D43-95D6-3A86E3D20EDB}" = Office-Bibliothek 4.1
"{5676CFBD-AB8A-C465-820F-77B29EF6FBFA}" = CCC Help Greek
"{56CBA587-2257-F5C6-40B3-A72C168BF827}" = CCC Help Polish
"{57CC2D16-2DD0-97F3-C05D-0A13D9F6F022}" = CCC Help Danish
"{57D10954-2C62-A314-116B-6EE5F052C8C7}" = CCC Help Russian
"{5B8B06F1-C2AD-BD03-C45D-CC245A86E9C4}" = CCC Help Spanish
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65A91A9C-4260-DB82-5B56-ABD3E9998328}" = Catalyst Control Center Graphics Full New
"{6F4FAB5D-658A-2953-D178-6F69809C1456}" = Catalyst Control Center Graphics Full Existing
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BD20452-13F6-421A-C826-C473861DEE9E}" = CCC Help Italian
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AEBFD30-B94F-4A49-8106-03039708BDD4}" = Duden Korrektor Patch 012009
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9317E145-AE86-FF93-384F-A6EA2FA28B42}" = CCC Help German
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = MODEM Mobiler Anschluss
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{953F09BD-CE1E-6754-19F6-A63A3103F290}" = Catalyst Control Center Localization All
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A02F5B3B-2A47-914B-6B14-9CC02AF0F4E7}" = ccc-utility
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B50173-8FFC-0893-36E6-F660C5257FD7}" = CCC Help French
"{B66237B8-A436-9CAB-D04C-A30FB52DEBC3}" = CCC Help Norwegian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BA3BF303-E113-A66A-2B47-CFCA5B45DA78}" = CCC Help Portuguese
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF1F57C9-00CB-A122-3803-8A06FCC79880}" = CCC Help Chinese Standard
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D5B8CDB6-0F63-49BB-9E32-D0246BE90C8F}" = Duden Korrektor kompakt
"{DD1046A2-58BC-3F87-4A3F-786A7754746C}" = CCC Help Czech
"{DD401D5B-35E2-4EA4-8585-4A44CB2DCC78}" = Jade Empire
"{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}" = Dragon NaturallySpeaking 9
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E248C578-2300-8A66-3BD5-6B11D409CFF1}" = ccc-core-static
"{E2729A36-33EB-4094-9759-2C7A666DE296}" = Etherlords
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{EAF0EDF9-7090-FC2E-F9AA-21E6EFE93B8E}" = CCC Help Hungarian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6043E4-1CBA-3F06-8AB8-B9090064EC5B}" = CCC Help Thai
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB5AD702-619A-02AC-7440-E5794BD6BB7E}" = CCC Help Korean
"{FE4F8BDE-C862-FED1-BE50-252FC76090F2}" = CCC Help Dutch
"{FF0A9BC1-B06A-B3EB-84C4-5B9C2E3C16A9}" = Catalyst Control Center Graphics Previews Vista
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agent Ransack_is1" = Agent Ransack 2010
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battle.net" = Battle.net
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"CopernicDesktopSearch2" = Copernic Desktop Search - Home
"Diablo" = Diablo
"Dungeon Keeper II" = Dungeon Keeper 2
"EA Download Manager" = EA Download Manager
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.10.602
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.08
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Hallo northern sky planetarium program_is1" = HNSKY 2.3.0N
"Hofer Foto Manager Free D" = Hofer Foto Manager Free
"Hofer Foto Service D" = Hofer Foto Service
"Hofer Fotodruck Service" = Hofer Fotodruck Service 4.5
"Hofer Online Druck Service D" = Hofer Online Druck Service
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"MEDION Fotos auf CD & DVD SE Hofer D" = MEDION Fotos auf CD & DVD SE Hofer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MP3 WAV Converter 3.15" = MP3 WAV Converter 3.15
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip" = WinZip
"ZTE USB Driver" = ZTE USB Driver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3816966075-2006131874-3715856549-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diablo" = Diablo
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.12.2011 09:52:35 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\modem
mobiler anschluss\DELZIP179.DLL". Fehler in Manifest- oder Richtliniendatei "c:\program
files\modem mobiler anschluss\DELZIP179.DLL" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 07.12.2011 15:27:15 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 07.12.2011 15:30:02 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\modem
