Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: trojaner durch email

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.05.2012, 19:30   #1
rike42
 
trojaner durch email - Standard

trojaner durch email



Hallo,
ich hoffe mir kann man helfen ich bin total verzweifelt habe durch eine email mit dateianhang die angeblich von der telecom sein soll einen trojaner eingefangen ich habe dummer weise diesen anhang geöffnet weil ich mir nicht bewusst war wo ich und mit was ich 191.-die von meinem konto in den nächsten 3 tagen abgebucht werden sollen gemacht habe .
so wie ich hier gelesen habe sind noch mehr betroffen die solche mails bekommen haben bei mir ging auch dieses fenster dann auf wo ich mit 50€ ukash zahlen soll ich habe das gemacht und fühle mich hintergangen weil nichts passiert ist nach dem ich dieses code eingeben hab nach stunden kam die meldung das der code falsch ein geben wurde habe noch mal neu eingeben wieder nach stunden wurde mir mitgeteilt das ich 2 mal den falschen code eingeben habe und wenn ich dieses jetzt nochmal machen würde wäre das ein betrug.na toll
was kann ich jetzt machen im abgesicherten modus mit netzwerkdingens geht garnichts bekomme war explorer auf aber kann die gebrannte cd nicht straten hab ich was falsch gemacht lg rike

habs geschaft denke es wird alles so bleiben wie es jetzt ist ansonsten muss ich mich eben nochmal melden.habe malwareebytes den scan gemacht und mein laptop läuft :-)

Alt 02.05.2012, 07:25   #2
kira
/// Helfer-Team
 
trojaner durch email - Standard

trojaner durch email



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
Zitat:
Zitat von rike42 Beitrag anzeigen
habe malwareebytes den scan gemacht und mein laptop läuft :-)
► auch wenn die Symptome verschwunden sind, um festzustellen ob unbekannte bzw `nicht entdeckte` Dateien noch vorhanden sind, ich empfehle Dir diese Anleitung genau abzuarbeiten

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
ATTFilter
Malwarebytes
(alle vorhandenen Protokolle!)
         
2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner - Installer herunter
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
gruß
kira
__________________

__________________

Alt 02.05.2012, 21:35   #3
rike42
 
trojaner durch email - Standard

trojaner durch email



[/CODE]OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.05.2012 21:44:19 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 29,34% Memory free
3,21 Gb Paging File | 1,68 Gb Available in Paging File | 52,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,28 Gb Free Space | 81,46% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.02 21:43:41 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Downloads\OTL(1).exe
PRC - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.01.29 18:12:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.02.09 17:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.12.13 12:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2009.12.03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009.02.23 15:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.14 09:08:07 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.01.29 18:12:47 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2011.11.14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011.11.14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
MOD - [2011.11.14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll
MOD - [2011.11.14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
MOD - [2011.11.14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
MOD - [2011.11.14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll
MOD - [2011.08.22 02:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.03.04 21:50:26 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.03.04 12:44:40 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.04.14 09:08:07 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.25 02:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.07.21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.08.08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.07.11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.07.11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.07.11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.07.11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.05 09:16:20 | 000,436,840 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.05 00:01:18 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.04 21:16:48 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.01 20:17:00 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.02.15 21:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.02.10 15:50:22 | 002,717,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.02.09 17:58:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.01.06 20:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.06 20:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.06 20:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.06 20:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.06 20:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.06 20:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.06 20:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.12.21 02:20:02 | 001,402,416 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.11.29 14:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.12 04:16:00 | 000,037,504 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010.11.12 04:15:58 | 000,077,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=17284
IE - HKCU\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6
IE - HKCU\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = hxxp://www.flickr.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKCU\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/"
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B0dc812c3-3751-451d-abef-efaf203cef37%7D&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&ds=AVG&v=10.2.0.3&lang=de&pr=fr&d=2011-11-10%2007%3A30%3A51&sap=ku&q="
FF - prefs.js..keyword.URL,h: h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=17284&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rike\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 12:16:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.03.12 19:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012.03.19 19:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.14 12:34:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.01.12 07:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions
[2012.05.02 12:47:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions
[2012.01.26 08:06:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.04.08 16:20:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.21 07:29:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\ffxtlbr@babylon.com
[2012.03.20 07:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
[2012.03.12 19:20:31 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.2.0.3
() (No name found) -- C:\USERS\RIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\65VEOSUJ.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.01.29 18:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.12 19:19:41 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC76} - C:\Program Files (x86)\Message Faces for Internet Explorer\x64\messagefaces-ie.dll ()
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FF78FB-77BC-466E-ADB6-7D23B90C1116}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902AAE46-0D3F-4F1B-99F7-8FF393AD700C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.02 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A2610B38-F0FE-48E9-8BA6-F17E1BCB20BE}
[2012.05.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C84BD7D6-CC5B-4AC7-9E3B-2949462132D5}
[2012.05.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76B93B11-A02B-4755-8C3F-65B175DB9F68}
[2012.05.01 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372D01FA-4BBB-4C33-ACCB-533AC7A11C4A}
[2012.05.01 21:11:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Malwarebytes
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.01 21:11:37 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.05.01 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2012.05.01 19:27:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2012.05.01 19:27:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2012.05.01 19:27:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2012.05.01 19:27:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2012.05.01 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb
[2012.05.01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{5511AB08-1126-4D06-8E12-3FBC1F032EF7}
[2012.05.01 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{64FF208D-0BFE-4175-BA5F-23E26932B09F}
[2012.04.30 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372C89B6-9AE3-4188-8702-ED59DEACD2BD}
[2012.04.30 21:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{40BA9362-3D78-4035-91C3-4AA18FE22552}
[2012.04.30 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B97F158E-B79C-4603-B623-1B47B838A902}
[2012.04.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76A15291-C1AE-4F69-A916-4FFFDBA14B51}
[2012.04.29 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A505D8F9-449F-4144-BA72-E51EDDC5C114}
[2012.04.29 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{600C320E-DB25-4A12-9E96-076AB101DCAE}
[2012.04.29 09:30:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23B94CEA-1690-4844-9CDE-2E2090E6BC63}
[2012.04.29 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{606BE038-F090-49BB-A55E-6628992E9B4E}
[2012.04.28 10:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{514A2120-DF30-49C8-9F2D-2F0EDCD7793D}
[2012.04.28 10:19:06 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E1D77E2C-D9BE-483A-9E4E-5A11DE05F4BA}
[2012.04.27 22:17:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{DFDB8454-3822-44C6-83B7-DD90CCEDB878}
[2012.04.27 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7AE06BC2-9EB4-4487-81B3-3945A698A71D}
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 06:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{424FEB80-7DD5-4290-A15A-25185CAE180E}
[2012.04.27 06:23:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E73F308C-070E-48E0-AC5E-390B10FBFF4B}
[2012.04.25 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CB476FD8-8A05-4CED-B3F6-BAEE6166D78A}
[2012.04.25 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7564FD68-6D98-4691-B815-A5EF2C1474CD}
[2012.04.25 07:41:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B816BF8D-2442-43E7-B479-D43FF1581FBA}
[2012.04.25 07:40:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F9672FFE-98E4-49A3-BACC-4A3AC20EAAE4}
[2012.04.24 19:37:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1A5EC984-8007-4ABB-B611-ACB5A76699BA}
[2012.04.24 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CF335D44-7701-49DF-A3DC-E9B5BB4325C0}
[2012.04.23 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39F9964F-3DAD-4507-A85B-9BEDC1E9D991}
[2012.04.23 21:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76FCA07A-B82F-4DD8-A308-DC0B4DD8B11A}
[2012.04.23 09:30:23 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3C81FC27-FCF6-4BA9-A30E-B8CB8A8D0D67}
[2012.04.23 09:29:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2315DE57-18F3-4CCC-A095-E45884A6FA6D}
[2012.04.22 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0932B65B-A834-43CB-A75D-08B8E75CA20F}
[2012.04.22 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{73FC3CBA-D3F8-4590-A437-3EA625BDD5B0}
[2012.04.22 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\TomTom
[2012.04.22 13:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2012.04.22 13:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2012.04.22 13:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012.04.22 09:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CD0AA4D6-7B8C-4BE4-AB27-CA6E872014EF}
[2012.04.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0805C92A-3A23-4B4D-B15B-EEA12BF94E35}
[2012.04.21 09:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A485EB71-9F5B-49D8-A1B1-16CD107BAB31}
[2012.04.21 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39E38C82-7E32-4D4F-877C-5129FEEFB05F}
[2012.04.20 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D0C36A2C-8167-46B0-A126-99837631AA95}
[2012.04.20 09:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{4BD24961-F921-4FF0-80FF-DDE17F28E297}
[2012.04.19 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{20FF69E4-251E-4ACD-8548-FB21F3DC4281}
[2012.04.19 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76BE9DDB-0063-4A0B-9EBD-2587612D6DB5}
[2012.04.19 06:27:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{88AEB8B9-2870-4B49-BD9A-4F93115913AA}
[2012.04.19 06:26:50 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{8DE1291F-AD4F-40CF-9A0E-8AAAB29F243E}
[2012.04.18 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7A6D065E-7DC6-444D-B498-A8C72CC5BA25}
[2012.04.18 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3E002CD0-9420-4825-8D62-96C835E7BB4E}
[2012.04.17 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B80C12CB-84F6-4669-8365-299E3BBDDE16}
[2012.04.17 08:54:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2D143E00-5F0A-41B2-9616-D77C86B736F0}
[2012.04.16 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F0C7E53F-6911-4ED7-B327-6DE685F77C19}
[2012.04.16 20:51:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C3E9D653-CF77-48D7-B2EE-ADA78798D226}
[2012.04.16 06:13:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E50E526C-F69A-499A-9671-E7BF6457343E}
[2012.04.16 06:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA6D7BC7-5DFD-425E-B650-12C726AC9409}
[2012.04.15 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0D83490E-4813-43B5-85C0-57B1C51FEF64}
[2012.04.15 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{080A9781-DCA2-4C43-A6A3-DC36A4AC79DC}
[2012.04.14 23:28:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{60546FA4-5931-499D-A7EC-A10B6BC3E266}
[2012.04.14 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{26268009-3C6C-4AFF-9C0C-67E52C7DA117}
[2012.04.14 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{50742359-0284-4A9A-BDCC-F23BA679EE3A}
[2012.04.14 08:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D881C6EC-DD38-4160-8270-9582BE91A984}
[2012.04.13 06:33:28 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{22C010A9-4B0F-48E1-840C-7AA99763F8DE}
[2012.04.13 06:33:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{71571163-7AA2-445F-BF9A-DE37C1A53364}
[2012.04.13 06:29:03 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.04.13 06:25:13 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012.04.13 06:24:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.13 06:07:51 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1624BD53-287D-4A19-8AB3-5D4FBD002853}
[2012.04.12 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC2A6BDD-5922-43A7-B18F-8900F9380397}
[2012.04.11 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B7A63172-9737-425A-9450-04D3138F1685}
[2012.04.11 07:10:26 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.11 07:10:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.11 07:10:21 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.04.11 07:10:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.11 07:10:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.11 07:10:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.11 07:10:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.11 07:10:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.11 07:10:18 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.04.11 07:10:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.11 07:10:16 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.04.11 07:09:47 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.04.11 07:09:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.11 07:09:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.11 07:05:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.11 07:05:21 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.11 07:05:19 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.04.11 06:19:38 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{537025EF-335E-4ED6-A048-AD852FA5B039}
[2012.04.10 12:22:20 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B72D0D68-CB92-43F0-BBA8-BEB6AA98547A}
[2012.04.09 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3A2B281E-499B-412F-B3D4-73651782E8E5}
[2012.04.09 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E3F9CA8C-E9BF-40EB-89C6-8A859477F68C}
[2012.04.08 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.08 16:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.04.08 16:18:51 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
[2012.04.08 16:18:51 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll
[2012.04.08 16:18:50 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVIDEOSOFT
[2012.04.08 16:01:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC80ECD7-FBE4-411D-8F95-00E3617328F4}
[2012.04.08 00:52:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{6E28C1E6-9942-4C2F-842F-F00F119D34CD}
[2012.04.07 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BF3E2201-0078-4601-B7C2-53BE3E78C858}
[2012.04.06 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{48E2FC20-40DA-42D5-9F6F-0D2B19FC8A67}
[2012.04.06 08:27:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{83DBFD34-806D-4049-90AF-5998412AB540}
[2012.04.05 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{45C88743-4F5D-4E04-9333-7BD4CC1C8C4B}
[2012.04.05 06:34:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C8DB777A-144F-4BB9-A78F-EAA45C42ADCE}
[2012.04.04 07:39:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA8C5E62-1896-4707-BC32-281051F78A4E}
[2012.04.03 19:39:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{92C081A5-E038-4FB6-A27B-FDABA97B6F7A}
[2012.04.03 06:48:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B1AE6B9D-0F34-4584-9442-DA4C36FE8D85}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.02 21:46:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.05.02 21:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.02 20:51:03 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 20:51:03 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 20:41:03 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.05.02 20:40:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.02 20:40:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.02 20:40:01 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.02 12:47:44 | 096,885,911 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.05.01 21:11:39 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.01 17:11:30 | 000,158,973 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
[2012.04.27 13:53:26 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.27 11:24:35 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRike.job
[2012.04.22 13:10:56 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.22 13:10:56 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.22 13:10:56 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.22 13:10:55 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.22 13:10:55 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.14 09:08:07 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.14 09:08:07 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.14 09:07:09 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.08 16:20:00 | 000,001,239 | ---- | M] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | M] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.02 12:42:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.01 21:11:39 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.27 13:53:26 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.08 23:13:34 | 000,001,239 | ---- | C] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | C] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.01.02 23:08:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.08 00:26:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.05.13 11:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll
[2011.05.13 11:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll
[2011.05.13 11:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll
[2011.05.10 09:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010.12.21 02:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010.12.16 01:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DBC3D477
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7

< End of report >
         
--- --- ---
[code/]
__________________

Alt 02.05.2012, 21:37   #4
rike42
 
trojaner durch email - Standard

trojaner durch email



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.05.2012 21:44:19 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 29,34% Memory free
3,21 Gb Paging File | 1,68 Gb Available in Paging File | 52,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,28 Gb Free Space | 81,46% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ECD95A-DDB5-4F14-AB02-BC2E19782C11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{049671D1-78F8-41A2-A39B-29C1172957E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{154BD470-FB92-4C2B-8BF0-6BB4C3FFE159}" = rport=138 | protocol=17 | dir=out | app=system | 
"{15873059-A33A-4654-8446-2172B36ACB8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{36C612D6-7280-4732-91BC-DF942AC715E9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3CDB6771-3218-4D4C-BFBD-28C6A6817191}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{47B845F3-B3B6-46F6-997F-CAF7F377C1F6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4DB0B9A7-B5BF-423D-B07A-4E426F412B22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6306839A-108A-4E1C-BBCA-31508170B15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73F2E517-CB79-4737-B4B7-95B02D48BF09}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{73F8720F-EFFD-4961-9B14-802863F11E5A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{787943CD-902C-4C88-AD80-DB3910221CD8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7BBFD59E-ECDC-4F47-9C0B-A27CBCA2B52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9669D44C-F0CD-42D2-93D9-BFD58C56C17F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{96B3896A-5415-4EA2-8E5C-9695A1639DD6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9DB446A5-417B-48BE-8343-F927AF283549}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9EE156F6-330D-4735-92BB-B054EBF5CF85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{BBE678D5-E3FE-494C-BEC6-A9984AAEFEBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CD43471F-73DB-4B61-8B08-637C0D952D72}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D2408D74-6C6A-4C81-8A5D-0BD088CCF264}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D7BD90BE-D33B-48E6-88DE-AFC9B4937047}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D839CBCE-2D23-449B-BEC2-307FA44CBC1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DC2B4737-9DAB-470F-AD90-0692ABC8F82B}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{053E10F6-72C1-4762-9CE4-43C04FBF1220}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{07B3E68F-C791-4677-88E1-536DC250B92A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{13636BBF-7207-43C5-810D-F855726413A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{1E7E82B0-0BF3-4EED-BB1C-D00E0C51F29E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{1FBBF5FA-7E13-427F-B359-682272E9ACA2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{3301D0B0-EE8A-4D38-AFC5-1C1900C47BCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3427A715-C1DA-43B5-B154-D78201E68EEB}" = dir=in | app=c:\users\rike\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{40D8DF87-812C-4EA1-B656-146E0F81D9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{421FEC94-B444-4FFA-894F-F7323E3D8CE7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4574816C-82BE-4C2B-BADC-4065FDC73B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6195A76B-9537-408B-8412-819C66579956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66BDA8F1-6214-40CE-8EDF-7B87BAE40E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6E754F93-7F9C-49DD-BF86-3D343673FDA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{72AAF7CC-66C3-4B70-8080-BD1885857F42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7D85B0E6-3EF5-4654-AA92-38DCBEF57206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{856E656B-F109-4DA4-BC96-4B0922A7639F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{88AD83AF-DF44-467D-8724-2215FA99E655}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{997147F1-2D44-42CC-AC4A-E11151D3C799}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B640A1B-27B7-4A70-A49B-C3E1C56C33C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FFC7719-01C5-4322-961E-37EE85831C90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AEB1CA98-425A-4A5B-B6B2-04560429AE9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AFDDE5C7-C402-43AB-9737-9EDAE9C17EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B364CA41-9339-41F2-AEB9-47EDB03641BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B46CA818-E5F1-42DB-9013-0D2E0C3397D2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DD914877-A81B-4B72-8E0D-FB36F01D4CCE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{E618FDB4-CC5C-4904-B278-E4AC0253C635}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{EB6C49F6-4D89-4A1E-841A-2E823DA5CC39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{EB885D67-D55E-4FF7-91A9-99206858746D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{F3D0E4F6-93E5-491D-8F90-D3812AE3E3C8}" = protocol=6 | dir=out | app=system | 
"{F6674586-F182-42DA-8A9A-55E0439D851E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FAB1F7E9-E7FF-42DA-AB3A-5EB76FFBFC5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE43BF80-6AEB-472E-BDF8-0188D5D08765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E6BEFE9-0AFF-C09F-24A8-AA1CB05869BF}" = WMV9/VC-1 Video Playback
"{76A7DF87-2F94-A068-96B1-D5A392B785E1}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D1250C3B-8953-8A3F-9FCF-D43BB6AE0051}" = AMD Fuel
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E04A3037-2F82-C518-D6CA-A63497D3872F}" = ATI Catalyst Install Manager
"{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"EPSON BX305 Series" = EPSON BX305 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian
"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian
"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai
"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish
"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static
"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek
"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish
"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common
"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish
"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All
"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"BFGC" = Big Fish Games: Game Manager
"BFG-Guardians of Beyond - Hexenhausen Sammleredition" = Guardians of Beyond: Hexenhausen Sammleredition
"conduitEngine" = Conduit Engine 
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Message Faces for IE" = Message Faces für Internet Explorer (remove only)
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MyTomTom" = MyTomTom 3.1.0.530
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"SFT_de3 Toolbar" = SFT_de3 Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087490" = Jewel Quest Solitaire
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089460" = Mystery P.I. - The London Caper
"WT089484" = Namco All-Stars PAC-MAN
"WT089492" = Crazy Chicken Kart 2
"WT089493" = Fishdom
"WT089497" = Big Rig Europe
"WTA-40a22801-9cef-4790-bda0-5ce7b7ef0c83" = Red Crow Mysteries: Legion
"WTA-fdb7ada1-e72d-44b5-a7cd-eb1f008c8c3b" = Family Vacation: California
"XobniMain" = Xobni
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 15.04.2012 06:09:16 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.04.2012 08:59:08 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.04.2012 16:28:34 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.04.2012 00:11:52 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.04.2012 05:39:07 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.04.2012 14:50:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.04.2012 00:24:56 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.04.2012 00:14:42 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.04.2012 05:08:55 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.04.2012 00:25:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
[ Hewlett-Packard Events ]
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 13.01.2012 09:00:23 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:06:26 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:07:06 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:52:59 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:58:02 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:01:07 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:28:18 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
[ HP Software Framework Events ]
Error - 09.12.2011 12:09:17 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.09 17:09:17.705|00000288|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11.12.2011 18:22:20 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.11 23:22:20.964|00001010|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 24.12.2011 15:19:00 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.24 20:19:00.515|00000E88|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.12.2011 05:58:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.31 10:58:16.748|000016A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 06.01.2012 07:46:50 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.06 12:46:50.438|00001508|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:51:02 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:51:02.378|000003A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:07 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:07.355|000016A4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:16.478|00000D70|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 27.01.2012 07:01:53 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.27 12:01:53.617|00001B50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 05.04.2012 10:07:13 | Computer Name = Rike-HP | Source = hpqWmiEx | ID = 5
Description = 2012/04/05 16:07:13.621|00001230|Error      |ChpqWmiExModule::Start|StartServiceCtrlDispatcher
 FAILED. Error: 1063
 
[ HP Wireless Assistant Events ]
Error - 09.11.2011 18:40:03 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:09 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:15 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:20 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:25 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:31 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:36 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 15.01.2012 17:11:28 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
 abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount,
 IWbemClassObject_DoNotMarshal[] apObjects, UInt32& puReturned)     bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

   bei HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

   bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
 radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei 
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ System Events ]
Error - 01.05.2012 15:18:36 | Computer Name = Rike-HP | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 02.05.2012 00:21:00 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 02.05.2012 00:21:26 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 02.05.2012 00:21:26 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 02.05.2012 06:40:59 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 02.05.2012 06:41:21 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 02.05.2012 06:41:21 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 02.05.2012 14:41:43 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 02.05.2012 14:41:43 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 02.05.2012 14:41:44 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
 
< End of report >
         
--- --- ---

habe virenscan schon gemacht und es wurden keine weitern gefunden habe die vorhanden mit dem hier angebotenen malware alle drei bedrohnung entfernt hoffe ich habe soweit alles richtig gemacht bis jetzt

Code:
ATTFilter
Adobe AIR	Adobe Systems Incorporated	18.03.2012		3.1.0.4880
Adobe Flash Player 11 ActiveX 64-bit	Adobe Systems Incorporated	13.04.2012	6,00MB	11.2.202.233
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	13.04.2012	6,00MB	11.2.202.233
Adobe Reader X (10.1.3) - Deutsch	Adobe Systems Incorporated	10.04.2012	121,5MB	10.1.3
Atheros Driver Installation Program	Atheros	07.06.2011		9.2
ATI Catalyst Install Manager	ATI Technologies, Inc.	07.06.2011	22,4MB	3.0.808.0
AVG 2012	AVG Technologies	31.01.2012		2012.0.1913
Big Fish Games: Game Manager		17.01.2012		3.0.1.60
Bluetooth Win7 Suite (64)	Atheros Communications	07.06.2011	59,4MB	7.02.000.55
CCleaner	Piriform	01.05.2012		3.18
Cisco EAP-FAST Module	Cisco Systems, Inc.	07.06.2011	1,55MB	2.2.14
Cisco LEAP Module	Cisco Systems, Inc.	07.06.2011	0,63MB	1.0.19
Cisco PEAP Module	Cisco Systems, Inc.	07.06.2011	1,24MB	1.1.6
Conduit Engine	Conduit Ltd.	06.01.2012		
CyberLink YouCam	CyberLink Corp.	07.06.2011	102,3MB	3.2.1.3726
Energy Star Digital Logo	Hewlett-Packard	07.06.2011	0,29MB	1.0.1
EPSON BX305 Series Handbuch		10.11.2011		
EPSON BX305 Series Printer Uninstall	SEIKO EPSON Corporation	10.11.2011		
Epson Easy Photo Print 2	SEIKO EPSON CORPORATION	10.11.2011		2.2.0.0
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)	SEIKO EPSON CORPORATION	10.11.2011		1.00.0000
Epson FAX Utility	SEIKO EPSON CORPORATION	10.11.2011		1.10.00
Epson PC-FAX Driver		10.11.2011		
EPSON Scan	Seiko Epson Corporation	10.11.2011		
Evernote v. 4.2.2	Evernote Corp.	09.05.2011	139,1MB	4.2.2.3979
Facebook Video Calling 1.2.0.159	Skype Limited	21.03.2012	4,76MB	1.2.159
Free YouTube to MP3 Converter version 3.11.17.319	DVDVideoSoft Ltd.	07.04.2012	75,2MB	3.11.17.319
Guardians of Beyond: Hexenhausen Sammleredition		26.04.2012		
HP Documentation	Hewlett-Packard	09.05.2011	304MB	1.1.0.0
HP Games	WildTangent	06.01.2012		1.0.2.5
HP On Screen Display	Hewlett-Packard Company	09.05.2011	1,43MB	1.0.7
HP Power Manager	Hewlett-Packard Company	07.06.2011	3,61MB	1.2.1
HP Quick Launch	Hewlett-Packard Company	09.05.2011	7,14MB	2.3.6
HP Setup	Hewlett-Packard Company	09.05.2011		8.5.4526.3645
HP Software Framework	Hewlett-Packard Company	24.11.2011	4,75MB	4.1.13.1
HP Wireless Assistant	Hewlett-Packard	09.05.2011	5,61MB	4.0.10.0
Java(TM) 6 Update 22 (64-bit)	Oracle	09.05.2011	90,7MB	6.0.220
Java(TM) 6 Update 31	Oracle	05.03.2012	95,1MB	6.0.310
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	30.04.2012	18,0MB	1.61.0.1400
Message Faces für Internet Explorer (remove only)	Agitos Websolutions GmbH & Co. KG	01.12.2011		1.0.0.4
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	08.01.2012	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	08.01.2012	2,94MB	4.0.30319
Microsoft Office 2010	Microsoft Corporation	09.05.2011	6,31MB	14.0.4763.1000
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	01.01.2012		14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	01.01.2012		14.0.5128.5002
Microsoft Silverlight	Microsoft Corporation	14.02.2012	60,3MB	4.1.10111.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	09.05.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	10.11.2011	0,29MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	07.06.2011	0,61MB	8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	09.05.2011	0,77MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	07.06.2011	0,77MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	10.11.2011	0,77MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	07.06.2011	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	10.11.2011	0,59MB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	07.06.2011	13,7MB	10.0.30319
Microsoft_VC90_CRT_x86	Microsoft Corporation	09.05.2011	1,38MB	1.0.0
Mozilla Firefox 10.0 (x86 de)	Mozilla	13.03.2012	36,4MB	10.0
MyTomTom 3.1.0.530	TomTom	21.04.2012		3.1.0.530
PDF Complete Special Edition	PDF Complete, Inc	06.06.2011		4.0.34
Realtek Ethernet Controller Driver	Realtek	07.06.2011		7.42.304.2011
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	07.06.2011		6.0.1.6287
Realtek PCIE Card Reader	Realtek Semiconductor Corp.	07.06.2011		6.1.7600.77
SFT_de3 Toolbar	SFT_de3	05.01.2012		
Skype™ 5.1	Skype Technologies S.A.	09.05.2011	22,6MB	5.1.104
Synaptics Pointing Device Driver	Synaptics Incorporated	07.06.2011	46,4MB	15.2.4.3
Visual Studio 2008 x64 Redistributables	AVG Technologies	09.11.2011	8,15MB	10.0.0.2
Visual Studio C++ 10.0 Runtime	TomTom International B.V.	21.04.2012	0,75MB	10.0.0
Windows Live Essentials	Microsoft Corporation	10.05.2011		15.4.3555.0308
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	09.11.2011	5,58MB	15.4.5722.2
WinZip 16.0	WinZip Computing, S.L. 	18.03.2012	76,4MB	16.0.9715
WinZip Courier	WinZip Computing, S.L. 	18.03.2012	7,20MB	3.5.9658
Xobni	Xobni Corp.	06.06.2011		1.9.5.13209
Yahoo! BrowserPlus 2.9.8	Yahoo! Inc.	09.11.2011		
Yahoo! Messenger	Yahoo! Inc.	09.11.2011		
Yahoo! Software Update		09.11.2011		
Yahoo! Suche Schutzvorkehrung		09.11.2011		
Yahoo! Toolbar		09.11.2011
         

Alt 03.05.2012, 07:02   #5
kira
/// Helfer-Team
 
trojaner durch email - Standard

trojaner durch email



Systemreinigung und Prüfung:

1.
Deinstalliere...(unter Software/Programme und im Browser "Erweiterungen")
wird ungefragt (mit)installiert, kann man nicht brauchen:-> Conduit Engine aus Firefox entfernen
Code:
ATTFilter
Conduit Engine <- Adware 
         
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.

meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht:
Code:
ATTFilter
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17284
IE - HKCU\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6
IE - HKCU\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKCU\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://de.yahoo.com/"
FF - prefs.js..keyword.URL,h: h", "http://search.babylon.com/?babsrc=KW_def&AF=17284&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
[2012.03.21 07:29:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\ffxtlbr@babylon.com
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe
[2012.05.02 21:46:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DBC3D477
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

3.
Deine Javaversion für 64 Bit ist nicht aktuell!
→ Downloade nun die Offline-Version von Java "Empfohlen Version 7 Update ... " von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

4.
Aktualisiere:
Code:
ATTFilter
Mozilla Firefox
         
5.
Tipps (unabhängig davon ob man den Internet Explorer benutzt oder nicht!):
-> Tipps zu Internet Explorer
-> Standard Suchmaschine des Explorers ändern
-> Wie kann ich den Cache im Internet Explorer leeren?

6.
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

7.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
    Achte darauf, eventuell angebotene Toolbar nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar (falls nötig), entfernen.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

8.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

9.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

10.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 04.05.2012, 06:39   #6
rike42
 
trojaner durch email - Standard

trojaner durch email



Code:
ATTFilter
OTL logfile created on: 04.05.2012 06:58:01 - Run 2
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 25,57% Memory free
3,21 Gb Paging File | 1,65 Gb Available in Paging File | 51,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,07 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.04 06:26:41 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Downloads\OTL(2).exe
PRC - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.01.29 18:12:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.02.09 17:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.12.13 12:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2009.12.03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009.02.23 15:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.14 09:08:07 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.01.29 18:12:47 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2011.11.14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011.11.14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
MOD - [2011.11.14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll
MOD - [2011.11.14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
MOD - [2011.11.14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
MOD - [2011.11.14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll
MOD - [2011.08.22 02:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.14 09:08:07 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.25 02:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.07.21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=17284
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = hxxp://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/"
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B0dc812c3-3751-451d-abef-efaf203cef37%7D&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&ds=AVG&v=10.2.0.3&lang=de&pr=fr&d=2011-11-10%2007%3A30%3A51&sap=ku&q="
FF - prefs.js..keyword.URL,h: h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=17284&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rike\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 12:16:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.03.12 19:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012.03.19 19:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.14 12:34:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.01.12 07:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions
[2012.05.03 10:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions
[2012.01.26 08:06:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.04.08 16:20:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.20 07:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
() (No name found) -- C:\USERS\RIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\65VEOSUJ.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.01.29 18:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.12 19:19:41 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Facebook Update] C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FF78FB-77BC-466E-ADB6-7D23B90C1116}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902AAE46-0D3F-4F1B-99F7-8FF393AD700C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.03 20:13:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F4747EE8-3DFF-4360-81B7-220EA36B7DD7}
[2012.05.03 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{13615E33-8016-4355-88E1-3F0928C0AFD0}
[2012.05.03 06:18:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{86890D24-56DC-402F-B2BF-281C74B7AB90}
[2012.05.03 06:18:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BFB74F8A-365B-49F5-8F4B-5D5CA9E8755F}
[2012.05.02 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.05.02 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A2610B38-F0FE-48E9-8BA6-F17E1BCB20BE}
[2012.05.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C84BD7D6-CC5B-4AC7-9E3B-2949462132D5}
[2012.05.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76B93B11-A02B-4755-8C3F-65B175DB9F68}
[2012.05.01 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372D01FA-4BBB-4C33-ACCB-533AC7A11C4A}
[2012.05.01 21:11:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Malwarebytes
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.01 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2012.05.01 19:27:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2012.05.01 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb
[2012.05.01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{5511AB08-1126-4D06-8E12-3FBC1F032EF7}
[2012.05.01 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{64FF208D-0BFE-4175-BA5F-23E26932B09F}
[2012.04.30 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372C89B6-9AE3-4188-8702-ED59DEACD2BD}
[2012.04.30 21:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{40BA9362-3D78-4035-91C3-4AA18FE22552}
[2012.04.30 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B97F158E-B79C-4603-B623-1B47B838A902}
[2012.04.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76A15291-C1AE-4F69-A916-4FFFDBA14B51}
[2012.04.29 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A505D8F9-449F-4144-BA72-E51EDDC5C114}
[2012.04.29 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{600C320E-DB25-4A12-9E96-076AB101DCAE}
[2012.04.29 09:30:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23B94CEA-1690-4844-9CDE-2E2090E6BC63}
[2012.04.29 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{606BE038-F090-49BB-A55E-6628992E9B4E}
[2012.04.28 10:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{514A2120-DF30-49C8-9F2D-2F0EDCD7793D}
[2012.04.28 10:19:06 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E1D77E2C-D9BE-483A-9E4E-5A11DE05F4BA}
[2012.04.27 22:17:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{DFDB8454-3822-44C6-83B7-DD90CCEDB878}
[2012.04.27 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7AE06BC2-9EB4-4487-81B3-3945A698A71D}
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 06:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{424FEB80-7DD5-4290-A15A-25185CAE180E}
[2012.04.27 06:23:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E73F308C-070E-48E0-AC5E-390B10FBFF4B}
[2012.04.25 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CB476FD8-8A05-4CED-B3F6-BAEE6166D78A}
[2012.04.25 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7564FD68-6D98-4691-B815-A5EF2C1474CD}
[2012.04.25 07:41:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B816BF8D-2442-43E7-B479-D43FF1581FBA}
[2012.04.25 07:40:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F9672FFE-98E4-49A3-BACC-4A3AC20EAAE4}
[2012.04.24 19:37:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1A5EC984-8007-4ABB-B611-ACB5A76699BA}
[2012.04.24 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CF335D44-7701-49DF-A3DC-E9B5BB4325C0}
[2012.04.23 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39F9964F-3DAD-4507-A85B-9BEDC1E9D991}
[2012.04.23 21:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76FCA07A-B82F-4DD8-A308-DC0B4DD8B11A}
[2012.04.23 09:30:23 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3C81FC27-FCF6-4BA9-A30E-B8CB8A8D0D67}
[2012.04.23 09:29:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2315DE57-18F3-4CCC-A095-E45884A6FA6D}
[2012.04.22 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0932B65B-A834-43CB-A75D-08B8E75CA20F}
[2012.04.22 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{73FC3CBA-D3F8-4590-A437-3EA625BDD5B0}
[2012.04.22 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\TomTom
[2012.04.22 13:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2012.04.22 13:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2012.04.22 13:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012.04.22 09:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CD0AA4D6-7B8C-4BE4-AB27-CA6E872014EF}
[2012.04.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0805C92A-3A23-4B4D-B15B-EEA12BF94E35}
[2012.04.21 09:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A485EB71-9F5B-49D8-A1B1-16CD107BAB31}
[2012.04.21 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39E38C82-7E32-4D4F-877C-5129FEEFB05F}
[2012.04.20 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D0C36A2C-8167-46B0-A126-99837631AA95}
[2012.04.20 09:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{4BD24961-F921-4FF0-80FF-DDE17F28E297}
[2012.04.19 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{20FF69E4-251E-4ACD-8548-FB21F3DC4281}
[2012.04.19 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76BE9DDB-0063-4A0B-9EBD-2587612D6DB5}
[2012.04.19 06:27:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{88AEB8B9-2870-4B49-BD9A-4F93115913AA}
[2012.04.19 06:26:50 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{8DE1291F-AD4F-40CF-9A0E-8AAAB29F243E}
[2012.04.18 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7A6D065E-7DC6-444D-B498-A8C72CC5BA25}
[2012.04.18 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3E002CD0-9420-4825-8D62-96C835E7BB4E}
[2012.04.17 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B80C12CB-84F6-4669-8365-299E3BBDDE16}
[2012.04.17 08:54:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2D143E00-5F0A-41B2-9616-D77C86B736F0}
[2012.04.16 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F0C7E53F-6911-4ED7-B327-6DE685F77C19}
[2012.04.16 20:51:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C3E9D653-CF77-48D7-B2EE-ADA78798D226}
[2012.04.16 06:13:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E50E526C-F69A-499A-9671-E7BF6457343E}
[2012.04.16 06:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA6D7BC7-5DFD-425E-B650-12C726AC9409}
[2012.04.15 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0D83490E-4813-43B5-85C0-57B1C51FEF64}
[2012.04.15 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{080A9781-DCA2-4C43-A6A3-DC36A4AC79DC}
[2012.04.14 23:28:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{60546FA4-5931-499D-A7EC-A10B6BC3E266}
[2012.04.14 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{26268009-3C6C-4AFF-9C0C-67E52C7DA117}
[2012.04.14 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{50742359-0284-4A9A-BDCC-F23BA679EE3A}
[2012.04.14 08:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D881C6EC-DD38-4160-8270-9582BE91A984}
[2012.04.13 06:33:28 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{22C010A9-4B0F-48E1-840C-7AA99763F8DE}
[2012.04.13 06:33:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{71571163-7AA2-445F-BF9A-DE37C1A53364}
[2012.04.13 06:29:03 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.04.13 06:24:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.13 06:07:51 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1624BD53-287D-4A19-8AB3-5D4FBD002853}
[2012.04.12 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC2A6BDD-5922-43A7-B18F-8900F9380397}
[2012.04.11 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B7A63172-9737-425A-9450-04D3138F1685}
[2012.04.11 07:10:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.11 07:10:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.11 07:10:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.11 07:10:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.11 07:10:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.11 07:09:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.11 07:09:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.11 06:19:38 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{537025EF-335E-4ED6-A048-AD852FA5B039}
[2012.04.10 12:22:20 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B72D0D68-CB92-43F0-BBA8-BEB6AA98547A}
[2012.04.09 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3A2B281E-499B-412F-B3D4-73651782E8E5}
[2012.04.09 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E3F9CA8C-E9BF-40EB-89C6-8A859477F68C}
[2012.04.08 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.08 16:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.04.08 16:18:51 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
[2012.04.08 16:18:51 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll
[2012.04.08 16:18:50 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVIDEOSOFT
[2012.04.08 16:01:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC80ECD7-FBE4-411D-8F95-00E3617328F4}
[2012.04.08 00:52:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{6E28C1E6-9942-4C2F-842F-F00F119D34CD}
[2012.04.07 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BF3E2201-0078-4601-B7C2-53BE3E78C858}
[2012.04.06 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{48E2FC20-40DA-42D5-9F6F-0D2B19FC8A67}
[2012.04.06 08:27:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{83DBFD34-806D-4049-90AF-5998412AB540}
[2012.04.05 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{45C88743-4F5D-4E04-9333-7BD4CC1C8C4B}
[2012.04.05 06:34:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C8DB777A-144F-4BB9-A78F-EAA45C42ADCE}
[2012.04.04 07:39:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA8C5E62-1896-4707-BC32-281051F78A4E}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.04 06:58:12 | 002,359,296 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT
[2012.05.04 06:46:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.05.04 06:19:10 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.05.04 06:18:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.05.04 06:18:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.04 06:18:18 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.03 22:53:49 | 001,762,066 | -H-- | M] () -- C:\Users\Rike\AppData\Local\IconCache.db
[2012.05.03 22:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.02 22:42:29 | 000,000,822 | ---- | M] () -- C:\Users\Rike\Documents\CCleaner.lnk
[2012.05.02 20:40:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.01 21:11:39 | 000,001,109 | ---- | M] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
[2012.04.27 13:53:26 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.27 11:24:35 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRike.job
[2012.04.14 09:08:07 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.14 09:08:07 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.14 09:07:09 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.04.08 16:20:00 | 000,001,239 | ---- | M] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | M] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.03 09:53:08 | 000,000,822 | ---- | C] () -- C:\Users\Rike\Documents\CCleaner.lnk
[2012.05.03 09:52:55 | 000,001,109 | ---- | C] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk
[2012.05.02 12:42:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.01 23:15:13 | 001,762,066 | -H-- | C] () -- C:\Users\Rike\AppData\Local\IconCache.db
[2012.04.27 13:53:26 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.08 23:13:34 | 000,001,239 | ---- | C] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | C] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.01.02 23:08:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.09 21:10:49 | 000,061,392 | ---- | C] () -- C:\Users\Rike\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.06.08 00:26:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.05.13 11:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll
[2011.05.13 11:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll
[2011.05.13 11:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll
[2011.05.10 09:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010.12.21 02:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010.12.16 01:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== LOP Check ==========
 