mobiler anschluss\DELZIP179.DLL". Fehler in Manifest- oder Richtliniendatei "c:\program
files\modem mobiler anschluss\DELZIP179.DLL" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 27.12.2011 18:30:53 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 27.12.2011 18:33:47 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\modem
mobiler anschluss\DELZIP179.DLL". Fehler in Manifest- oder Richtliniendatei "c:\program
files\modem mobiler anschluss\DELZIP179.DLL" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 01.01.2012 15:40:46 | Computer Name = PAULS_PC | Source = RasClient | ID = 20227
Description =
Error - 06.01.2012 18:00:26 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 06.01.2012 18:03:02 | Computer Name = PAULS_PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\modem
mobiler anschluss\DELZIP179.DLL". Fehler in Manifest- oder Richtliniendatei "c:\program
files\modem mobiler anschluss\DELZIP179.DLL" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 11.01.2012 14:34:27 | Computer Name = PAULS_PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.6024.1000,
Zeitstempel: 0x4d83e310 Name des fehlerhaften Moduls: wwlib.dll, Version: 14.0.6024.1000,
Zeitstempel: 0x4d83e39d Ausnahmecode: 0xc0000005 Fehleroffset: 0x002e21ac ID des fehlerhaften
Prozesses: 0x111c Startzeit der fehlerhaften Anwendung: 0x01ccd08b66627512 Pfad der
fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Office\Office14\wwlib.dll Berichtskennung:
e4186281-3c82-11e1-92ff-0022200a082d
Error - 11.01.2012 15:55:13 | Computer Name = PAULS_PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.6024.1000,
Zeitstempel: 0x4d83e310 Name des fehlerhaften Moduls: wwlib.dll, Version: 14.0.6024.1000,
Zeitstempel: 0x4d83e39d Ausnahmecode: 0xc0000005 Fehleroffset: 0x00039dec ID des fehlerhaften
Prozesses: 0x11a8 Startzeit der fehlerhaften Anwendung: 0x01ccd0995f09adc4 Pfad der
fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Office\Office14\wwlib.dll Berichtskennung:
2c38efe3-3c8e-11e1-92ff-0022200a082d
[ Media Center Events ]
Error - 12.03.2011 07:59:54 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 12:59:54 - Fehler beim Herstellen der Internetverbindung. 12:59:54
- Serververbindung konnte nicht hergestellt werden..
Error - 12.03.2011 07:59:59 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 12:59:59 - Fehler beim Herstellen der Internetverbindung. 12:59:59
- Serververbindung konnte nicht hergestellt werden..
Error - 12.03.2011 09:04:57 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 14:04:57 - Fehler beim Herstellen der Internetverbindung. 14:04:57
- Serververbindung konnte nicht hergestellt werden..
Error - 12.03.2011 09:05:06 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 14:05:02 - Fehler beim Herstellen der Internetverbindung. 14:05:02
- Serververbindung konnte nicht hergestellt werden..
Error - 12.03.2011 10:05:11 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 15:05:11 - Fehler beim Herstellen der Internetverbindung. 15:05:11
- Serververbindung konnte nicht hergestellt werden..
Error - 12.03.2011 10:05:16 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 15:05:16 - Fehler beim Herstellen der Internetverbindung. 15:05:16
- Serververbindung konnte nicht hergestellt werden..
Error - 19.03.2011 08:14:07 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 13:14:07 - Fehler beim Herstellen der Internetverbindung. 13:14:07
- Serververbindung konnte nicht hergestellt werden..
Error - 19.03.2011 08:14:16 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 13:14:12 - Fehler beim Herstellen der Internetverbindung. 13:14:12
- Serververbindung konnte nicht hergestellt werden..
Error - 20.03.2011 14:07:26 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 19:07:26 - Fehler beim Herstellen der Internetverbindung. 19:07:26
- Serververbindung konnte nicht hergestellt werden..
Error - 20.03.2011 14:07:34 | Computer Name = PAULS_PC | Source = MCUpdate | ID = 0
Description = 19:07:31 - Fehler beim Herstellen der Internetverbindung. 19:07:31
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 28.04.2012 07:34:27 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 07:34:33 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 07:34:33 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 09:02:32 | Computer Name = PAULS_PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?28.?04.?2012 um 15:01:23 unerwartet heruntergefahren.