[2012.02.27 02:49:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AlawarEntertainment
[2012.03.08 13:36:23 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Artogon
[2012.01.09 22:22:47 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG
[2011.11.10 08:33:58 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG2012
[2012.03.06 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Awem
[2012.03.05 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Blue Tea Games
[2012.04.08 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft
[2012.04.08 16:20:09 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.12 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EleFun Games
[2012.01.22 15:06:11 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EnchantedCavern
[2012.03.07 14:38:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Enki Games
[2012.01.16 22:08:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Epson
[2012.01.22 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\ERS Game Studios
[2012.01.11 13:35:38 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\FamilyVacationCalifornia
[2012.03.06 13:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Frogwares
[2012.05.01 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb
[2012.03.25 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\HitPoint Studios
[2012.01.03 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Lexware
[2012.03.09 14:00:02 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Orneon
[2012.02.19 00:18:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\PlayPond
[2012.04.24 08:37:21 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\SoftGrid Client
[2011.11.09 21:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Synaptics
[2012.01.02 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\TP
[2012.01.22 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vast Studios
[2012.04.27 14:04:00 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vogat Interactive
[2012.01.04 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Windows Live Writer
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
[2012.05.04 06:46:02 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.04.18 06:13:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DBC3D477
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7

< End of report >
         






Code:
ATTFilter
OTL Extras logfile created on: 04.05.2012 06:58:01 - Run 2
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 25,57% Memory free
3,21 Gb Paging File | 1,65 Gb Available in Paging File | 51,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,07 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ECD95A-DDB5-4F14-AB02-BC2E19782C11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{049671D1-78F8-41A2-A39B-29C1172957E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{154BD470-FB92-4C2B-8BF0-6BB4C3FFE159}" = rport=138 | protocol=17 | dir=out | app=system | 
"{15873059-A33A-4654-8446-2172B36ACB8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{36C612D6-7280-4732-91BC-DF942AC715E9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3CDB6771-3218-4D4C-BFBD-28C6A6817191}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{47B845F3-B3B6-46F6-997F-CAF7F377C1F6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4DB0B9A7-B5BF-423D-B07A-4E426F412B22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6306839A-108A-4E1C-BBCA-31508170B15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73F2E517-CB79-4737-B4B7-95B02D48BF09}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{73F8720F-EFFD-4961-9B14-802863F11E5A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{787943CD-902C-4C88-AD80-DB3910221CD8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7BBFD59E-ECDC-4F47-9C0B-A27CBCA2B52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9669D44C-F0CD-42D2-93D9-BFD58C56C17F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{96B3896A-5415-4EA2-8E5C-9695A1639DD6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9DB446A5-417B-48BE-8343-F927AF283549}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9EE156F6-330D-4735-92BB-B054EBF5CF85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{BBE678D5-E3FE-494C-BEC6-A9984AAEFEBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CD43471F-73DB-4B61-8B08-637C0D952D72}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D2408D74-6C6A-4C81-8A5D-0BD088CCF264}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D7BD90BE-D33B-48E6-88DE-AFC9B4937047}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D839CBCE-2D23-449B-BEC2-307FA44CBC1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DC2B4737-9DAB-470F-AD90-0692ABC8F82B}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{053E10F6-72C1-4762-9CE4-43C04FBF1220}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{07B3E68F-C791-4677-88E1-536DC250B92A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{13636BBF-7207-43C5-810D-F855726413A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{1E7E82B0-0BF3-4EED-BB1C-D00E0C51F29E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{1FBBF5FA-7E13-427F-B359-682272E9ACA2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{3301D0B0-EE8A-4D38-AFC5-1C1900C47BCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3427A715-C1DA-43B5-B154-D78201E68EEB}" = dir=in | app=c:\users\rike\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{40D8DF87-812C-4EA1-B656-146E0F81D9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{421FEC94-B444-4FFA-894F-F7323E3D8CE7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4574816C-82BE-4C2B-BADC-4065FDC73B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6195A76B-9537-408B-8412-819C66579956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66BDA8F1-6214-40CE-8EDF-7B87BAE40E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6E754F93-7F9C-49DD-BF86-3D343673FDA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{72AAF7CC-66C3-4B70-8080-BD1885857F42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7D85B0E6-3EF5-4654-AA92-38DCBEF57206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{856E656B-F109-4DA4-BC96-4B0922A7639F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{88AD83AF-DF44-467D-8724-2215FA99E655}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{997147F1-2D44-42CC-AC4A-E11151D3C799}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B640A1B-27B7-4A70-A49B-C3E1C56C33C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FFC7719-01C5-4322-961E-37EE85831C90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AEB1CA98-425A-4A5B-B6B2-04560429AE9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AFDDE5C7-C402-43AB-9737-9EDAE9C17EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B364CA41-9339-41F2-AEB9-47EDB03641BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B46CA818-E5F1-42DB-9013-0D2E0C3397D2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DD914877-A81B-4B72-8E0D-FB36F01D4CCE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{E618FDB4-CC5C-4904-B278-E4AC0253C635}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{EB6C49F6-4D89-4A1E-841A-2E823DA5CC39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{EB885D67-D55E-4FF7-91A9-99206858746D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{F3D0E4F6-93E5-491D-8F90-D3812AE3E3C8}" = protocol=6 | dir=out | app=system | 
"{F6674586-F182-42DA-8A9A-55E0439D851E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FAB1F7E9-E7FF-42DA-AB3A-5EB76FFBFC5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE43BF80-6AEB-472E-BDF8-0188D5D08765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian
"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian
"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai
"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish
"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static
"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek
"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish
"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common
"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish
"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All
"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"BFGC" = Big Fish Games: Game Manager
"BFG-Guardians of Beyond - Hexenhausen Sammleredition" = Guardians of Beyond: Hexenhausen Sammleredition
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Message Faces for IE" = Message Faces für Internet Explorer (remove only)
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MyTomTom" = MyTomTom 3.1.0.530
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"SFT_de3 Toolbar" = SFT_de3 Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087490" = Jewel Quest Solitaire
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089460" = Mystery P.I. - The London Caper
"WT089484" = Namco All-Stars PAC-MAN
"WT089492" = Crazy Chicken Kart 2
"WT089493" = Fishdom
"WT089497" = Big Rig Europe
"WTA-40a22801-9cef-4790-bda0-5ce7b7ef0c83" = Red Crow Mysteries: Legion
"WTA-fdb7ada1-e72d-44b5-a7cd-eb1f008c8c3b" = Family Vacation: California
"XobniMain" = Xobni
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.04.2012 14:50:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.04.2012 00:24:56 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.04.2012 00:14:42 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.04.2012 05:08:55 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.04.2012 00:25:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.04.2012 04:24:30 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.04.2012 14:17:41 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.04.2012 00:16:34 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.04.2012 03:28:21 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.04.2012 03:52:51 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
[ Hewlett-Packard Events ]
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 13.01.2012 09:00:23 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:06:26 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:07:06 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:52:59 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:58:02 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:01:07 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:28:18 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
[ HP Software Framework Events ]
Error - 09.12.2011 12:09:17 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.09 17:09:17.705|00000288|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11.12.2011 18:22:20 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.11 23:22:20.964|00001010|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 24.12.2011 15:19:00 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.24 20:19:00.515|00000E88|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.12.2011 05:58:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.31 10:58:16.748|000016A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 06.01.2012 07:46:50 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.06 12:46:50.438|00001508|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:51:02 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:51:02.378|000003A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:07 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:07.355|000016A4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:16.478|00000D70|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 27.01.2012 07:01:53 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.27 12:01:53.617|00001B50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 05.04.2012 10:07:13 | Computer Name = Rike-HP | Source = hpqWmiEx | ID = 5
Description = 2012/04/05 16:07:13.621|00001230|Error      |ChpqWmiExModule::Start|StartServiceCtrlDispatcher
 FAILED. Error: 1063
 
[ HP Wireless Assistant Events ]
Error - 09.11.2011 18:40:03 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:09 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:15 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:20 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:25 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:31 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:36 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 15.01.2012 17:11:28 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
 abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount,
 IWbemClassObject_DoNotMarshal[] apObjects, UInt32& puReturned)     bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

   bei HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

   bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
 radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei 
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ System Events ]
Error - 03.05.2012 00:17:32 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 03.05.2012 03:52:34 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 03.05.2012 03:52:54 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 03.05.2012 03:52:54 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 04.05.2012 00:19:49 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 04.05.2012 00:20:11 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 04.05.2012 00:20:11 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
 
< End of report >
         

Alt 04.05.2012, 07:01   #7
rike42
 
trojaner durch email - Standard

trojaner durch email



Code:
ATTFilter
Error: Unable to interpret <OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.05.2012 06:58:01 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <1,60 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 25,57% Memory free> in the current context!
Error: Unable to interpret <3,21 Gb Paging File | 1,65 Gb Available in Paging File | 51,53% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 217,64 Gb Total Space | 177,07 Gb Free Space | 81,36% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2012.05.04 06:26:41 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Downloads\OTL(2).exe> in the current context!
Error: Unable to interpret <PRC - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe> in the current context!
Error: Unable to interpret <PRC - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe> in the current context!
Error: Unable to interpret <PRC - [2012.01.29 18:12:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe> in the current context!
Error: Unable to interpret <PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe> in the current context!
Error: Unable to interpret <PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2011.11.14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe> in the current context!
Error: Unable to interpret <PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2011.02.09 17:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe> in the current context!
Error: Unable to interpret <PRC - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe> in the current context!
Error: Unable to interpret <PRC - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe> in the current context!
Error: Unable to interpret <PRC - [2010.12.13 12:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe> in the current context!
Error: Unable to interpret <PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe> in the current context!
Error: Unable to interpret <PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe> in the current context!
Error: Unable to interpret <PRC - [2009.12.03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe> in the current context!
Error: Unable to interpret <PRC - [2009.02.23 15:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe> in the current context!
Error: Unable to interpret <PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2012.04.14 09:08:07 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll> in the current context!
Error: Unable to interpret <MOD - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe> in the current context!
Error: Unable to interpret <MOD - [2012.01.29 18:12:47 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll> in the current context!
Error: Unable to interpret <MOD - [2011.11.14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll> in the current context!
Error: Unable to interpret <MOD - [2011.08.22 02:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll> in the current context!
Error: Unable to interpret <MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - [2012.04.14 09:08:07 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)> in the current context!
Error: Unable to interpret <SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)> in the current context!
Error: Unable to interpret <SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)> in the current context!
Error: Unable to interpret <SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)> in the current context!
Error: Unable to interpret <SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)> in the current context!
Error: Unable to interpret <SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)> in the current context!
Error: Unable to interpret <SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)> in the current context!
Error: Unable to interpret <SRV - [2011.02.25 02:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)> in the current context!
Error: Unable to interpret <SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)> in the current context!
Error: Unable to interpret <SRV - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)> in the current context!
Error: Unable to interpret <SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)> in the current context!
Error: Unable to interpret <SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)> in the current context!
Error: Unable to interpret <SRV - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)> in the current context!
Error: Unable to interpret <SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)> in the current context!
Error: Unable to interpret <SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)> in the current context!
Error: Unable to interpret <SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)> in the current context!
Error: Unable to interpret <SRV - [2010.07.21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)> in the current context!
Error: Unable to interpret <SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)> in the current context!
Error: Unable to interpret <SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)> in the current context!
Error: Unable to interpret <SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)> in the current context!
Error: Unable to interpret <SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)> in the current context!
Error: Unable to interpret <SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)> in the current context!
Error: Unable to interpret <SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=mkg029> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=mkg029> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=17284> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = hxxp://www.flickr.com/search/?q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/"> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B0dc812c3-3751-451d-abef-efaf203cef37%7D&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&ds=AVG&v=10.2.0.3&lang=de&pr=fr&d=2011-11-10%2007%3A30%3A51&sap=ku&q="> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL,h: h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=17284&q="> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.type: 0> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rike\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 12:16:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.03.12 19:20:31 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012.03.19 19:30:20 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.14 12:34:40 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.01.12 07:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.05.03 10:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions> in the current context!
Error: Unable to interpret <[2012.01.26 08:06:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2012.03.20 07:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions> in the current context!
Error: Unable to interpret <[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de> in the current context!
Error: Unable to interpret <() (No name found) -- C:\USERS\RIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\65VEOSUJ.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI> in the current context!
Error: Unable to interpret <[2012.01.29 18:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.03.12 19:19:41 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml> in the current context!
Error: Unable to interpret <[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml> in the current context!
Error: Unable to interpret <[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)> in the current context!
Error: Unable to interpret <O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll (WinZip Computing, S.L.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Facebook Update] C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)> in the current context!
Error: Unable to interpret <O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FF78FB-77BC-466E-ADB6-7D23B90C1116}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902AAE46-0D3F-4F1B-99F7-8FF393AD700C}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\E\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\F\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.03 20:13:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F4747EE8-3DFF-4360-81B7-220EA36B7DD7}> in the current context!
Error: Unable to interpret <[2012.05.03 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{13615E33-8016-4355-88E1-3F0928C0AFD0}> in the current context!
Error: Unable to interpret <[2012.05.03 06:18:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{86890D24-56DC-402F-B2BF-281C74B7AB90}> in the current context!
Error: Unable to interpret <[2012.05.03 06:18:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BFB74F8A-365B-49F5-8F4B-5D5CA9E8755F}> in the current context!
Error: Unable to interpret <[2012.05.02 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner> in the current context!
Error: Unable to interpret <[2012.05.02 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A2610B38-F0FE-48E9-8BA6-F17E1BCB20BE}> in the current context!
Error: Unable to interpret <[2012.05.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C84BD7D6-CC5B-4AC7-9E3B-2949462132D5}> in the current context!
Error: Unable to interpret <[2012.05.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76B93B11-A02B-4755-8C3F-65B175DB9F68}> in the current context!
Error: Unable to interpret <[2012.05.01 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372D01FA-4BBB-4C33-ACCB-533AC7A11C4A}> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US> in the current context!
Error: Unable to interpret <[2012.05.01 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb> in the current context!
Error: Unable to interpret <[2012.05.01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{5511AB08-1126-4D06-8E12-3FBC1F032EF7}> in the current context!
Error: Unable to interpret <[2012.05.01 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{64FF208D-0BFE-4175-BA5F-23E26932B09F}> in the current context!
Error: Unable to interpret <[2012.04.30 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372C89B6-9AE3-4188-8702-ED59DEACD2BD}> in the current context!
Error: Unable to interpret <[2012.04.30 21:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{40BA9362-3D78-4035-91C3-4AA18FE22552}> in the current context!
Error: Unable to interpret <[2012.04.30 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B97F158E-B79C-4603-B623-1B47B838A902}> in the current context!
Error: Unable to interpret <[2012.04.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76A15291-C1AE-4F69-A916-4FFFDBA14B51}> in the current context!
Error: Unable to interpret <[2012.04.29 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A505D8F9-449F-4144-BA72-E51EDDC5C114}> in the current context!
Error: Unable to interpret <[2012.04.29 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{600C320E-DB25-4A12-9E96-076AB101DCAE}> in the current context!
Error: Unable to interpret <[2012.04.29 09:30:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23B94CEA-1690-4844-9CDE-2E2090E6BC63}> in the current context!
Error: Unable to interpret <[2012.04.29 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{606BE038-F090-49BB-A55E-6628992E9B4E}> in the current context!
Error: Unable to interpret <[2012.04.28 10:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{514A2120-DF30-49C8-9F2D-2F0EDCD7793D}> in the current context!
Error: Unable to interpret <[2012.04.28 10:19:06 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E1D77E2C-D9BE-483A-9E4E-5A11DE05F4BA}> in the current context!
Error: Unable to interpret <[2012.04.27 22:17:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{DFDB8454-3822-44C6-83B7-DD90CCEDB878}> in the current context!
Error: Unable to interpret <[2012.04.27 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7AE06BC2-9EB4-4487-81B3-3945A698A71D}> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 06:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{424FEB80-7DD5-4290-A15A-25185CAE180E}> in the current context!
Error: Unable to interpret <[2012.04.27 06:23:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E73F308C-070E-48E0-AC5E-390B10FBFF4B}> in the current context!
Error: Unable to interpret <[2012.04.25 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CB476FD8-8A05-4CED-B3F6-BAEE6166D78A}> in the current context!
Error: Unable to interpret <[2012.04.25 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7564FD68-6D98-4691-B815-A5EF2C1474CD}> in the current context!
Error: Unable to interpret <[2012.04.25 07:41:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B816BF8D-2442-43E7-B479-D43FF1581FBA}> in the current context!
Error: Unable to interpret <[2012.04.25 07:40:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F9672FFE-98E4-49A3-BACC-4A3AC20EAAE4}> in the current context!
Error: Unable to interpret <[2012.04.24 19:37:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1A5EC984-8007-4ABB-B611-ACB5A76699BA}> in the current context!
Error: Unable to interpret <[2012.04.24 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CF335D44-7701-49DF-A3DC-E9B5BB4325C0}> in the current context!
Error: Unable to interpret <[2012.04.23 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39F9964F-3DAD-4507-A85B-9BEDC1E9D991}> in the current context!
Error: Unable to interpret <[2012.04.23 21:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76FCA07A-B82F-4DD8-A308-DC0B4DD8B11A}> in the current context!
Error: Unable to interpret <[2012.04.23 09:30:23 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3C81FC27-FCF6-4BA9-A30E-B8CB8A8D0D67}> in the current context!
Error: Unable to interpret <[2012.04.23 09:29:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2315DE57-18F3-4CCC-A095-E45884A6FA6D}> in the current context!
Error: Unable to interpret <[2012.04.22 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0932B65B-A834-43CB-A75D-08B8E75CA20F}> in the current context!
Error: Unable to interpret <[2012.04.22 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{73FC3CBA-D3F8-4590-A437-3EA625BDD5B0}> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\TomTom> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V> in the current context!
Error: Unable to interpret <[2012.04.22 13:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3> in the current context!
Error: Unable to interpret <[2012.04.22 09:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CD0AA4D6-7B8C-4BE4-AB27-CA6E872014EF}> in the current context!
Error: Unable to interpret <[2012.04.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0805C92A-3A23-4B4D-B15B-EEA12BF94E35}> in the current context!
Error: Unable to interpret <[2012.04.21 09:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A485EB71-9F5B-49D8-A1B1-16CD107BAB31}> in the current context!
Error: Unable to interpret <[2012.04.21 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39E38C82-7E32-4D4F-877C-5129FEEFB05F}> in the current context!
Error: Unable to interpret <[2012.04.20 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D0C36A2C-8167-46B0-A126-99837631AA95}> in the current context!
Error: Unable to interpret <[2012.04.20 09:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{4BD24961-F921-4FF0-80FF-DDE17F28E297}> in the current context!
Error: Unable to interpret <[2012.04.19 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{20FF69E4-251E-4ACD-8548-FB21F3DC4281}> in the current context!
Error: Unable to interpret <[2012.04.19 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76BE9DDB-0063-4A0B-9EBD-2587612D6DB5}> in the current context!
Error: Unable to interpret <[2012.04.19 06:27:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{88AEB8B9-2870-4B49-BD9A-4F93115913AA}> in the current context!
Error: Unable to interpret <[2012.04.19 06:26:50 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{8DE1291F-AD4F-40CF-9A0E-8AAAB29F243E}> in the current context!
Error: Unable to interpret <[2012.04.18 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7A6D065E-7DC6-444D-B498-A8C72CC5BA25}> in the current context!
Error: Unable to interpret <[2012.04.18 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3E002CD0-9420-4825-8D62-96C835E7BB4E}> in the current context!
Error: Unable to interpret <[2012.04.17 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B80C12CB-84F6-4669-8365-299E3BBDDE16}> in the current context!
Error: Unable to interpret <[2012.04.17 08:54:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2D143E00-5F0A-41B2-9616-D77C86B736F0}> in the current context!
Error: Unable to interpret <[2012.04.16 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F0C7E53F-6911-4ED7-B327-6DE685F77C19}> in the current context!
Error: Unable to interpret <[2012.04.16 20:51:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C3E9D653-CF77-48D7-B2EE-ADA78798D226}> in the current context!
Error: Unable to interpret <[2012.04.16 06:13:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E50E526C-F69A-499A-9671-E7BF6457343E}> in the current context!
Error: Unable to interpret <[2012.04.16 06:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA6D7BC7-5DFD-425E-B650-12C726AC9409}> in the current context!
Error: Unable to interpret <[2012.04.15 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0D83490E-4813-43B5-85C0-57B1C51FEF64}> in the current context!
Error: Unable to interpret <[2012.04.15 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{080A9781-DCA2-4C43-A6A3-DC36A4AC79DC}> in the current context!
Error: Unable to interpret <[2012.04.14 23:28:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{60546FA4-5931-499D-A7EC-A10B6BC3E266}> in the current context!
Error: Unable to interpret <[2012.04.14 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{26268009-3C6C-4AFF-9C0C-67E52C7DA117}> in the current context!
Error: Unable to interpret <[2012.04.14 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{50742359-0284-4A9A-BDCC-F23BA679EE3A}> in the current context!
Error: Unable to interpret <[2012.04.14 08:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D881C6EC-DD38-4160-8270-9582BE91A984}> in the current context!
Error: Unable to interpret <[2012.04.13 06:33:28 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{22C010A9-4B0F-48E1-840C-7AA99763F8DE}> in the current context!
Error: Unable to interpret <[2012.04.13 06:33:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{71571163-7AA2-445F-BF9A-DE37C1A53364}> in the current context!
Error: Unable to interpret <[2012.04.13 06:29:03 | 000,000,000 | ---D | C] -- C:\Windows\de> in the current context!
Error: Unable to interpret <[2012.04.13 06:24:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi> in the current context!
Error: Unable to interpret <[2012.04.13 06:07:51 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1624BD53-287D-4A19-8AB3-5D4FBD002853}> in the current context!
Error: Unable to interpret <[2012.04.12 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC2A6BDD-5922-43A7-B18F-8900F9380397}> in the current context!
Error: Unable to interpret <[2012.04.11 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B7A63172-9737-425A-9450-04D3138F1685}> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012.04.11 07:09:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe> in the current context!
Error: Unable to interpret <[2012.04.11 07:09:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe> in the current context!
Error: Unable to interpret <[2012.04.11 06:19:38 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{537025EF-335E-4ED6-A048-AD852FA5B039}> in the current context!
Error: Unable to interpret <[2012.04.10 12:22:20 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B72D0D68-CB92-43F0-BBA8-BEB6AA98547A}> in the current context!
Error: Unable to interpret <[2012.04.09 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3A2B281E-499B-412F-B3D4-73651782E8E5}> in the current context!
Error: Unable to interpret <[2012.04.09 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E3F9CA8C-E9BF-40EB-89C6-8A859477F68C}> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:51 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:51 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:50 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVIDEOSOFT> in the current context!
Error: Unable to interpret <[2012.04.08 16:01:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC80ECD7-FBE4-411D-8F95-00E3617328F4}> in the current context!
Error: Unable to interpret <[2012.04.08 00:52:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{6E28C1E6-9942-4C2F-842F-F00F119D34CD}> in the current context!
Error: Unable to interpret <[2012.04.07 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BF3E2201-0078-4601-B7C2-53BE3E78C858}> in the current context!
Error: Unable to interpret <[2012.04.06 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{48E2FC20-40DA-42D5-9F6F-0D2B19FC8A67}> in the current context!
Error: Unable to interpret <[2012.04.06 08:27:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{83DBFD34-806D-4049-90AF-5998412AB540}> in the current context!
Error: Unable to interpret <[2012.04.05 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{45C88743-4F5D-4E04-9333-7BD4CC1C8C4B}> in the current context!
Error: Unable to interpret <[2012.04.05 06:34:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C8DB777A-144F-4BB9-A78F-EAA45C42ADCE}> in the current context!
Error: Unable to interpret <[2012.04.04 07:39:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA8C5E62-1896-4707-BC32-281051F78A4E}> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.04 06:58:12 | 002,359,296 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT> in the current context!
Error: Unable to interpret <[2012.05.04 06:46:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job> in the current context!
Error: Unable to interpret <[2012.05.04 06:19:10 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini> in the current context!
Error: Unable to interpret <[2012.05.04 06:18:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT> in the current context!
Error: Unable to interpret <[2012.05.04 06:18:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.05.04 06:18:18 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.05.03 22:53:49 | 001,762,066 | -H-- | M] () -- C:\Users\Rike\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012.05.03 22:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.05.02 22:42:29 | 000,000,822 | ---- | M] () -- C:\Users\Rike\Documents\CCleaner.lnk> in the current context!
Error: Unable to interpret <[2012.05.02 20:40:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,001,109 | ---- | M] () -- C:\Users\Rike\Documents\  Malwarebytes Anti-Malware  .lnk> in the current context!
Error: Unable to interpret <[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 11:24:35 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRike.job> in the current context!
Error: Unable to interpret <[2012.04.14 09:08:07 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe> in the current context!
Error: Unable to interpret <[2012.04.14 09:08:07 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2012.04.14 09:07:09 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:00 | 000,001,239 | ---- | M] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,001,398 | ---- | M] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.03 09:53:08 | 000,000,822 | ---- | C] () -- C:\Users\Rike\Documents\CCleaner.lnk> in the current context!
Error: Unable to interpret <[2012.05.03 09:52:55 | 000,001,109 | ---- | C] () -- C:\Users\Rike\Documents\  Malwarebytes Anti-Malware  .lnk> in the current context!
Error: Unable to interpret <[2012.05.02 12:42:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job> in the current context!
Error: Unable to interpret <[2012.05.01 23:15:13 | 001,762,066 | -H-- | C] () -- C:\Users\Rike\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 23:13:34 | 000,001,239 | ---- | C] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,001,398 | ---- | C] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk> in the current context!
Error: Unable to interpret <[2012.01.02 23:08:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.11.09 21:10:49 | 000,061,392 | ---- | C] () -- C:\Users\Rike\AppData\Local\GDIPFONTCACHEV1.DAT> in the current context!
Error: Unable to interpret <[2011.06.08 00:26:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin> in the current context!
Error: Unable to interpret <[2011.05.13 11:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.13 11:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.13 11:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.10 09:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini> in the current context!
Error: Unable to interpret <[2010.12.21 02:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll> in the current context!
Error: Unable to interpret <[2010.12.16 01:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.02.27 02:49:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AlawarEntertainment> in the current context!
Error: Unable to interpret <[2012.03.08 13:36:23 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Artogon> in the current context!
Error: Unable to interpret <[2012.01.09 22:22:47 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG> in the current context!
Error: Unable to interpret <[2011.11.10 08:33:58 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG2012> in the current context!
Error: Unable to interpret <[2012.03.06 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Awem> in the current context!
Error: Unable to interpret <[2012.03.05 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Blue Tea Games> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:09 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2012.03.12 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EleFun Games> in the current context!
Error: Unable to interpret <[2012.01.22 15:06:11 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EnchantedCavern> in the current context!
Error: Unable to interpret <[2012.03.07 14:38:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Enki Games> in the current context!
Error: Unable to interpret <[2012.01.16 22:08:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Epson> in the current context!
Error: Unable to interpret <[2012.01.22 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\ERS Game Studios> in the current context!
Error: Unable to interpret <[2012.01.11 13:35:38 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\FamilyVacationCalifornia> in the current context!
Error: Unable to interpret <[2012.03.06 13:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Frogwares> in the current context!
Error: Unable to interpret <[2012.05.01 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb> in the current context!
Error: Unable to interpret <[2012.03.25 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\HitPoint Studios> in the current context!
Error: Unable to interpret <[2012.01.03 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Lexware> in the current context!
Error: Unable to interpret <[2012.03.09 14:00:02 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Orneon> in the current context!
Error: Unable to interpret <[2012.02.19 00:18:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\PlayPond> in the current context!
Error: Unable to interpret <[2012.04.24 08:37:21 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\SoftGrid Client> in the current context!
Error: Unable to interpret <[2011.11.09 21:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Synaptics> in the current context!
Error: Unable to interpret <[2012.01.02 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\TP> in the current context!
Error: Unable to interpret <[2012.01.22 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vast Studios> in the current context!
Error: Unable to interpret <[2012.04.27 14:04:00 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vogat Interactive> in the current context!
Error: Unable to interpret <[2012.01.04 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Windows Live Writer> in the current context!
Error: Unable to interpret <[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job> in the current context!
Error: Unable to interpret <[2012.05.04 06:46:02 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job> in the current context!
Error: Unable to interpret <[2012.04.18 06:13:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DBC3D477> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7> in the current context!
Error: Unable to interpret << End of report >
         