Error - 28.04.2012 09:02:38 | Computer Name = PAULS_PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avipbb discache ElbyCDIO spldr ssmdrv Wanarpv6
Error - 28.04.2012 09:02:48 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 09:02:54 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 09:02:56 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 09:02:56 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
Error - 28.04.2012 09:03:27 | Computer Name = PAULS_PC | Source = DCOM | ID = 10005
Description =
< End of report >
Code:
ATTFilter Adobe AIR Adobe Systems Inc. 15.06.2010 1.5.3.9120
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 01.06.2010 10.0.42.34
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 18.06.2011 6,00MB 10.3.181.26
Adobe Flash Player 9 ActiveX Adobe Systems 27.03.2011 9
Adobe Reader X (10.1.1) - Deutsch Adobe Systems Incorporated 31.10.2011 119,0MB 10.1.1
Agent Ransack 2010 01.03.2012 9,88MB
ATI Catalyst Install Manager ATI Technologies, Inc. 03.02.2010 16,3MB 3.0.754.0
Avira AntiVir Personal - Free Antivirus Avira GmbH 20.02.2012 61,8MB 10.2.0.707
Battle.net 13.04.2012
Brother HL-2030 Brother 03.11.2011 1.00
Canon CanoScan Toolbox 5.0 28.02.2012
CanoScan 4400F 28.02.2012
CCleaner Piriform 27.04.2012 3.18
Cisco EAP-FAST Module Cisco Systems, Inc. 24.03.2010 1,15MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 24.03.2010 0,48MB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 24.03.2010 0,90MB 1.1.6
Click to Call with Skype Skype Technologies S.A. 20.08.2011 13,4MB 5.6.8153
Compatibility Pack für 2007 Office System Microsoft Corporation 14.03.2012 190,9MB 12.0.6612.1000
Copernic Desktop Search - Home Copernic Inc. 01.03.2012
CorelDRAW Essentials 4 - Windows Shell Extension Corel Corporation 20.01.2010 2,93MB
CyberLink LabelPrint CyberLink Corp. 21.01.2010 143,3MB 2.5.2411
CyberLink PhotoNow CyberLink Corp. 21.01.2010 21,8MB 1.1.6904
CyberLink Power2Go CyberLink Corp. 21.01.2010 104,7MB 6.1.3602c
CyberLink PowerDirector CyberLink Corp. 21.01.2010 311MB 8.0.2326
CyberLink PowerDVD 9 CyberLink Corp. 21.01.2010 152,0MB 9.0.2010
CyberLink PowerDVD Copy CyberLink Corp. 01.06.2010 1.0.6720
CyberLink PowerProducer CyberLink Corp. 21.01.2010 155,3MB 5.0.2.2326
CyberLink YouCam CyberLink Corp. 21.01.2010 133,0MB 3.0.2219
Diablo 13.04.2012
Diablo 14.04.2012
Dragon NaturallySpeaking 9 Nuance 27.03.2011 359MB 9.51.200
Duden Korrektor kompakt Bibliographisches Institut & F.A. Brockhaus AG 10.01.2012 280MB 6.00.00
Duden Korrektor Patch 012009 Bibliographisches Institut & F.A. Brockhaus AG 10.01.2012 12,2MB 6.00.1000
Dungeon Keeper 2 30.07.2010
EA Download Manager Electronic Arts, Inc. 15.06.2010 6.0.4.10
EA Download Manager UI Electronic Arts 15.06.2010 6.0.4.10
Etherlords 05.08.2011
Etherlords II 29.07.2011
Free Audio CD to MP3 Converter version 1.3.10.602 DVDVideoSoft Limited. 14.07.2011 32,9MB
Free WMA to MP3 Converter 1.08 Jodix Technologies Ltd. 12.06.2011
Free YouTube to MP3 Converter version 3.10.15.1228 DVDVideoSoft Ltd. 06.02.2012 85,6MB
HNSKY 2.3.0N Han Kleijn 06.08.2011
Hofer Foto Manager Free MAGIX AG 24.03.2010 6.0.1.491
Hofer Foto Service MAGIX AG 24.03.2010 4.5.9.142
Hofer Fotodruck Service 4.5 ORWO Net 01.06.2010 4.5
Hofer Online Druck Service MAGIX AG 24.03.2010 4.5.1.1
Intel(R) Rapid Storage Technology Intel Corporation 22.01.2010 9.5.0.1037
Jade Empire BioWare Corp. 05.08.2011
Java(TM) 6 Update 18 Sun Microsystems, Inc. 20.01.2010 97,1MB 6.0.180
MEDION Fotos auf CD & DVD SE Hofer MAGIX AG 24.03.2010 8.0.3.4
Medion Home Cinema CyberLink Corp. 21.01.2010 0,94MB 6.0.0000
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.03.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 26.03.2011 2,94MB 4.0.30319
Microsoft Office Professional Plus 2010 Microsoft Corporation 21.11.2011 14.0.6029.1000
Microsoft Silverlight Microsoft Corporation 15.02.2012 188,3MB 4.1.10111.0