--- --- --- > in the current context! Error: Unable to interpret < > in the current context! OTL by OldTimer - Version 3.2.42.2 log created on 05042012_075330

Alt 04.05.2012, 07:02   #8
rike42
 
trojaner durch email - Standard

trojaner durch email



[/CODE]Error: Unable to interpret <OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.05.2012 06:58:01 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <1,60 Gb Total Physical Memory | 0,41 Gb Available Physical Memory | 25,57% Memory free> in the current context!
Error: Unable to interpret <3,21 Gb Paging File | 1,65 Gb Available in Paging File | 51,53% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 217,64 Gb Total Space | 177,07 Gb Free Space | 81,36% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Extra Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== File Associations ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Shell Spawning ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]> in the current context!
Error: Unable to interpret <batfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cmdfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)> in the current context!
Error: Unable to interpret <exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <helpfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"> in the current context!
Error: Unable to interpret <inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <piffile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <regfile [merge] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <scrfile [config] -- "%1"> in the current context!
Error: Unable to interpret <scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l> in the current context!
Error: Unable to interpret <scrfile [open] -- "%1" /S> in the current context!
Error: Unable to interpret <txtfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1> in the current context!
Error: Unable to interpret <Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [explore] -- Reg Error: Value error.> in the current context!
Error: Unable to interpret <Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Security Center Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Firewall Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Authorized Applications List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Open Ports Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{03ECD95A-DDB5-4F14-AB02-BC2E19782C11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{049671D1-78F8-41A2-A39B-29C1172957E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{154BD470-FB92-4C2B-8BF0-6BB4C3FFE159}" = rport=138 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{15873059-A33A-4654-8446-2172B36ACB8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{36C612D6-7280-4732-91BC-DF942AC715E9}" = lport=445 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{3CDB6771-3218-4D4C-BFBD-28C6A6817191}" = rport=10243 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{47B845F3-B3B6-46F6-997F-CAF7F377C1F6}" = lport=137 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{4DB0B9A7-B5BF-423D-B07A-4E426F412B22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | > in the current context!
Error: Unable to interpret <"{6306839A-108A-4E1C-BBCA-31508170B15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{73F2E517-CB79-4737-B4B7-95B02D48BF09}" = lport=10243 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{73F8720F-EFFD-4961-9B14-802863F11E5A}" = rport=137 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{787943CD-902C-4C88-AD80-DB3910221CD8}" = lport=138 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{7BBFD59E-ECDC-4F47-9C0B-A27CBCA2B52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{9669D44C-F0CD-42D2-93D9-BFD58C56C17F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{96B3896A-5415-4EA2-8E5C-9695A1639DD6}" = rport=445 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{9DB446A5-417B-48BE-8343-F927AF283549}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | > in the current context!
Error: Unable to interpret <"{9EE156F6-330D-4735-92BB-B054EBF5CF85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | > in the current context!
Error: Unable to interpret <"{BBE678D5-E3FE-494C-BEC6-A9984AAEFEBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{CD43471F-73DB-4B61-8B08-637C0D952D72}" = lport=139 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{D2408D74-6C6A-4C81-8A5D-0BD088CCF264}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{D7BD90BE-D33B-48E6-88DE-AFC9B4937047}" = rport=139 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{D839CBCE-2D23-449B-BEC2-307FA44CBC1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | > in the current context!
Error: Unable to interpret <"{DC2B4737-9DAB-470F-AD90-0692ABC8F82B}" = lport=2869 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Application Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | > in the current context!
Error: Unable to interpret <"{053E10F6-72C1-4762-9CE4-43C04FBF1220}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | > in the current context!
Error: Unable to interpret <"{07B3E68F-C791-4677-88E1-536DC250B92A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | > in the current context!
Error: Unable to interpret <"{13636BBF-7207-43C5-810D-F855726413A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | > in the current context!
Error: Unable to interpret <"{1E7E82B0-0BF3-4EED-BB1C-D00E0C51F29E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | > in the current context!
Error: Unable to interpret <"{1FBBF5FA-7E13-427F-B359-682272E9ACA2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | > in the current context!
Error: Unable to interpret <"{3301D0B0-EE8A-4D38-AFC5-1C1900C47BCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{3427A715-C1DA-43B5-B154-D78201E68EEB}" = dir=in | app=c:\users\rike\appdata\local\facebook\video\skype\facebookvideocalling.exe | > in the current context!
Error: Unable to interpret <"{40D8DF87-812C-4EA1-B656-146E0F81D9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | > in the current context!
Error: Unable to interpret <"{421FEC94-B444-4FFA-894F-F7323E3D8CE7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | > in the current context!
Error: Unable to interpret <"{4574816C-82BE-4C2B-BADC-4065FDC73B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{6195A76B-9537-408B-8412-819C66579956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{66BDA8F1-6214-40CE-8EDF-7B87BAE40E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{6E754F93-7F9C-49DD-BF86-3D343673FDA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{72AAF7CC-66C3-4B70-8080-BD1885857F42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{7D85B0E6-3EF5-4654-AA92-38DCBEF57206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{856E656B-F109-4DA4-BC96-4B0922A7639F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | > in the current context!
Error: Unable to interpret <"{88AD83AF-DF44-467D-8724-2215FA99E655}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{997147F1-2D44-42CC-AC4A-E11151D3C799}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{9B640A1B-27B7-4A70-A49B-C3E1C56C33C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{9FFC7719-01C5-4322-961E-37EE85831C90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{AEB1CA98-425A-4A5B-B6B2-04560429AE9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{AFDDE5C7-C402-43AB-9737-9EDAE9C17EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | > in the current context!
Error: Unable to interpret <"{B364CA41-9339-41F2-AEB9-47EDB03641BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | > in the current context!
Error: Unable to interpret <"{B46CA818-E5F1-42DB-9013-0D2E0C3397D2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | > in the current context!
Error: Unable to interpret <"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | > in the current context!
Error: Unable to interpret <"{DD914877-A81B-4B72-8E0D-FB36F01D4CCE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | > in the current context!
Error: Unable to interpret <"{E618FDB4-CC5C-4904-B278-E4AC0253C635}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | > in the current context!
Error: Unable to interpret <"{EB6C49F6-4D89-4A1E-841A-2E823DA5CC39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | > in the current context!
Error: Unable to interpret <"{EB885D67-D55E-4FF7-91A9-99206858746D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | > in the current context!
Error: Unable to interpret <"{F3D0E4F6-93E5-491D-8F90-D3812AE3E3C8}" = protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{F6674586-F182-42DA-8A9A-55E0439D851E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{FAB1F7E9-E7FF-42DA-AB3A-5EB76FFBFC5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{FE43BF80-6AEB-472E-BDF8-0188D5D08765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_LOCAL_MACHINE Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam> in the current context!
Error: Unable to interpret <"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup> in the current context!
Error: Unable to interpret <"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion> in the current context!
Error: Unable to interpret <"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements> in the current context!
Error: Unable to interpret <"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer> in the current context!
Error: Unable to interpret <"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility> in the current context!
Error: Unable to interpret <"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display> in the current context!
Error: Unable to interpret <"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger> in the current context!
Error: Unable to interpret <"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources> in the current context!
Error: Unable to interpret <"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update> in the current context!
Error: Unable to interpret <"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions> in the current context!
Error: Unable to interpret <"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31> in the current context!
Error: Unable to interpret <"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech> in the current context!
Error: Unable to interpret <"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation> in the current context!
Error: Unable to interpret <"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App> in the current context!
Error: Unable to interpret <"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery> in the current context!
Error: Unable to interpret <"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery> in the current context!
Error: Unable to interpret <"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack> in the current context!
Error: Unable to interpret <"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7> in the current context!
Error: Unable to interpret <"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2> in the current context!
Error: Unable to interpret <"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime> in the current context!
Error: Unable to interpret <"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater> in the current context!
Error: Unable to interpret <"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module> in the current context!
Error: Unable to interpret <"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack> in the current context!
Error: Unable to interpret <"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian> in the current context!
Error: Unable to interpret <"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian> in the current context!
Error: Unable to interpret <"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French> in the current context!
Error: Unable to interpret <"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module> in the current context!
Error: Unable to interpret <"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai> in the current context!
Error: Unable to interpret <"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish> in the current context!
Error: Unable to interpret <"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE> in the current context!
Error: Unable to interpret <"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish> in the current context!
Error: Unable to interpret <"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static> in the current context!
Error: Unable to interpret <"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek> in the current context!
Error: Unable to interpret <"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish> in the current context!
Error: Unable to interpret <"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)> in the current context!
Error: Unable to interpret <"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese> in the current context!
Error: Unable to interpret <"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core> in the current context!
Error: Unable to interpret <"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159> in the current context!
Error: Unable to interpret <"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform> in the current context!
Error: Unable to interpret <"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver> in the current context!
Error: Unable to interpret <"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight> in the current context!
Error: Unable to interpret <"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime> in the current context!
Error: Unable to interpret <"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core> in the current context!
Error: Unable to interpret <"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT> in the current context!
Error: Unable to interpret <"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch> in the current context!
Error: Unable to interpret <"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English> in the current context!
Error: Unable to interpret <"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010> in the current context!
Error: Unable to interpret <"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese> in the current context!
Error: Unable to interpret <"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161> in the current context!
Error: Unable to interpret <"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail> in the current context!
Error: Unable to interpret <"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish> in the current context!
Error: Unable to interpret <"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common> in the current context!
Error: Unable to interpret <"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy> in the current context!
Error: Unable to interpret <"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch> in the current context!
Error: Unable to interpret <"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh> in the current context!
Error: Unable to interpret <"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework> in the current context!
Error: Unable to interpret <"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie> in the current context!
Error: Unable to interpret <"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail> in the current context!
Error: Unable to interpret <"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)> in the current context!
Error: Unable to interpret <"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager> in the current context!
Error: Unable to interpret <"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo> in the current context!
Error: Unable to interpret <"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean> in the current context!
Error: Unable to interpret <"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader> in the current context!
Error: Unable to interpret <"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian> in the current context!
Error: Unable to interpret <"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program> in the current context!
Error: Unable to interpret <"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections> in the current context!
Error: Unable to interpret <"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager> in the current context!
Error: Unable to interpret <"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German> in the current context!
Error: Unable to interpret <"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier> in the current context!
Error: Unable to interpret <"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform> in the current context!
Error: Unable to interpret <"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64> in the current context!
Error: Unable to interpret <"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform> in the current context!
Error: Unable to interpret <"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish> in the current context!
Error: Unable to interpret <"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh> in the current context!
Error: Unable to interpret <"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86> in the current context!
Error: Unable to interpret <"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10> in the current context!
Error: Unable to interpret <"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish> in the current context!
Error: Unable to interpret <"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All> in the current context!
Error: Unable to interpret <"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional> in the current context!
Error: Unable to interpret <"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger> in the current context!
Error: Unable to interpret <"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1> in the current context!
Error: Unable to interpret <"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding> in the current context!
Error: Unable to interpret <"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch> in the current context!
Error: Unable to interpret <"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module> in the current context!
Error: Unable to interpret <"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]> in the current context!
Error: Unable to interpret <"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch> in the current context!
Error: Unable to interpret <"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver> in the current context!
Error: Unable to interpret <"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian> in the current context!
Error: Unable to interpret <"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2> in the current context!
Error: Unable to interpret <"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard> in the current context!
Error: Unable to interpret <"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables> in the current context!
Error: Unable to interpret <"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR> in the current context!
Error: Unable to interpret <"Adobe AIR" = Adobe AIR> in the current context!
Error: Unable to interpret <"BFGC" = Big Fish Games: Game Manager> in the current context!
Error: Unable to interpret <"BFG-Guardians of Beyond - Hexenhausen Sammleredition" = Guardians of Beyond: Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch> in the current context!
Error: Unable to interpret <"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver> in the current context!
Error: Unable to interpret <"EPSON Scanner" = EPSON Scan> in the current context!
Error: Unable to interpret <"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319> in the current context!
Error: Unable to interpret <"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam> in the current context!
Error: Unable to interpret <"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400> in the current context!
Error: Unable to interpret <"Message Faces for IE" = Message Faces für Internet Explorer (remove only)> in the current context!
Error: Unable to interpret <"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)> in the current context!
Error: Unable to interpret <"MyTomTom" = MyTomTom 3.1.0.530> in the current context!
Error: Unable to interpret <"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010> in the current context!
Error: Unable to interpret <"PDF Complete" = PDF Complete Special Edition> in the current context!
Error: Unable to interpret <"SFT_de3 Toolbar" = SFT_de3 Toolbar> in the current context!
Error: Unable to interpret <"WildTangent hp Master Uninstall" = HP Games> in the current context!
Error: Unable to interpret <"WinLiveSuite" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"WT087330" = Bounce Symphony> in the current context!
Error: Unable to interpret <"WT087361" = FATE> in the current context!
Error: Unable to interpret <"WT087393" = Mah Jong Medley> in the current context!
Error: Unable to interpret <"WT087394" = Penguins!> in the current context!
Error: Unable to interpret <"WT087396" = Polar Bowler> in the current context!
Error: Unable to interpret <"WT087490" = Jewel Quest Solitaire> in the current context!
Error: Unable to interpret <"WT087510" = Slingo Deluxe> in the current context!
Error: Unable to interpret <"WT087513" = Virtual Villagers - The Secret City> in the current context!
Error: Unable to interpret <"WT087519" = Wedding Dash> in the current context!
Error: Unable to interpret <"WT087536" = Diner Dash 2 Restaurant Rescue> in the current context!
Error: Unable to interpret <"WT089308" = Blasterball 3> in the current context!
Error: Unable to interpret <"WT089328" = Farm Frenzy> in the current context!
Error: Unable to interpret <"WT089359" = Cake Mania> in the current context!
Error: Unable to interpret <"WT089362" = Agatha Christie - Peril at End House> in the current context!
Error: Unable to interpret <"WT089453" = Bejeweled 2 Deluxe> in the current context!
Error: Unable to interpret <"WT089454" = Chuzzle Deluxe> in the current context!
Error: Unable to interpret <"WT089455" = Zuma Deluxe> in the current context!
Error: Unable to interpret <"WT089458" = Plants vs. Zombies - Game of the Year> in the current context!
Error: Unable to interpret <"WT089460" = Mystery P.I. - The London Caper> in the current context!
Error: Unable to interpret <"WT089484" = Namco All-Stars PAC-MAN> in the current context!
Error: Unable to interpret <"WT089492" = Crazy Chicken Kart 2> in the current context!
Error: Unable to interpret <"WT089493" = Fishdom> in the current context!
Error: Unable to interpret <"WT089497" = Big Rig Europe> in the current context!
Error: Unable to interpret <"WTA-40a22801-9cef-4790-bda0-5ce7b7ef0c83" = Red Crow Mysteries: Legion> in the current context!
Error: Unable to interpret <"WTA-fdb7ada1-e72d-44b5-a7cd-eb1f008c8c3b" = Family Vacation: California> in the current context!
Error: Unable to interpret <"XobniMain" = Xobni> in the current context!
Error: Unable to interpret <"Yahoo! Companion" = Yahoo! Toolbar> in the current context!
Error: Unable to interpret <"Yahoo! Messenger" = Yahoo! Messenger> in the current context!
Error: Unable to interpret <"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung> in the current context!
Error: Unable to interpret <"Yahoo! Software Update" = Yahoo! Software Update> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_USERS Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Last 10 Event Log Errors ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ Application Events ]> in the current context!
Error: Unable to interpret <Error - 16.04.2012 14:50:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 17.04.2012 00:24:56 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.04.2012 00:14:42 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.04.2012 05:08:55 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 19.04.2012 00:25:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 19.04.2012 04:24:30 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 19.04.2012 14:17:41 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.04.2012 00:16:34 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.04.2012 03:28:21 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 21.04.2012 03:52:51 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ Hewlett-Packard Events ]> in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der> in the current context!
Error: Unable to interpret < Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator> in the current context!
Error: Unable to interpret <Name:> in the current context!
Error: Unable to interpret < HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support> in the current context!
Error: Unable to interpret < Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der> in the current context!
Error: Unable to interpret < Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator> in the current context!
Error: Unable to interpret <Name:> in the current context!
Error: Unable to interpret < HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support> in the current context!
Error: Unable to interpret < Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:00:23 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:06:26 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:07:06 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 06:52:59 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 06:58:02 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:01:07 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:28:18 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ HP Software Framework Events ]> in the current context!
Error: Unable to interpret <Error - 09.12.2011 12:09:17 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.09 17:09:17.705|00000288|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 11.12.2011 18:22:20 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.11 23:22:20.964|00001010|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 24.12.2011 15:19:00 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.24 20:19:00.515|00000E88|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:58:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.31 10:58:16.748|000016A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 06.01.2012 07:46:50 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.06 12:46:50.438|00001508|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:51:02 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:51:02.378|000003A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:53:07 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:53:07.355|000016A4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:53:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:53:16.478|00000D70|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:01:53 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.27 12:01:53.617|00001B50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.04.2012 10:07:13 | Computer Name = Rike-HP | Source = hpqWmiEx | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012/04/05 16:07:13.621|00001230|Error      |ChpqWmiExModule::Start|StartServiceCtrlDispatcher> in the current context!
Error: Unable to interpret < FAILED. Error: 1063> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ HP Wireless Assistant Events ]> in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:40:03 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:41:09 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:41:15 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:42:20 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:42:25 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:43:31 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:43:36 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 15.01.2012 17:11:28 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter> in the current context!
Error: Unable to interpret < abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.> in the current context!
Error: Unable to interpret <   bei System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount,> in the current context!
Error: Unable to interpret < IWbemClassObject_DoNotMarshal[] apObjects, UInt32& puReturned)     bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware> in the current context!
Error: Unable to interpret < radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei > in the current context!
Error: Unable to interpret <System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ System Events ]> in the current context!
Error: Unable to interpret <Error - 03.05.2012 00:17:32 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 03:52:34 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 03:52:54 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 03:52:54 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 03.05.2012 14:11:22 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 00:19:49 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 00:20:11 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 00:20:11 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >
         