Microsoft SQL Server 2005 Compact Edition [DEU] Microsoft Corporation 20.01.2010 0,33MB 3.1.0000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 20.01.2010 1,72MB 3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 20.01.2010 0,61MB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 20.01.2010 1,45MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 20.01.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 01.06.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 20.01.2010 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 19.01.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 18.06.2011 0,59MB 9.0.30729.6161
Microsoft Works Microsoft Corporation 10.04.2012 1.045MB 9.7.0621
MODEM Mobiler Anschluss 02.10.2010 1.0.0.1
Mozilla Firefox 11.0 (x86 de) Mozilla 28.03.2012 40,8MB 11.0
MP3 WAV Converter 3.15 14.07.2011
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 20.01.2010 35,00KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 20.01.2010 1,33MB 4.20.9876.0
Office-Bibliothek Bibliographisches Institut & F.A. Brockhaus AG 10.01.2012 273MB 5.01
Office-Bibliothek 4.1 10.01.2012
OpenOffice.org 3.2 OpenOffice.org 01.11.2010 363MB 3.2.9502
PDFCreator Frank Heindörfer, Philip Chinery 14.03.2012 1.3.0
Realtek Ethernet Controller Driver For Windows Vista and Later Realtek 19.01.2010 1.00.0011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 19.01.2010 6.0.1.6010
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 19.01.2010 6.1.7600.30105
REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 24.03.2010 1.00.0145
Skype™ 5.5 Skype Technologies S.A. 20.08.2011 17,0MB 5.5.113
SPORE™ Electronic Arts 15.06.2010 1.05.0001
Synaptics Pointing Device Driver Synaptics Incorporated 19.01.2010 14.0.0.3
VirtualCloneDrive Elaborate Bytes 18.03.2011
VLC media player 1.1.5 VideoLAN 21.01.2011 1.1.5
WIDCOMM Bluetooth Software Broadcom Corporation 24.03.2010 88,4MB 6.2.0.9600
Windows Live Anmelde-Assistent Microsoft Corporation 20.01.2010 1,94MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 20.01.2010 14.0.8089.0726
Windows Live Sync Microsoft Corporation 20.01.2010 2,79MB 14.0.8089.726
Windows Live-Uploadtool Microsoft Corporation 20.01.2010 0,22MB 14.0.8014.1029
WinZip WinZip Computing LP 28.02.2012 10.0 (7245)
ZTE USB Driver ZTE Corporation 02.10.2010 1.0.1.16
 Erek |
|
28.04.2012, 17:13
| #2 |
| /// Malware-holic   |  windows verschlüsselungs trojaner logfiles bin zwar nicht kira, aber ich denke das wird schon klar gehen :-)
__________________hast du die malware per mail erhalten? dann hätte ich diese gern. wenn du ein mail programm nutzt, wähle die mail aus, datei speichern unter. speichere sie als .eml datei ab sende sie dann an: http://markusg.trojaner-board.de teile mir in der mail deinen nutzernamen mit.
__________________ |
|
28.04.2012, 22:59
| #3 |
| | windows verschlüsselungs trojaner logfiles hallo markus,
__________________vielen dank für deine antwort. ich hab den trojaner tatsächlich als mail gekriegt, mich dann aber so geärgert, dass ich sie vollständig gelöscht hab. ist das jetzt nicht so gut? erek |
|
29.04.2012, 16:55
| #4 |
| /// Malware-holic | windows verschlüsselungs trojaner logfiles wenn du mal wieder sowas bekommst, her damit :-) öffne malwarebytes, logdateien, poste alle berichte.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu windows verschlüsselungs trojaner logfiles |
| 0x00000001, antivir, autorun, avira, battle.net, bho, converter, desktop, document, error, excel, fehler, firefox, flash player, home, install.exe, logfile, microsoft office 2003, microsoft office word, mozilla, mp3, plug-in, realtek, registry, richtlinie, rundll, scan, searchscopes, security, senden, smartbar, starten, svchost.exe, trojaner, usb 2.0, version=1.0, windows, windows verschlüsselungs trojaner |
Linear-Darstellung