--- --- ---
> in the current context!
Error: Unable to interpret < > in the current context!

OTL by OldTimer - Version 3.2.42.2 log created on 05042012_075522
[/CODE]

Alt 04.05.2012, 07:35   #9
kira
/// Helfer-Team
 
trojaner durch email - Standard

trojaner durch email



1.
das OTL-Fixes hast Du falsch gemacht! alles was rot markiert, bitte im Textfeld reinkopieren!:

Code:
ATTFilter
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17284
IE - HKCU\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6
IE - HKCU\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKCU\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://de.yahoo.com/"
FF - prefs.js..keyword.URL,h: h", "http://search.babylon.com/?babsrc=KW_def&AF=17284&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
[2012.03.21 07:29:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\ffxtlbr@babylon.com
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe
[2012.05.02 21:46:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DBC3D477
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
         
2.
dann werd ich erneut ein neues OTL-Log benötigen
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 05.05.2012, 09:03   #10
rike42
 
trojaner durch email - Standard

trojaner durch email



sorry kira bin nicht so der experte meinst du das rot gefärbte ohne kopieren ganz normal bin gerade etwas überfordert sorry
lg rike

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=17284
IE - HKCU\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKCU\..\SearchScopes\{5EA72F6D-3185-4A87-8C0C-719FFBA445A9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=88B70714-6DF2-455B-95D3-0968C5107861&apn_sauid=5720F0EF-5C64-4A88-A671-5F7746C1E6A6
IE - HKCU\..\SearchScopes\{6AF0CFEB-2F27-437D-83C7-E3491EEF71BB}: "URL" = hxxp://www.flickr.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={6503C312-F4D4-4E6A-8EDF-A6B39EA2FB4B}&mid=d7d799703d7c47d1bf9db9ea82222fa3-fe511b85a96a73512abb5961ae73de409e13cdee&lang=de&ds=AVG&pr=fr&d=2011-11-10 07:30:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKCU\..\SearchScopes\{B638A15E-84DA-4516-A156-A80647E158F8}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine,S: S", "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/"
FF - prefs.js..keyword.URL,h: h", "hxxp://search.babylon.com/?babsrc=KW_def&AF=17284&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
[2012.03.21 07:29:03 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\ffxtlbr@babylon.com
[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
[2012.03.19 19:05:53 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.01.29 15:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 16:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 16:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Program Files (x86)\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae1d76e-0af3-11e1-b03b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a9088-0f49-11e1-889a-68a3c4c6c650}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\iStudio.exe
[2012.05.02 21:46:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001UA.job
[2012.05.01 09:46:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-688040076-4065842808-1344549600-1001Core.job
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:8AE92FD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:F56BE392
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:012BC84F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2AD33723
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:90C320E1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:51E66512
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TempBC3D477
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1416AAA6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AFC732F7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:47FE7AB7

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

habe es jetzt einfach so gemacht wenns wieder falsch ist entschuldige ich mich gleich jetzt dafür komme mit manchen sachen nicht gleich zu recht oder ich verstehe teilweise die erklärungen nicht ist alles etwas komliziert gerade

Code:
ATTFilter
Error: Unable to interpret <OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.05.2012 10:35:01 - Run 4> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <1,60 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 34,13% Memory free> in the current context!
Error: Unable to interpret <3,21 Gb Paging File | 1,45 Gb Available in Paging File | 45,07% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 217,64 Gb Total Space | 178,32 Gb Free Space | 81,93% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2012.05.02 21:37:58 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Downloads\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe> in the current context!
Error: Unable to interpret <PRC - [2012.01.29 18:12:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe> in the current context!
Error: Unable to interpret <PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe> in the current context!
Error: Unable to interpret <PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe> in the current context!
Error: Unable to interpret <PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe> in the current context!
Error: Unable to interpret <PRC - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe> in the current context!
Error: Unable to interpret <PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe> in the current context!
Error: Unable to interpret <PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2012.01.29 18:12:47 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - [2012.04.14 09:08:07 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)> in the current context!
Error: Unable to interpret <SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)> in the current context!
Error: Unable to interpret <SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)> in the current context!
Error: Unable to interpret <SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)> in the current context!
Error: Unable to interpret <SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)> in the current context!
Error: Unable to interpret <SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)> in the current context!
Error: Unable to interpret <SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)> in the current context!
Error: Unable to interpret <SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)> in the current context!
Error: Unable to interpret <SRV - [2011.02.25 02:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)> in the current context!
Error: Unable to interpret <SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)> in the current context!
Error: Unable to interpret <SRV - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)> in the current context!
Error: Unable to interpret <SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)> in the current context!
Error: Unable to interpret <SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)> in the current context!
Error: Unable to interpret <SRV - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)> in the current context!
Error: Unable to interpret <SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)> in the current context!
Error: Unable to interpret <SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)> in the current context!
Error: Unable to interpret <SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)> in the current context!
Error: Unable to interpret <SRV - [2010.07.21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)> in the current context!
Error: Unable to interpret <SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)> in the current context!
Error: Unable to interpret <SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)> in the current context!
Error: Unable to interpret <SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)> in the current context!
Error: Unable to interpret <SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)> in the current context!
Error: Unable to interpret <SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)> in the current context!
Error: Unable to interpret <SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)> in the current context!
Error: Unable to interpret <DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)> in the current context!
Error: Unable to interpret <DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = > in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = > in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = > in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rike\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 12:16:43 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.03.12 19:20:31 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012.03.19 19:30:20 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.14 12:34:40 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.01.12 07:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.05.03 10:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions> in the current context!
Error: Unable to interpret <[2012.01.26 08:06:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2012.03.20 07:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2012.03.14 12:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions> in the current context!
Error: Unable to interpret <() (No name found) -- C:\USERS\RIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\65VEOSUJ.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI> in the current context!
Error: Unable to interpret <[2012.01.29 18:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.03.12 19:19:41 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.01.29 16:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll (WinZip Computing, S.L.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [Facebook Update] C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)> in the current context!
Error: Unable to interpret <O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FF78FB-77BC-466E-ADB6-7D23B90C1116}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902AAE46-0D3F-4F1B-99F7-8FF393AD700C}: DhcpNameServer = 192.168.178.1> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.04 22:49:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E19C20E3-EECE-489C-94E1-613CA6B2F1FE}> in the current context!
Error: Unable to interpret <[2012.05.04 22:49:26 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CEE9C4B0-9A51-443F-987C-57E5C9D6BF1B}> in the current context!
Error: Unable to interpret <[2012.05.04 08:38:02 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\SUPERAntiSpyware.com> in the current context!
Error: Unable to interpret <[2012.05.04 08:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware> in the current context!
Error: Unable to interpret <[2012.05.04 08:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com> in the current context!
Error: Unable to interpret <[2012.05.04 08:20:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{03C98771-8EFD-430D-8126-889B7DE92CDB}> in the current context!
Error: Unable to interpret <[2012.05.04 08:19:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C8D85BD6-07E3-408A-89CA-A6ABE473FA6F}> in the current context!
Error: Unable to interpret <[2012.05.04 07:43:14 | 000,000,000 | ---D | C] -- C:\_OTL> in the current context!
Error: Unable to interpret <[2012.05.03 20:13:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F4747EE8-3DFF-4360-81B7-220EA36B7DD7}> in the current context!
Error: Unable to interpret <[2012.05.03 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{13615E33-8016-4355-88E1-3F0928C0AFD0}> in the current context!
Error: Unable to interpret <[2012.05.03 06:18:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{86890D24-56DC-402F-B2BF-281C74B7AB90}> in the current context!
Error: Unable to interpret <[2012.05.03 06:18:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BFB74F8A-365B-49F5-8F4B-5D5CA9E8755F}> in the current context!
Error: Unable to interpret <[2012.05.02 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner> in the current context!
Error: Unable to interpret <[2012.05.02 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A2610B38-F0FE-48E9-8BA6-F17E1BCB20BE}> in the current context!
Error: Unable to interpret <[2012.05.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C84BD7D6-CC5B-4AC7-9E3B-2949462132D5}> in the current context!
Error: Unable to interpret <[2012.05.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76B93B11-A02B-4755-8C3F-65B175DB9F68}> in the current context!
Error: Unable to interpret <[2012.05.01 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372D01FA-4BBB-4C33-ACCB-533AC7A11C4A}> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409> in the current context!
Error: Unable to interpret <[2012.05.01 19:27:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US> in the current context!
Error: Unable to interpret <[2012.05.01 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb> in the current context!
Error: Unable to interpret <[2012.05.01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{5511AB08-1126-4D06-8E12-3FBC1F032EF7}> in the current context!
Error: Unable to interpret <[2012.05.01 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{64FF208D-0BFE-4175-BA5F-23E26932B09F}> in the current context!
Error: Unable to interpret <[2012.04.30 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372C89B6-9AE3-4188-8702-ED59DEACD2BD}> in the current context!
Error: Unable to interpret <[2012.04.30 21:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{40BA9362-3D78-4035-91C3-4AA18FE22552}> in the current context!
Error: Unable to interpret <[2012.04.30 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B97F158E-B79C-4603-B623-1B47B838A902}> in the current context!
Error: Unable to interpret <[2012.04.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76A15291-C1AE-4F69-A916-4FFFDBA14B51}> in the current context!
Error: Unable to interpret <[2012.04.29 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A505D8F9-449F-4144-BA72-E51EDDC5C114}> in the current context!
Error: Unable to interpret <[2012.04.29 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{600C320E-DB25-4A12-9E96-076AB101DCAE}> in the current context!
Error: Unable to interpret <[2012.04.29 09:30:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23B94CEA-1690-4844-9CDE-2E2090E6BC63}> in the current context!
Error: Unable to interpret <[2012.04.29 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{606BE038-F090-49BB-A55E-6628992E9B4E}> in the current context!
Error: Unable to interpret <[2012.04.28 10:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{514A2120-DF30-49C8-9F2D-2F0EDCD7793D}> in the current context!
Error: Unable to interpret <[2012.04.28 10:19:06 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E1D77E2C-D9BE-483A-9E4E-5A11DE05F4BA}> in the current context!
Error: Unable to interpret <[2012.04.27 22:17:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{DFDB8454-3822-44C6-83B7-DD90CCEDB878}> in the current context!
Error: Unable to interpret <[2012.04.27 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7AE06BC2-9EB4-4487-81B3-3945A698A71D}> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Beyond - Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <[2012.04.27 06:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{424FEB80-7DD5-4290-A15A-25185CAE180E}> in the current context!
Error: Unable to interpret <[2012.04.27 06:23:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E73F308C-070E-48E0-AC5E-390B10FBFF4B}> in the current context!
Error: Unable to interpret <[2012.04.25 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CB476FD8-8A05-4CED-B3F6-BAEE6166D78A}> in the current context!
Error: Unable to interpret <[2012.04.25 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7564FD68-6D98-4691-B815-A5EF2C1474CD}> in the current context!
Error: Unable to interpret <[2012.04.25 07:41:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B816BF8D-2442-43E7-B479-D43FF1581FBA}> in the current context!
Error: Unable to interpret <[2012.04.25 07:40:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F9672FFE-98E4-49A3-BACC-4A3AC20EAAE4}> in the current context!
Error: Unable to interpret <[2012.04.24 19:37:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1A5EC984-8007-4ABB-B611-ACB5A76699BA}> in the current context!
Error: Unable to interpret <[2012.04.24 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CF335D44-7701-49DF-A3DC-E9B5BB4325C0}> in the current context!
Error: Unable to interpret <[2012.04.23 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39F9964F-3DAD-4507-A85B-9BEDC1E9D991}> in the current context!
Error: Unable to interpret <[2012.04.23 21:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76FCA07A-B82F-4DD8-A308-DC0B4DD8B11A}> in the current context!
Error: Unable to interpret <[2012.04.23 09:30:23 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3C81FC27-FCF6-4BA9-A30E-B8CB8A8D0D67}> in the current context!
Error: Unable to interpret <[2012.04.23 09:29:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2315DE57-18F3-4CCC-A095-E45884A6FA6D}> in the current context!
Error: Unable to interpret <[2012.04.22 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0932B65B-A834-43CB-A75D-08B8E75CA20F}> in the current context!
Error: Unable to interpret <[2012.04.22 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{73FC3CBA-D3F8-4590-A437-3EA625BDD5B0}> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\TomTom> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom> in the current context!
Error: Unable to interpret <[2012.04.22 13:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V> in the current context!
Error: Unable to interpret <[2012.04.22 13:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3> in the current context!
Error: Unable to interpret <[2012.04.22 09:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CD0AA4D6-7B8C-4BE4-AB27-CA6E872014EF}> in the current context!
Error: Unable to interpret <[2012.04.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0805C92A-3A23-4B4D-B15B-EEA12BF94E35}> in the current context!
Error: Unable to interpret <[2012.04.21 09:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A485EB71-9F5B-49D8-A1B1-16CD107BAB31}> in the current context!
Error: Unable to interpret <[2012.04.21 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39E38C82-7E32-4D4F-877C-5129FEEFB05F}> in the current context!
Error: Unable to interpret <[2012.04.20 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D0C36A2C-8167-46B0-A126-99837631AA95}> in the current context!
Error: Unable to interpret <[2012.04.20 09:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{4BD24961-F921-4FF0-80FF-DDE17F28E297}> in the current context!
Error: Unable to interpret <[2012.04.19 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{20FF69E4-251E-4ACD-8548-FB21F3DC4281}> in the current context!
Error: Unable to interpret <[2012.04.19 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76BE9DDB-0063-4A0B-9EBD-2587612D6DB5}> in the current context!
Error: Unable to interpret <[2012.04.19 06:27:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{88AEB8B9-2870-4B49-BD9A-4F93115913AA}> in the current context!
Error: Unable to interpret <[2012.04.19 06:26:50 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{8DE1291F-AD4F-40CF-9A0E-8AAAB29F243E}> in the current context!
Error: Unable to interpret <[2012.04.18 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7A6D065E-7DC6-444D-B498-A8C72CC5BA25}> in the current context!
Error: Unable to interpret <[2012.04.18 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3E002CD0-9420-4825-8D62-96C835E7BB4E}> in the current context!
Error: Unable to interpret <[2012.04.17 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B80C12CB-84F6-4669-8365-299E3BBDDE16}> in the current context!
Error: Unable to interpret <[2012.04.17 08:54:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2D143E00-5F0A-41B2-9616-D77C86B736F0}> in the current context!
Error: Unable to interpret <[2012.04.16 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F0C7E53F-6911-4ED7-B327-6DE685F77C19}> in the current context!
Error: Unable to interpret <[2012.04.16 20:51:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C3E9D653-CF77-48D7-B2EE-ADA78798D226}> in the current context!
Error: Unable to interpret <[2012.04.16 06:13:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E50E526C-F69A-499A-9671-E7BF6457343E}> in the current context!
Error: Unable to interpret <[2012.04.16 06:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA6D7BC7-5DFD-425E-B650-12C726AC9409}> in the current context!
Error: Unable to interpret <[2012.04.15 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0D83490E-4813-43B5-85C0-57B1C51FEF64}> in the current context!
Error: Unable to interpret <[2012.04.15 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{080A9781-DCA2-4C43-A6A3-DC36A4AC79DC}> in the current context!
Error: Unable to interpret <[2012.04.14 23:28:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{60546FA4-5931-499D-A7EC-A10B6BC3E266}> in the current context!
Error: Unable to interpret <[2012.04.14 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{26268009-3C6C-4AFF-9C0C-67E52C7DA117}> in the current context!
Error: Unable to interpret <[2012.04.14 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{50742359-0284-4A9A-BDCC-F23BA679EE3A}> in the current context!
Error: Unable to interpret <[2012.04.14 08:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D881C6EC-DD38-4160-8270-9582BE91A984}> in the current context!
Error: Unable to interpret <[2012.04.13 06:33:28 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{22C010A9-4B0F-48E1-840C-7AA99763F8DE}> in the current context!
Error: Unable to interpret <[2012.04.13 06:33:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{71571163-7AA2-445F-BF9A-DE37C1A53364}> in the current context!
Error: Unable to interpret <[2012.04.13 06:29:03 | 000,000,000 | ---D | C] -- C:\Windows\de> in the current context!
Error: Unable to interpret <[2012.04.13 06:24:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi> in the current context!
Error: Unable to interpret <[2012.04.13 06:07:51 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1624BD53-287D-4A19-8AB3-5D4FBD002853}> in the current context!
Error: Unable to interpret <[2012.04.12 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC2A6BDD-5922-43A7-B18F-8900F9380397}> in the current context!
Error: Unable to interpret <[2012.04.11 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B7A63172-9737-425A-9450-04D3138F1685}> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll> in the current context!
Error: Unable to interpret <[2012.04.11 07:10:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012.04.11 07:09:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe> in the current context!
Error: Unable to interpret <[2012.04.11 07:09:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe> in the current context!
Error: Unable to interpret <[2012.04.11 06:19:38 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{537025EF-335E-4ED6-A048-AD852FA5B039}> in the current context!
Error: Unable to interpret <[2012.04.10 12:22:20 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B72D0D68-CB92-43F0-BBA8-BEB6AA98547A}> in the current context!
Error: Unable to interpret <[2012.04.09 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3A2B281E-499B-412F-B3D4-73651782E8E5}> in the current context!
Error: Unable to interpret <[2012.04.09 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E3F9CA8C-E9BF-40EB-89C6-8A859477F68C}> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:51 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:51 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:50 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVIDEOSOFT> in the current context!
Error: Unable to interpret <[2012.04.08 16:01:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC80ECD7-FBE4-411D-8F95-00E3617328F4}> in the current context!
Error: Unable to interpret <[2012.04.08 00:52:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{6E28C1E6-9942-4C2F-842F-F00F119D34CD}> in the current context!
Error: Unable to interpret <[2012.04.07 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BF3E2201-0078-4601-B7C2-53BE3E78C858}> in the current context!
Error: Unable to interpret <[2012.04.06 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{48E2FC20-40DA-42D5-9F6F-0D2B19FC8A67}> in the current context!
Error: Unable to interpret <[2012.04.06 08:27:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{83DBFD34-806D-4049-90AF-5998412AB540}> in the current context!
Error: Unable to interpret <[2012.04.05 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{45C88743-4F5D-4E04-9333-7BD4CC1C8C4B}> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.05 10:38:44 | 002,359,296 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT> in the current context!
Error: Unable to interpret <[2012.05.05 10:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job> in the current context!
Error: Unable to interpret <[2012.05.05 09:48:28 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini> in the current context!
Error: Unable to interpret <[2012.05.05 09:48:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT> in the current context!
Error: Unable to interpret <[2012.05.05 09:47:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.05.05 09:47:33 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.05.05 01:14:14 | 001,763,004 | -H-- | M] () -- C:\Users\Rike\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012.05.04 08:37:16 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk> in the current context!
Error: Unable to interpret <[2012.05.04 08:26:34 | 000,107,030 | ---- | M] () -- C:\Users\Rike\Documents\cc_20120504_082621.reg> in the current context!
Error: Unable to interpret <[2012.05.02 22:42:29 | 000,000,822 | ---- | M] () -- C:\Users\Rike\Documents\CCleaner.lnk> in the current context!
Error: Unable to interpret <[2012.05.02 20:40:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job> in the current context!
Error: Unable to interpret <[2012.05.01 21:11:39 | 000,001,109 | ---- | M] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 11:24:35 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRike.job> in the current context!
Error: Unable to interpret <[2012.04.14 09:08:07 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe> in the current context!
Error: Unable to interpret <[2012.04.14 09:08:07 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context!
Error: Unable to interpret <[2012.04.14 09:07:09 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:00 | 000,001,239 | ---- | M] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,001,398 | ---- | M] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk> in the current context!
Error: Unable to interpret <[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.05.04 08:37:16 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk> in the current context!
Error: Unable to interpret <[2012.05.04 08:26:29 | 000,107,030 | ---- | C] () -- C:\Users\Rike\Documents\cc_20120504_082621.reg> in the current context!
Error: Unable to interpret <[2012.05.03 09:53:08 | 000,000,822 | ---- | C] () -- C:\Users\Rike\Documents\CCleaner.lnk> in the current context!
Error: Unable to interpret <[2012.05.03 09:52:55 | 000,001,109 | ---- | C] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.05.02 12:42:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job> in the current context!
Error: Unable to interpret <[2012.05.01 23:15:13 | 001,763,004 | -H-- | C] () -- C:\Users\Rike\AppData\Local\IconCache.db> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk> in the current context!
Error: Unable to interpret <[2012.04.27 13:53:26 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 23:13:34 | 000,001,239 | ---- | C] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk> in the current context!
Error: Unable to interpret <[2012.04.08 16:19:57 | 000,001,398 | ---- | C] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk> in the current context!
Error: Unable to interpret <[2012.01.02 23:08:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.11.09 21:10:49 | 000,061,392 | ---- | C] () -- C:\Users\Rike\AppData\Local\GDIPFONTCACHEV1.DAT> in the current context!
Error: Unable to interpret <[2011.06.08 00:26:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin> in the current context!
Error: Unable to interpret <[2011.05.13 11:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.13 11:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.13 11:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll> in the current context!
Error: Unable to interpret <[2011.05.10 09:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini> in the current context!
Error: Unable to interpret <[2010.12.21 02:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll> in the current context!
Error: Unable to interpret <[2010.12.16 01:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.02.27 02:49:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AlawarEntertainment> in the current context!
Error: Unable to interpret <[2012.03.08 13:36:23 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Artogon> in the current context!
Error: Unable to interpret <[2012.01.09 22:22:47 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG> in the current context!
Error: Unable to interpret <[2011.11.10 08:33:58 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG2012> in the current context!
Error: Unable to interpret <[2012.03.06 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Awem> in the current context!
Error: Unable to interpret <[2012.03.05 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Blue Tea Games> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2012.04.08 16:20:09 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2012.03.12 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EleFun Games> in the current context!
Error: Unable to interpret <[2012.01.22 15:06:11 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EnchantedCavern> in the current context!
Error: Unable to interpret <[2012.03.07 14:38:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Enki Games> in the current context!
Error: Unable to interpret <[2012.01.16 22:08:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Epson> in the current context!
Error: Unable to interpret <[2012.01.22 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\ERS Game Studios> in the current context!
Error: Unable to interpret <[2012.01.11 13:35:38 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\FamilyVacationCalifornia> in the current context!
Error: Unable to interpret <[2012.03.06 13:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Frogwares> in the current context!
Error: Unable to interpret <[2012.05.01 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb> in the current context!
Error: Unable to interpret <[2012.03.25 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\HitPoint Studios> in the current context!
Error: Unable to interpret <[2012.01.03 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Lexware> in the current context!
Error: Unable to interpret <[2012.03.09 14:00:02 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Orneon> in the current context!
Error: Unable to interpret <[2012.02.19 00:18:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\PlayPond> in the current context!
Error: Unable to interpret <[2012.04.24 08:37:21 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\SoftGrid Client> in the current context!
Error: Unable to interpret <[2011.11.09 21:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Synaptics> in the current context!
Error: Unable to interpret <[2012.01.02 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\TP> in the current context!
Error: Unable to interpret <[2012.01.22 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vast Studios> in the current context!
Error: Unable to interpret <[2012.04.27 14:04:00 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vogat Interactive> in the current context!
Error: Unable to interpret <[2012.01.04 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Windows Live Writer> in the current context!
Error: Unable to interpret <[2012.04.18 06:13:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >
         
--- --- --- > in the current context! OTL by OldTimer - Version 3.2.42.2 log created on 05052012_104117

Alt 05.05.2012, 09:50   #11
rike42
 
trojaner durch email - Standard

trojaner durch email



Code:
ATTFilter
Error: Unable to interpret <OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 05.05.2012 10:35:01 - Run 4> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Rike\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <1,60 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 34,13% Memory free> in the current context!
Error: Unable to interpret <3,21 Gb Paging File | 1,45 Gb Available in Paging File | 45,07% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 217,64 Gb Total Space | 178,32 Gb Free Space | 81,93% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Extra Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== File Associations ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Shell Spawning ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]> in the current context!
Error: Unable to interpret <batfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cmdfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)> in the current context!
Error: Unable to interpret <exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <helpfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"> in the current context!
Error: Unable to interpret <inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <piffile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <regfile [merge] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <scrfile [config] -- "%1"> in the current context!
Error: Unable to interpret <scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l> in the current context!
Error: Unable to interpret <scrfile [open] -- "%1" /S> in the current context!
Error: Unable to interpret <txtfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1> in the current context!
Error: Unable to interpret <Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [explore] -- Reg Error: Value error.> in the current context!
Error: Unable to interpret <Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Security Center Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Firewall Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Authorized Applications List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Open Ports Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{03ECD95A-DDB5-4F14-AB02-BC2E19782C11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{049671D1-78F8-41A2-A39B-29C1172957E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{154BD470-FB92-4C2B-8BF0-6BB4C3FFE159}" = rport=138 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{15873059-A33A-4654-8446-2172B36ACB8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{36C612D6-7280-4732-91BC-DF942AC715E9}" = lport=445 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{3CDB6771-3218-4D4C-BFBD-28C6A6817191}" = rport=10243 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{47B845F3-B3B6-46F6-997F-CAF7F377C1F6}" = lport=137 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{4DB0B9A7-B5BF-423D-B07A-4E426F412B22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | > in the current context!
Error: Unable to interpret <"{6306839A-108A-4E1C-BBCA-31508170B15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{73F2E517-CB79-4737-B4B7-95B02D48BF09}" = lport=10243 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{73F8720F-EFFD-4961-9B14-802863F11E5A}" = rport=137 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{787943CD-902C-4C88-AD80-DB3910221CD8}" = lport=138 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{7BBFD59E-ECDC-4F47-9C0B-A27CBCA2B52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{9669D44C-F0CD-42D2-93D9-BFD58C56C17F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{96B3896A-5415-4EA2-8E5C-9695A1639DD6}" = rport=445 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{9DB446A5-417B-48BE-8343-F927AF283549}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | > in the current context!
Error: Unable to interpret <"{9EE156F6-330D-4735-92BB-B054EBF5CF85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | > in the current context!
Error: Unable to interpret <"{BBE678D5-E3FE-494C-BEC6-A9984AAEFEBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{CD43471F-73DB-4B61-8B08-637C0D952D72}" = lport=139 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{D2408D74-6C6A-4C81-8A5D-0BD088CCF264}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{D7BD90BE-D33B-48E6-88DE-AFC9B4937047}" = rport=139 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{D839CBCE-2D23-449B-BEC2-307FA44CBC1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | > in the current context!
Error: Unable to interpret <"{DC2B4737-9DAB-470F-AD90-0692ABC8F82B}" = lport=2869 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Application Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | > in the current context!
Error: Unable to interpret <"{053E10F6-72C1-4762-9CE4-43C04FBF1220}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | > in the current context!
Error: Unable to interpret <"{07B3E68F-C791-4677-88E1-536DC250B92A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | > in the current context!
Error: Unable to interpret <"{13636BBF-7207-43C5-810D-F855726413A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | > in the current context!
Error: Unable to interpret <"{1E7E82B0-0BF3-4EED-BB1C-D00E0C51F29E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | > in the current context!
Error: Unable to interpret <"{1FBBF5FA-7E13-427F-B359-682272E9ACA2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | > in the current context!
Error: Unable to interpret <"{3301D0B0-EE8A-4D38-AFC5-1C1900C47BCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{3427A715-C1DA-43B5-B154-D78201E68EEB}" = dir=in | app=c:\users\rike\appdata\local\facebook\video\skype\facebookvideocalling.exe | > in the current context!
Error: Unable to interpret <"{40D8DF87-812C-4EA1-B656-146E0F81D9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | > in the current context!
Error: Unable to interpret <"{421FEC94-B444-4FFA-894F-F7323E3D8CE7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | > in the current context!
Error: Unable to interpret <"{4574816C-82BE-4C2B-BADC-4065FDC73B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{6195A76B-9537-408B-8412-819C66579956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{66BDA8F1-6214-40CE-8EDF-7B87BAE40E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | > in the current context!
Error: Unable to interpret <"{6E754F93-7F9C-49DD-BF86-3D343673FDA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{72AAF7CC-66C3-4B70-8080-BD1885857F42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{7D85B0E6-3EF5-4654-AA92-38DCBEF57206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{856E656B-F109-4DA4-BC96-4B0922A7639F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | > in the current context!
Error: Unable to interpret <"{88AD83AF-DF44-467D-8724-2215FA99E655}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{997147F1-2D44-42CC-AC4A-E11151D3C799}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{9B640A1B-27B7-4A70-A49B-C3E1C56C33C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{9FFC7719-01C5-4322-961E-37EE85831C90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{AEB1CA98-425A-4A5B-B6B2-04560429AE9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{AFDDE5C7-C402-43AB-9737-9EDAE9C17EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | > in the current context!
Error: Unable to interpret <"{B364CA41-9339-41F2-AEB9-47EDB03641BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | > in the current context!
Error: Unable to interpret <"{B46CA818-E5F1-42DB-9013-0D2E0C3397D2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | > in the current context!
Error: Unable to interpret <"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | > in the current context!
Error: Unable to interpret <"{DD914877-A81B-4B72-8E0D-FB36F01D4CCE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | > in the current context!
Error: Unable to interpret <"{E618FDB4-CC5C-4904-B278-E4AC0253C635}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | > in the current context!
Error: Unable to interpret <"{EB6C49F6-4D89-4A1E-841A-2E823DA5CC39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | > in the current context!
Error: Unable to interpret <"{EB885D67-D55E-4FF7-91A9-99206858746D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | > in the current context!
Error: Unable to interpret <"{F3D0E4F6-93E5-491D-8F90-D3812AE3E3C8}" = protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{F6674586-F182-42DA-8A9A-55E0439D851E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | > in the current context!
Error: Unable to interpret <"{FAB1F7E9-E7FF-42DA-AB3A-5EB76FFBFC5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | > in the current context!
Error: Unable to interpret <"{FE43BF80-6AEB-472E-BDF8-0188D5D08765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_LOCAL_MACHINE Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam> in the current context!
Error: Unable to interpret <"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup> in the current context!
Error: Unable to interpret <"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion> in the current context!
Error: Unable to interpret <"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements> in the current context!
Error: Unable to interpret <"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer> in the current context!
Error: Unable to interpret <"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility> in the current context!
Error: Unable to interpret <"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display> in the current context!
Error: Unable to interpret <"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger> in the current context!
Error: Unable to interpret <"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources> in the current context!
Error: Unable to interpret <"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update> in the current context!
Error: Unable to interpret <"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions> in the current context!
Error: Unable to interpret <"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31> in the current context!
Error: Unable to interpret <"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech> in the current context!
Error: Unable to interpret <"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation> in the current context!
Error: Unable to interpret <"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App> in the current context!
Error: Unable to interpret <"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery> in the current context!
Error: Unable to interpret <"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery> in the current context!
Error: Unable to interpret <"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack> in the current context!
Error: Unable to interpret <"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7> in the current context!
Error: Unable to interpret <"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2> in the current context!
Error: Unable to interpret <"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime> in the current context!
Error: Unable to interpret <"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater> in the current context!
Error: Unable to interpret <"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module> in the current context!
Error: Unable to interpret <"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack> in the current context!
Error: Unable to interpret <"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian> in the current context!
Error: Unable to interpret <"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian> in the current context!
Error: Unable to interpret <"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French> in the current context!
Error: Unable to interpret <"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module> in the current context!
Error: Unable to interpret <"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai> in the current context!
Error: Unable to interpret <"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish> in the current context!
Error: Unable to interpret <"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE> in the current context!
Error: Unable to interpret <"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish> in the current context!
Error: Unable to interpret <"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static> in the current context!
Error: Unable to interpret <"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek> in the current context!
Error: Unable to interpret <"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish> in the current context!
Error: Unable to interpret <"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)> in the current context!
Error: Unable to interpret <"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese> in the current context!
Error: Unable to interpret <"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core> in the current context!
Error: Unable to interpret <"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159> in the current context!
Error: Unable to interpret <"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable> in the current context!
Error: Unable to interpret <"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform> in the current context!
Error: Unable to interpret <"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver> in the current context!
Error: Unable to interpret <"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight> in the current context!
Error: Unable to interpret <"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime> in the current context!
Error: Unable to interpret <"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core> in the current context!
Error: Unable to interpret <"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT> in the current context!
Error: Unable to interpret <"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch> in the current context!
Error: Unable to interpret <"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English> in the current context!
Error: Unable to interpret <"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010> in the current context!
Error: Unable to interpret <"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese> in the current context!
Error: Unable to interpret <"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161> in the current context!
Error: Unable to interpret <"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail> in the current context!
Error: Unable to interpret <"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish> in the current context!
Error: Unable to interpret <"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common> in the current context!
Error: Unable to interpret <"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy> in the current context!
Error: Unable to interpret <"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer> in the current context!
Error: Unable to interpret <"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch> in the current context!
Error: Unable to interpret <"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh> in the current context!
Error: Unable to interpret <"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework> in the current context!
Error: Unable to interpret <"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie> in the current context!
Error: Unable to interpret <"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail> in the current context!
Error: Unable to interpret <"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)> in the current context!
Error: Unable to interpret <"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager> in the current context!
Error: Unable to interpret <"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo> in the current context!
Error: Unable to interpret <"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean> in the current context!
Error: Unable to interpret <"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader> in the current context!
Error: Unable to interpret <"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian> in the current context!
Error: Unable to interpret <"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program> in the current context!
Error: Unable to interpret <"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections> in the current context!
Error: Unable to interpret <"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager> in the current context!
Error: Unable to interpret <"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German> in the current context!
Error: Unable to interpret <"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier> in the current context!
Error: Unable to interpret <"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform> in the current context!
Error: Unable to interpret <"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64> in the current context!
Error: Unable to interpret <"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common> in the current context!
Error: Unable to interpret <"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform> in the current context!
Error: Unable to interpret <"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish> in the current context!
Error: Unable to interpret <"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh> in the current context!
Error: Unable to interpret <"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86> in the current context!
Error: Unable to interpret <"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10> in the current context!
Error: Unable to interpret <"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish> in the current context!
Error: Unable to interpret <"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All> in the current context!
Error: Unable to interpret <"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional> in the current context!
Error: Unable to interpret <"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger> in the current context!
Error: Unable to interpret <"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1> in the current context!
Error: Unable to interpret <"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding> in the current context!
Error: Unable to interpret <"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch> in the current context!
Error: Unable to interpret <"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module> in the current context!
Error: Unable to interpret <"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]> in the current context!
Error: Unable to interpret <"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch> in the current context!
Error: Unable to interpret <"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver> in the current context!
Error: Unable to interpret <"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian> in the current context!
Error: Unable to interpret <"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2> in the current context!
Error: Unable to interpret <"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard> in the current context!
Error: Unable to interpret <"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables> in the current context!
Error: Unable to interpret <"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR> in the current context!
Error: Unable to interpret <"Adobe AIR" = Adobe AIR> in the current context!
Error: Unable to interpret <"BFGC" = Big Fish Games: Game Manager> in the current context!
Error: Unable to interpret <"BFG-Guardians of Beyond - Hexenhausen Sammleredition" = Guardians of Beyond: Hexenhausen Sammleredition> in the current context!
Error: Unable to interpret <"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch> in the current context!
Error: Unable to interpret <"EPSON Scanner" = EPSON Scan> in the current context!
Error: Unable to interpret <"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319> in the current context!
Error: Unable to interpret <"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam> in the current context!
Error: Unable to interpret <"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400> in the current context!
Error: Unable to interpret <"Message Faces for IE" = Message Faces für Internet Explorer (remove only)> in the current context!
Error: Unable to interpret <"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)> in the current context!
Error: Unable to interpret <"MyTomTom" = MyTomTom 3.1.0.530> in the current context!
Error: Unable to interpret <"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010> in the current context!
Error: Unable to interpret <"PDF Complete" = PDF Complete Special Edition> in the current context!
Error: Unable to interpret <"SFT_de3 Toolbar" = SFT_de3 Toolbar> in the current context!
Error: Unable to interpret <"WildTangent hp Master Uninstall" = HP Games> in the current context!
Error: Unable to interpret <"WinLiveSuite" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"WT087330" = Bounce Symphony> in the current context!
Error: Unable to interpret <"WT087361" = FATE> in the current context!
Error: Unable to interpret <"WT087393" = Mah Jong Medley> in the current context!
Error: Unable to interpret <"WT087394" = Penguins!> in the current context!
Error: Unable to interpret <"WT087396" = Polar Bowler> in the current context!
Error: Unable to interpret <"WT087490" = Jewel Quest Solitaire> in the current context!
Error: Unable to interpret <"WT087510" = Slingo Deluxe> in the current context!
Error: Unable to interpret <"WT087513" = Virtual Villagers - The Secret City> in the current context!
Error: Unable to interpret <"WT087519" = Wedding Dash> in the current context!
Error: Unable to interpret <"WT087536" = Diner Dash 2 Restaurant Rescue> in the current context!
Error: Unable to interpret <"WT089308" = Blasterball 3> in the current context!
Error: Unable to interpret <"WT089328" = Farm Frenzy> in the current context!
Error: Unable to interpret <"WT089359" = Cake Mania> in the current context!
Error: Unable to interpret <"WT089362" = Agatha Christie - Peril at End House> in the current context!
Error: Unable to interpret <"WT089453" = Bejeweled 2 Deluxe> in the current context!
Error: Unable to interpret <"WT089454" = Chuzzle Deluxe> in the current context!
Error: Unable to interpret <"WT089455" = Zuma Deluxe> in the current context!
Error: Unable to interpret <"WT089458" = Plants vs. Zombies - Game of the Year> in the current context!
Error: Unable to interpret <"WT089460" = Mystery P.I. - The London Caper> in the current context!
Error: Unable to interpret <"WT089484" = Namco All-Stars PAC-MAN> in the current context!
Error: Unable to interpret <"WT089492" = Crazy Chicken Kart 2> in the current context!
Error: Unable to interpret <"WT089493" = Fishdom> in the current context!
Error: Unable to interpret <"WT089497" = Big Rig Europe> in the current context!
Error: Unable to interpret <"WTA-40a22801-9cef-4790-bda0-5ce7b7ef0c83" = Red Crow Mysteries: Legion> in the current context!
Error: Unable to interpret <"WTA-fdb7ada1-e72d-44b5-a7cd-eb1f008c8c3b" = Family Vacation: California> in the current context!
Error: Unable to interpret <"XobniMain" = Xobni> in the current context!
Error: Unable to interpret <"Yahoo! Companion" = Yahoo! Toolbar> in the current context!
Error: Unable to interpret <"Yahoo! Messenger" = Yahoo! Messenger> in the current context!
Error: Unable to interpret <"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung> in the current context!
Error: Unable to interpret <"Yahoo! Software Update" = Yahoo! Software Update> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_CURRENT_USER Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Last 10 Event Log Errors ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ Application Events ]> in the current context!
Error: Unable to interpret <Error - 19.04.2012 00:25:27 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 19.04.2012 04:24:30 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 19.04.2012 14:17:41 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.04.2012 00:16:34 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.04.2012 03:28:21 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 21.04.2012 03:52:51 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 22.04.2012 03:21:50 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 22.04.2012 07:05:01 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 22.04.2012 10:24:41 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 23.04.2012 00:13:22 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ Hewlett-Packard Events ]> in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der> in the current context!
Error: Unable to interpret < Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator> in the current context!
Error: Unable to interpret <Name:> in the current context!
Error: Unable to interpret < HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support> in the current context!
Error: Unable to interpret < Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der> in the current context!
Error: Unable to interpret < Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()> in the current context!
Error: Unable to interpret <   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    > in the current context!
Error: Unable to interpret < bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator> in the current context!
Error: Unable to interpret <Name:> in the current context!
Error: Unable to interpret < HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support> in the current context!
Error: Unable to interpret < Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:00:23 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:06:26 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 13.01.2012 09:07:06 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 06:52:59 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 06:58:02 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:01:07 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:28:18 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000> in the current context!
Error: Unable to interpret <Description = > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ HP Software Framework Events ]> in the current context!
Error: Unable to interpret <Error - 09.12.2011 12:09:17 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.09 17:09:17.705|00000288|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 11.12.2011 18:22:20 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.11 23:22:20.964|00001010|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 24.12.2011 15:19:00 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.24 20:19:00.515|00000E88|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 31.12.2011 05:58:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2011.12.31 10:58:16.748|000016A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 06.01.2012 07:46:50 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.06 12:46:50.438|00001508|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:51:02 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:51:02.378|000003A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:53:07 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:53:07.355|000016A4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 20.01.2012 06:53:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.20 11:53:16.478|00000D70|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 27.01.2012 07:01:53 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012.01.27 12:01:53.617|00001B50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error> in the current context!
Error: Unable to interpret < 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.04.2012 10:07:13 | Computer Name = Rike-HP | Source = hpqWmiEx | ID = 5> in the current context!
Error: Unable to interpret <Description = 2012/04/05 16:07:13.621|00001230|Error      |ChpqWmiExModule::Start|StartServiceCtrlDispatcher> in the current context!
Error: Unable to interpret < FAILED. Error: 1063> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ HP Wireless Assistant Events ]> in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:40:03 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:41:09 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:41:15 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:42:20 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:42:25 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:43:31 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 09.11.2011 18:43:36 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht> in the current context!
Error: Unable to interpret < verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 15.01.2012 17:11:28 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter> in the current context!
Error: Unable to interpret < abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32> in the current context!
Error: Unable to interpret < errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object> in the current context!
Error: Unable to interpret < o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean> in the current context!
Error: Unable to interpret < getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei > in the current context!
Error: Unable to interpret <System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei> in the current context!
Error: Unable to interpret < HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.> in the current context!
Error: Unable to interpret <   bei System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount,> in the current context!
Error: Unable to interpret < IWbemClassObject_DoNotMarshal[] apObjects, UInt32& puReturned)     bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware> in the current context!
Error: Unable to interpret < radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei > in the current context!
Error: Unable to interpret <System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0> in the current context!
Error: Unable to interpret <Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.> in the current context!
Error: Unable to interpret <   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[ System Events ]> in the current context!
Error: Unable to interpret <Error - 04.05.2012 05:41:38 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 05:41:55 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 05:41:55 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 16:47:56 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 16:48:12 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 04.05.2012 16:48:12 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.05.2012 03:49:06 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung> in the current context!
Error: Unable to interpret < von Dienst HPWMISVC erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.05.2012 03:49:24 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009> in the current context!
Error: Unable to interpret <Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst> in the current context!
Error: Unable to interpret < XobniService erreicht.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.05.2012 03:49:24 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000> in the current context!
Error: Unable to interpret <Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:> in the current context!
Error: Unable to interpret <   %%1053> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error - 05.05.2012 04:27:19 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7034> in the current context!
Error: Unable to interpret <Description = Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies> in the current context!
Error: Unable to interpret < ist bereits 1 Mal passiert.> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >
         
--- --- --- > in the current context! OTL by OldTimer - Version 3.2.42.2 log created on 05052012_104317

Alt 05.05.2012, 10:23   #12
kira
/// Helfer-Team
 
trojaner durch email - Standard

trojaner durch email



wieder falsch,,...
beschreibe bitte genau, wie Du es machst?!

ah ich sehe schon, woran es liegt:
Zitat:
Folder = C:\Users\Rike\Downloads
1.
Hast Du OTL falsch installiert!
OTL muss auf dem Desktop gespechert werden!
Stell deine Browser so ein, dass er OTL auf dem Desktop speichern soll!
also entfernen und erneut herunterladen:
-> Lade OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Nach installation in der Log-Datei soll etwa so aussehen:
Zitat:
Folder = C:\Users\***\Desktop
2.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 05.05.2012, 19:59   #13
rike42
 
trojaner durch email - Standard

trojaner durch email



wie kann ich das ändern das es auf den deskop geladen wird das weiss ich nicht wie oder wo ich suchen muss

Alt 06.05.2012, 09:25   #14
kira
/// Helfer-Team
 
trojaner durch email - Standard

trojaner durch email



Stell deine Browser so ein, dass er OTL auf dem Desktop speichern soll!
Im Firefox:
"Extras"-> Einstellungen"-> Allgemein-> Downloads-> Alle Dateien in folgendem Ordner abspeichern"...Wähle "Desktop"
Kannst für jede Installation die Dateien gezielt in einen andere Ordner "nach deiner Wahl" abspeichern.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 06.05.2012, 11:03   #15
rike42
 
trojaner durch email - Standard

trojaner durch email



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.05.2012 11:48:39 - Run 5
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 30,34% Memory free
3,21 Gb Paging File | 1,36 Gb Available in Paging File | 42,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,63 Gb Free Space | 81,62% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.06 11:43:48 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
PRC - [2012.04.21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.20 10:40:32 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011.11.14 13:02:04 | 000,435,672 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.02.09 17:57:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010.12.13 12:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2009.12.03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009.02.23 15:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.05 16:09:10 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.04.21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.03.12 19:19:42 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011.11.14 13:02:08 | 000,202,712 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2011.11.14 13:02:06 | 000,063,960 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011.11.14 13:01:52 | 007,964,160 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
MOD - [2011.11.14 13:01:52 | 002,648,064 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXmlPatterns4.dll
MOD - [2011.11.14 13:01:52 | 002,302,464 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
MOD - [2011.11.14 13:01:52 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
MOD - [2011.11.14 13:01:52 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\QtXml4.dll
MOD - [2011.08.22 02:18:06 | 000,925,696 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.05.05 16:09:12 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.12 19:19:46 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.25 02:08:46 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV - [2011.02.01 01:42:40 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.28 02:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.07.21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\..\SearchScopes\{E5CEDFED-2DD7-479B-B5FB-D54991A4EB5D}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
IE - HKU\S-1-5-21-688040076-4065842808-1344549600-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Rike\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 12:16:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012.03.12 19:20:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2012.03.19 19:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.05 20:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.01.12 07:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions
[2012.05.05 12:46:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions
[2012.01.26 08:06:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.04.08 16:20:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\65veosuj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.05 20:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.05 20:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2012.05.05 20:41:15 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
() (No name found) -- C:\USERS\RIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\65VEOSUJ.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.12 19:19:41 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\PROGRA~2\WINZIP~1\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (no name) - {ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Facebook Update] C:\Users\Rike\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-688040076-4065842808-1344549600-1001..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FF78FB-77BC-466E-ADB6-7D23B90C1116}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{902AAE46-0D3F-4F1B-99F7-8FF393AD700C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.06 11:46:05 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL(1).exe
[2012.05.06 11:43:47 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
[2012.05.06 11:34:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23C8643B-1ADC-49A1-9545-8C2CCA251D39}
[2012.05.06 11:34:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1424645A-0D3E-4A71-B5AA-293FD812C0B2}
[2012.05.05 22:54:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{91DCF39D-66CB-4025-9B08-34F9257DEDB9}
[2012.05.05 22:52:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{74CCED6A-9204-4E87-B02F-D73D06CF4102}
[2012.05.05 20:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.05 20:41:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.05.05 20:30:55 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\Apps
[2012.05.05 11:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.05.05 10:51:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{032C36AE-0272-4E5E-8E38-AF3C39E248C6}
[2012.05.05 10:51:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{18E8FC16-57DD-4F3F-BEA8-F686FFC95001}
[2012.05.04 22:49:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E19C20E3-EECE-489C-94E1-613CA6B2F1FE}
[2012.05.04 22:49:26 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CEE9C4B0-9A51-443F-987C-57E5C9D6BF1B}
[2012.05.04 08:38:02 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\SUPERAntiSpyware.com
[2012.05.04 08:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.05.04 08:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.05.04 08:20:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{03C98771-8EFD-430D-8126-889B7DE92CDB}
[2012.05.04 08:19:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C8D85BD6-07E3-408A-89CA-A6ABE473FA6F}
[2012.05.04 07:43:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.05.03 20:13:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F4747EE8-3DFF-4360-81B7-220EA36B7DD7}
[2012.05.03 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{13615E33-8016-4355-88E1-3F0928C0AFD0}
[2012.05.03 06:18:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{86890D24-56DC-402F-B2BF-281C74B7AB90}
[2012.05.03 06:18:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BFB74F8A-365B-49F5-8F4B-5D5CA9E8755F}
[2012.05.02 22:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.05.02 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A2610B38-F0FE-48E9-8BA6-F17E1BCB20BE}
[2012.05.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C84BD7D6-CC5B-4AC7-9E3B-2949462132D5}
[2012.05.01 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76B93B11-A02B-4755-8C3F-65B175DB9F68}
[2012.05.01 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372D01FA-4BBB-4C33-ACCB-533AC7A11C4A}
[2012.05.01 21:11:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Malwarebytes
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.01 21:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.01 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2012.05.01 19:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2012.05.01 19:27:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2012.05.01 10:04:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb
[2012.05.01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{5511AB08-1126-4D06-8E12-3FBC1F032EF7}
[2012.05.01 09:57:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{64FF208D-0BFE-4175-BA5F-23E26932B09F}
[2012.04.30 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{372C89B6-9AE3-4188-8702-ED59DEACD2BD}
[2012.04.30 21:55:04 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{40BA9362-3D78-4035-91C3-4AA18FE22552}
[2012.04.30 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B97F158E-B79C-4603-B623-1B47B838A902}
[2012.04.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76A15291-C1AE-4F69-A916-4FFFDBA14B51}
[2012.04.29 21:32:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A505D8F9-449F-4144-BA72-E51EDDC5C114}
[2012.04.29 21:31:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{600C320E-DB25-4A12-9E96-076AB101DCAE}
[2012.04.29 09:30:52 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{23B94CEA-1690-4844-9CDE-2E2090E6BC63}
[2012.04.29 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{606BE038-F090-49BB-A55E-6628992E9B4E}
[2012.04.28 10:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{514A2120-DF30-49C8-9F2D-2F0EDCD7793D}
[2012.04.28 10:19:06 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E1D77E2C-D9BE-483A-9E4E-5A11DE05F4BA}
[2012.04.27 22:17:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{DFDB8454-3822-44C6-83B7-DD90CCEDB878}
[2012.04.27 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7AE06BC2-9EB4-4487-81B3-3945A698A71D}
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guardians of Beyond - Hexenhausen Sammleredition
[2012.04.27 06:23:48 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{424FEB80-7DD5-4290-A15A-25185CAE180E}
[2012.04.27 06:23:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E73F308C-070E-48E0-AC5E-390B10FBFF4B}
[2012.04.25 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CB476FD8-8A05-4CED-B3F6-BAEE6166D78A}
[2012.04.25 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7564FD68-6D98-4691-B815-A5EF2C1474CD}
[2012.04.25 07:41:14 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B816BF8D-2442-43E7-B479-D43FF1581FBA}
[2012.04.25 07:40:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F9672FFE-98E4-49A3-BACC-4A3AC20EAAE4}
[2012.04.24 19:37:34 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1A5EC984-8007-4ABB-B611-ACB5A76699BA}
[2012.04.24 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CF335D44-7701-49DF-A3DC-E9B5BB4325C0}
[2012.04.23 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39F9964F-3DAD-4507-A85B-9BEDC1E9D991}
[2012.04.23 21:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76FCA07A-B82F-4DD8-A308-DC0B4DD8B11A}
[2012.04.23 09:30:23 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3C81FC27-FCF6-4BA9-A30E-B8CB8A8D0D67}
[2012.04.23 09:29:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2315DE57-18F3-4CCC-A095-E45884A6FA6D}
[2012.04.22 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0932B65B-A834-43CB-A75D-08B8E75CA20F}
[2012.04.22 21:26:00 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{73FC3CBA-D3F8-4590-A437-3EA625BDD5B0}
[2012.04.22 13:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\TomTom
[2012.04.22 13:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2012.04.22 13:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2012.04.22 13:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012.04.22 09:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CD0AA4D6-7B8C-4BE4-AB27-CA6E872014EF}
[2012.04.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0805C92A-3A23-4B4D-B15B-EEA12BF94E35}
[2012.04.21 09:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{A485EB71-9F5B-49D8-A1B1-16CD107BAB31}
[2012.04.21 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{39E38C82-7E32-4D4F-877C-5129FEEFB05F}
[2012.04.20 09:29:56 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D0C36A2C-8167-46B0-A126-99837631AA95}
[2012.04.20 09:29:41 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{4BD24961-F921-4FF0-80FF-DDE17F28E297}
[2012.04.19 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{20FF69E4-251E-4ACD-8548-FB21F3DC4281}
[2012.04.19 20:19:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{76BE9DDB-0063-4A0B-9EBD-2587612D6DB5}
[2012.04.19 06:27:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{88AEB8B9-2870-4B49-BD9A-4F93115913AA}
[2012.04.19 06:26:50 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{8DE1291F-AD4F-40CF-9A0E-8AAAB29F243E}
[2012.04.18 06:16:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{7A6D065E-7DC6-444D-B498-A8C72CC5BA25}
[2012.04.18 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3E002CD0-9420-4825-8D62-96C835E7BB4E}
[2012.04.17 08:55:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B80C12CB-84F6-4669-8365-299E3BBDDE16}
[2012.04.17 08:54:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{2D143E00-5F0A-41B2-9616-D77C86B736F0}
[2012.04.16 20:52:07 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{F0C7E53F-6911-4ED7-B327-6DE685F77C19}
[2012.04.16 20:51:46 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{C3E9D653-CF77-48D7-B2EE-ADA78798D226}
[2012.04.16 06:13:35 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E50E526C-F69A-499A-9671-E7BF6457343E}
[2012.04.16 06:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{CA6D7BC7-5DFD-425E-B650-12C726AC9409}
[2012.04.15 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{0D83490E-4813-43B5-85C0-57B1C51FEF64}
[2012.04.15 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{080A9781-DCA2-4C43-A6A3-DC36A4AC79DC}
[2012.04.14 23:28:45 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{60546FA4-5931-499D-A7EC-A10B6BC3E266}
[2012.04.14 23:28:31 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{26268009-3C6C-4AFF-9C0C-67E52C7DA117}
[2012.04.14 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{50742359-0284-4A9A-BDCC-F23BA679EE3A}
[2012.04.14 08:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{D881C6EC-DD38-4160-8270-9582BE91A984}
[2012.04.13 06:33:28 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{22C010A9-4B0F-48E1-840C-7AA99763F8DE}
[2012.04.13 06:33:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{71571163-7AA2-445F-BF9A-DE37C1A53364}
[2012.04.13 06:29:03 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.04.13 06:24:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.13 06:07:51 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{1624BD53-287D-4A19-8AB3-5D4FBD002853}
[2012.04.12 08:59:01 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC2A6BDD-5922-43A7-B18F-8900F9380397}
[2012.04.11 18:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B7A63172-9737-425A-9450-04D3138F1685}
[2012.04.11 07:10:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.11 07:10:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.11 07:10:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.11 07:10:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.04.11 07:10:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.04.11 07:09:46 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.11 07:09:45 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.11 06:19:38 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{537025EF-335E-4ED6-A048-AD852FA5B039}
[2012.04.10 12:22:20 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{B72D0D68-CB92-43F0-BBA8-BEB6AA98547A}
[2012.04.09 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{3A2B281E-499B-412F-B3D4-73651782E8E5}
[2012.04.09 08:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{E3F9CA8C-E9BF-40EB-89C6-8A859477F68C}
[2012.04.08 16:20:09 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.08 16:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.04.08 16:18:51 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
[2012.04.08 16:18:51 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll
[2012.04.08 16:18:50 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.04.08 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVIDEOSOFT
[2012.04.08 16:01:36 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{FC80ECD7-FBE4-411D-8F95-00E3617328F4}
[2012.04.08 00:52:10 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{6E28C1E6-9942-4C2F-842F-F00F119D34CD}
[2012.04.07 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{BF3E2201-0078-4601-B7C2-53BE3E78C858}
[2012.04.06 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\{48E2FC20-40DA-42D5-9F6F-0D2B19FC8A67}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.06 11:58:05 | 002,359,296 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT
[2012.05.06 11:46:05 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL(1).exe
[2012.05.06 11:43:48 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
[2012.05.06 11:32:11 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.05.06 11:31:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.05.06 11:31:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.06 11:31:16 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.05 23:13:59 | 002,143,182 | -H-- | M] () -- C:\Users\Rike\AppData\Local\IconCache.db
[2012.05.05 23:07:36 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.05 20:41:49 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.05.05 16:09:10 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.05 16:09:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.05 16:08:04 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.05.04 08:37:16 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.04 08:26:34 | 000,107,030 | ---- | M] () -- C:\Users\Rike\Documents\cc_20120504_082621.reg
[2012.05.02 22:42:29 | 000,000,822 | ---- | M] () -- C:\Users\Rike\Documents\CCleaner.lnk
[2012.05.02 20:40:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.01 21:11:39 | 000,001,109 | ---- | M] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk
[2012.04.27 13:53:26 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | M] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.27 11:24:35 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRike.job
[2012.04.08 16:20:00 | 000,001,239 | ---- | M] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | M] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.05 20:41:49 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.05.04 08:37:16 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.04 08:26:29 | 000,107,030 | ---- | C] () -- C:\Users\Rike\Documents\cc_20120504_082621.reg
[2012.05.03 09:53:08 | 000,000,822 | ---- | C] () -- C:\Users\Rike\Documents\CCleaner.lnk
[2012.05.03 09:52:55 | 000,001,109 | ---- | C] () -- C:\Users\Rike\Documents\ Malwarebytes Anti-Malware .lnk
[2012.05.02 12:42:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRIKE-HP$.job
[2012.05.01 23:15:13 | 002,143,182 | -H-- | C] () -- C:\Users\Rike\AppData\Local\IconCache.db
[2012.04.27 13:53:26 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Guardians of Beyond - Hexenhausen Sammleredition.lnk
[2012.04.27 13:53:26 | 000,001,326 | ---- | C] () -- C:\Users\Public\Desktop\Weitere fantastische Spiele.lnk
[2012.04.08 23:13:34 | 000,001,239 | ---- | C] () -- C:\Users\Rike\Documents\DVDVideoSoft Free Studio.lnk
[2012.04.08 16:19:57 | 000,001,398 | ---- | C] () -- C:\Users\Rike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.01.02 23:08:05 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.09 21:10:49 | 000,061,392 | ---- | C] () -- C:\Users\Rike\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.06.08 00:26:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.05.13 11:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll
[2011.05.13 11:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll
[2011.05.13 11:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll
[2011.05.10 09:55:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010.12.21 02:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010.12.16 01:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== LOP Check ==========
 
[2012.02.27 02:49:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AlawarEntertainment
[2012.03.08 13:36:23 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Artogon
[2012.01.09 22:22:47 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG
[2011.11.10 08:33:58 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AVG2012
[2012.03.06 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Awem
[2012.03.05 15:28:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Blue Tea Games
[2012.04.08 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoft
[2012.04.08 16:20:09 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.03.12 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EleFun Games
[2012.01.22 15:06:11 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\EnchantedCavern
[2012.03.07 14:38:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Enki Games
[2012.01.16 22:08:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Epson
[2012.01.22 16:55:49 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\ERS Game Studios
[2012.01.11 13:35:38 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\FamilyVacationCalifornia
[2012.03.06 13:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Frogwares
[2012.05.01 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Hbfusxplb
[2012.03.25 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\HitPoint Studios
[2012.01.03 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Lexware
[2012.03.09 14:00:02 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Orneon
[2012.02.19 00:18:03 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\PlayPond
[2012.04.24 08:37:21 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\SoftGrid Client
[2011.11.09 21:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Synaptics
[2012.01.02 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\TP
[2012.01.22 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vast Studios
[2012.04.27 14:04:00 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Vogat Interactive
[2012.01.04 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Windows Live Writer
[2012.04.18 06:13:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 06.05.2012 11:48:39 - Run 5
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,60 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 30,34% Memory free
3,21 Gb Paging File | 1,36 Gb Available in Paging File | 42,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,64 Gb Total Space | 177,63 Gb Free Space | 81,62% Space Free | Partition Type: NTFS
Drive D: | 14,95 Gb Total Space | 1,85 Gb Free Space | 12,35% Space Free | Partition Type: NTFS
Drive F: | 99,18 Mb Total Space | 91,04 Mb Free Space | 91,79% Space Free | Partition Type: FAT32
 
Computer Name: RIKE-HP | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ECD95A-DDB5-4F14-AB02-BC2E19782C11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{049671D1-78F8-41A2-A39B-29C1172957E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{154BD470-FB92-4C2B-8BF0-6BB4C3FFE159}" = rport=138 | protocol=17 | dir=out | app=system | 
"{15873059-A33A-4654-8446-2172B36ACB8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{36C612D6-7280-4732-91BC-DF942AC715E9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3CDB6771-3218-4D4C-BFBD-28C6A6817191}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{47B845F3-B3B6-46F6-997F-CAF7F377C1F6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4DB0B9A7-B5BF-423D-B07A-4E426F412B22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{539FF5B6-5F05-478D-8269-9BBE0D206530}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6306839A-108A-4E1C-BBCA-31508170B15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73F2E517-CB79-4737-B4B7-95B02D48BF09}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{73F8720F-EFFD-4961-9B14-802863F11E5A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{787943CD-902C-4C88-AD80-DB3910221CD8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7BBFD59E-ECDC-4F47-9C0B-A27CBCA2B52A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9669D44C-F0CD-42D2-93D9-BFD58C56C17F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{96B3896A-5415-4EA2-8E5C-9695A1639DD6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9DB446A5-417B-48BE-8343-F927AF283549}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9EE156F6-330D-4735-92BB-B054EBF5CF85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AB8FE59C-23B6-483C-AEBA-1DF54E48DA13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{BBE678D5-E3FE-494C-BEC6-A9984AAEFEBD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CD43471F-73DB-4B61-8B08-637C0D952D72}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D2408D74-6C6A-4C81-8A5D-0BD088CCF264}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D7BD90BE-D33B-48E6-88DE-AFC9B4937047}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D839CBCE-2D23-449B-BEC2-307FA44CBC1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DC2B4737-9DAB-470F-AD90-0692ABC8F82B}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03756458-D0EF-49D1-80FB-0BB566795FF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{053E10F6-72C1-4762-9CE4-43C04FBF1220}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{07B3E68F-C791-4677-88E1-536DC250B92A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{13636BBF-7207-43C5-810D-F855726413A6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{1E7E82B0-0BF3-4EED-BB1C-D00E0C51F29E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{1FBBF5FA-7E13-427F-B359-682272E9ACA2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{3301D0B0-EE8A-4D38-AFC5-1C1900C47BCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3427A715-C1DA-43B5-B154-D78201E68EEB}" = dir=in | app=c:\users\rike\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{40D8DF87-812C-4EA1-B656-146E0F81D9C7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{421FEC94-B444-4FFA-894F-F7323E3D8CE7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4574816C-82BE-4C2B-BADC-4065FDC73B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6195A76B-9537-408B-8412-819C66579956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66BDA8F1-6214-40CE-8EDF-7B87BAE40E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6E754F93-7F9C-49DD-BF86-3D343673FDA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{72AAF7CC-66C3-4B70-8080-BD1885857F42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7D85B0E6-3EF5-4654-AA92-38DCBEF57206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{856E656B-F109-4DA4-BC96-4B0922A7639F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{88AD83AF-DF44-467D-8724-2215FA99E655}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{997147F1-2D44-42CC-AC4A-E11151D3C799}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B640A1B-27B7-4A70-A49B-C3E1C56C33C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FFC7719-01C5-4322-961E-37EE85831C90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AEB1CA98-425A-4A5B-B6B2-04560429AE9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AFDDE5C7-C402-43AB-9737-9EDAE9C17EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B364CA41-9339-41F2-AEB9-47EDB03641BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B46CA818-E5F1-42DB-9013-0D2E0C3397D2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{D9AD44F7-1DFE-410E-B0FB-82B5A0CE82A7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DD914877-A81B-4B72-8E0D-FB36F01D4CCE}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{E618FDB4-CC5C-4904-B278-E4AC0253C635}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{EB6C49F6-4D89-4A1E-841A-2E823DA5CC39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{EB885D67-D55E-4FF7-91A9-99206858746D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{F3D0E4F6-93E5-491D-8F90-D3812AE3E3C8}" = protocol=6 | dir=out | app=system | 
"{F6674586-F182-42DA-8A9A-55E0439D851E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FAB1F7E9-E7FF-42DA-AB3A-5EB76FFBFC5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE43BF80-6AEB-472E-BDF8-0188D5D08765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26C4E5F1-314C-F3DF-2294-3685BF5F9E05}" = CCC Help Czech
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F1042D-1423-81C6-299B-C21FAB216F93}" = CCC Help Italian
"{6137C043-93EA-6769-90EA-01E87B041117}" = CCC Help Norwegian
"{6265A4F4-91FE-FFEC-1ECA-E5639B80ECB3}" = CCC Help French
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{657BD928-2C0B-7EFA-7740-DE8BC937FEF4}" = CCC Help Thai
"{66E30DB0-A342-F453-D14D-827B454A9E4A}" = CCC Help Swedish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6833708F-D07C-34AA-B195-698FA0C8879C}" = CCC Help Polish
"{687DB473-1A0F-5B1D-D0E0-A73258207AB2}" = ccc-core-static
"{6C92846D-67BA-5B17-38F4-E1318A0272B7}" = CCC Help Greek
"{6D437C07-418F-9E01-96EB-DC55F780A198}" = CCC Help Turkish
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710E96D5-98A1-6732-8768-8F4ACCA520C1}" = CCC Help Portuguese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9299A9E5-4A0F-C936-76BD-62BCBD38CC21}" = CCC Help English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9B04A7CC-F80E-72C6-8B9E-83A88A5B479B}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6A200F-90D7-F262-9639-16D640298E32}" = CCC Help Finnish
"{A37E63B7-29E5-CAF4-A81D-0A67946924E0}" = Catalyst Control Center Graphics Previews Common
"{A5449F23-80E8-04D2-EB41-7BE229CCB37B}" = Catalyst Control Center InstallProxy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C0838AAC-DF3E-5865-88D3-E43864E2B065}" = CCC Help Korean
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C257F891-7975-979B-3EDD-D3E74F1F583B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CBD74B80-E1A2-08A1-69D9-DE37BFA265EF}" = CCC Help German
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B8}" = WinZip Courier
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA26698F-3E4F-FBAE-8219-5C3D3C1ECA92}" = CCC Help Spanish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13D5C1F-EA6D-E340-85A9-0EA7221F31E9}" = CCC Help Danish
"{E1D1E335-C6CE-C9A5-12B8-587D561E8B30}" = Catalyst Control Center Localization All
"{E3FE0FA5-D813-14AB-DE7B-594257E9550B}" = CCC Help Chinese Traditional
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E774EEC0-18E6-49C8-A271-07654C0A2047}" = Catalyst Control Center - Branding
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C4AAC9-C7B6-59B3-789D-D2CA4E0CFCD1}" = CCC Help Dutch
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5468CFB-F146-12D8-913B-513145180028}" = CCC Help Russian
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA2509E9-7197-8FB8-B35E-090A4F81CA6A}" = CCC Help Chinese Standard
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"BFGC" = Big Fish Games: Game Manager
"BFG-Guardians of Beyond - Hexenhausen Sammleredition" = Guardians of Beyond: Hexenhausen Sammleredition
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON Scanner" = EPSON Scan
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Message Faces for IE" = Message Faces für Internet Explorer (remove only)
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTomTom" = MyTomTom 3.1.0.530
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"SFT_de3 Toolbar" = SFT_de3 Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087490" = Jewel Quest Solitaire
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089460" = Mystery P.I. - The London Caper
"WT089484" = Namco All-Stars PAC-MAN
"WT089492" = Crazy Chicken Kart 2
"WT089493" = Fishdom
"WT089497" = Big Rig Europe
"WTA-40a22801-9cef-4790-bda0-5ce7b7ef0c83" = Red Crow Mysteries: Legion
"WTA-fdb7ada1-e72d-44b5-a7cd-eb1f008c8c3b" = Family Vacation: California
"XobniMain" = Xobni
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-688040076-4065842808-1344549600-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 20.04.2012 00:16:34 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.04.2012 03:28:21 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.04.2012 03:52:51 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.04.2012 03:21:50 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.04.2012 07:05:01 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.04.2012 10:24:41 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2012 00:13:22 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2012 14:55:25 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2012 00:24:21 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2012 13:36:09 | Computer Name = Rike-HP | Source = WinMgmt | ID = 10
Description = 
 
[ Hewlett-Packard Events ]
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 31.12.2011 05:52:41 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Message: Der
 Objektverweis wurde nicht auf eine Objektinstanz festgelegt.  StackTrace:   bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()

   bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()    
 bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate()  Source: HP.SupportFramework.Communicator

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: de-DE  RAM: 1642  Ram Utilization: 80  TargetSite: Void closeConnection()

 
Error - 13.01.2012 09:00:23 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:06:26 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 13.01.2012 09:07:06 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:52:59 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 06:58:02 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:01:07 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 27.01.2012 07:28:18 | Computer Name = Rike-HP | Source = HPSF.exe | ID = 4000
Description = 
 
[ HP Software Framework Events ]
Error - 09.12.2011 12:09:17 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.09 17:09:17.705|00000288|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 11.12.2011 18:22:20 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.11 23:22:20.964|00001010|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 24.12.2011 15:19:00 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.24 20:19:00.515|00000E88|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 31.12.2011 05:58:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2011.12.31 10:58:16.748|000016A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 06.01.2012 07:46:50 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.06 12:46:50.438|00001508|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:51:02 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:51:02.378|000003A0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:07 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:07.355|000016A4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 20.01.2012 06:53:16 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.20 11:53:16.478|00000D70|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 27.01.2012 07:01:53 | Computer Name = Rike-HP | Source = CaslWmi | ID = 5
Description = 2012.01.27 12:01:53.617|00001B50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 05.04.2012 10:07:13 | Computer Name = Rike-HP | Source = hpqWmiEx | ID = 5
Description = 2012/04/05 16:07:13.621|00001230|Error      |ChpqWmiExModule::Start|StartServiceCtrlDispatcher
 FAILED. Error: 1063
 
[ HP Wireless Assistant Events ]
Error - 09.11.2011 18:40:03 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:09 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:41:15 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:20 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:42:25 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:31 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 09.11.2011 18:43:36 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 15.01.2012 17:11:28 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
 abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount,
 IWbemClassObject_DoNotMarshal[] apObjects, UInt32& puReturned)     bei System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

   bei HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

   bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
 radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei 
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
Error - 18.02.2012 10:08:17 | Computer Name = Rike-HP | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Der Thread wurde abgebrochen.

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ System Events ]
Error - 05.05.2012 04:27:19 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7034
Description = Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 05.05.2012 14:17:41 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 05.05.2012 14:18:03 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 05.05.2012 14:18:03 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 05.05.2012 15:11:58 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 05.05.2012 15:12:13 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 05.05.2012 15:12:13 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 06.05.2012 05:32:49 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HPWMISVC erreicht.
 
Error - 06.05.2012 05:33:13 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 XobniService erreicht.
 
Error - 06.05.2012 05:33:13 | Computer Name = Rike-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "XobniService" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
 
< End of report >
         
--- --- ---




So habe es so gemacht wie du mir hier erklärt hast beides war auf meinem deskop hoffe jetzt hab ich es richtig gemacht

Geändert von rike42 (06.05.2012 um 11:15 Uhr)

Antwort

Themen zu trojaner durch email
abgesicherten, angeblich, anhang geöffnet, bewusst, code, dateianhang, eingefangen, email, explorer, falsch, falsche, fenster, garnichts, gefangen, gen, hoffe, konto, mails, meldung, modus, neu, nichts, stunden, total, trojaner, würde, zahlen



Ähnliche Themen: trojaner durch email


  1. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  2. Durch Öffnen der DHL-Paket-Email mit Virus infiziert.
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (13)
  3. Windows 7 _ DHL Trojaner _ vc32lo 1.dll eingefangen durch Email!
    Log-Analyse und Auswertung - 05.04.2015 (10)
  4. t-online Adresse eingeschränkt wg. mögl. Nutzung meines eMail Kontos durch Dritte
    Log-Analyse und Auswertung - 03.03.2015 (15)
  5. Spam-Mails durch Email-Account versendet
    Plagegeister aller Art und deren Bekämpfung - 05.06.2014 (13)
  6. Trojaner durch Öffnen von Spam-Email/WinZip Malware Protector
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (1)
  7. Win7 64Bit - Email Account wurde kompromittiert, vermutlich durch Virus, Trojaner, Malware oder Hijacker. Nach Scan mit ESET Online Scanner
    Log-Analyse und Auswertung - 17.04.2014 (9)
  8. email gehackt überprüft durch BSI-sicherheitstest
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (6)
  9. Link in Email angeklickt durch gehackten Mail account
    Log-Analyse und Auswertung - 14.04.2013 (26)
  10. Windows 7 Professional 32 Bit durch Virus in Fake-Email beschädigt.
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (4)
  11. Windows 7 Professional 32 Bit durch Virus in Fake-Email beschädigt.
    Mülltonne - 09.10.2012 (0)
  12. Trojaner durch email
    Log-Analyse und Auswertung - 02.08.2012 (28)
  13. Verschlüsselungs-Trojaner Trojan.Ransomlock.P durch Anhang einer Email-Mahnung
    Log-Analyse und Auswertung - 14.06.2012 (4)
  14. Virus/Trojaner durch Email
    Plagegeister aller Art und deren Bekämpfung - 23.03.2012 (9)
  15. Automatische Email-Versand durch Virus
    Log-Analyse und Auswertung - 19.12.2010 (1)
  16. kompromittierte Email u. gameaccounts evtl. durch H@tkeysh@@k.dll
    Log-Analyse und Auswertung - 05.12.2010 (27)
  17. Langsamer eMail-Versand durch Antivirenlösungen?
    Antiviren-, Firewall- und andere Schutzprogramme - 24.04.2005 (9)

Zum Thema trojaner durch email - Hallo, ich hoffe mir kann man helfen ich bin total verzweifelt habe durch eine email mit dateianhang die angeblich von der telecom sein soll einen trojaner eingefangen ich habe dummer - trojaner durch email...
Archiv
Du betrachtest: trojaner durch email auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.