Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GUV 2.07 Webcam Trojaner!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.07.2012, 21:04   #1
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Hallo zusammen,

auch mich hat nun - seit Donnerstag - der Bundespolizei-Trojaner erwischt. Und zwar handelt es sich um die 2.07 GUV Webcam Version. Mein Laptop funktioniert, solange ich das Internet anschalte.

Ich habe bereits OTL heruntergeladen, muss ich irgendwelche besonderen Einstellungen beachten?

Malwarebytes habe ich auch schon durchlaufen lassen, allerdings bringt dies ja nichts, da ich es - ohne Internet - nicht updaten kann. Gibts dazu eine offline-Möglichkeit?

Betriebssystem: Windows 7 Home Premium 64-Bit

Ich hoffe ihr könnt mir weiter helfen, bin absolut am verzweifeln, denn ich müsste eigentlich an diesem Laptop gerade meine Diplomarbeit schreiben! Habe schon sehr viel versucht, nur nichts hat geholfen.

Vielen Dank schon mal.

LG Vera

Alt 21.07.2012, 21:48   #2
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!





Internetverbindung trennen!

dann:
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe
- Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
- Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
- Unter Extra Registry, wähle bitte Use SafeList
- Klicke nun auf Run Scan links oben
- Wenn der Scan beendet wurde werden 2 Logfiles erstellt
- Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 21.07.2012, 22:49   #3
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Danke für deine Antwort!
Habe den Scan durchgeführt, anbei die beiden Logfiles.

Extras.txt
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.07.2012 23:20:48 - Run 2
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Lappi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 75,22% Memory free
15,71 Gb Paging File | 13,56 Gb Available in Paging File | 86,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,07 Gb Total Space | 362,20 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
 
Computer Name: LAP | User Name: Lappi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060988AB-52F6-4626-8450-87B912209D04}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{2091A151-5C3F-4F58-97ED-2F0D47D8A140}" = rport=138 | protocol=17 | dir=out | app=system | 
"{21A7752D-CD12-4FDB-9EA6-8178B0E53F9C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{227FF6C8-4487-4178-9D24-6F1C4633178A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2958DBC2-F5CA-4976-A882-17687928F153}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{2EB07A78-2C04-4340-8F4E-9E6D7454678D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{36582807-F65E-49B0-AE37-74860C46C73C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5077B61C-A343-44ED-9A87-7AA8122A39EE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5759EE05-86E3-460C-B3A9-26044EA4334D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5EC90110-A7EA-40D2-8262-6279128D4A1C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{60599634-E892-4785-B11A-94FE2E937086}" = lport=137 | protocol=17 | dir=in | app=system | 
"{72E74594-EB71-43B9-A98F-177AF829370E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{87A5F55B-9142-44A2-A29D-929441772881}" = lport=138 | protocol=17 | dir=in | app=system | 
"{8C684003-24BE-4AEB-B6ED-8EF2032CD79F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{9F23B095-3A3E-4F38-8E5D-C1A6D1150A99}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D1893903-93B9-4FA8-9E7F-CEE1ECADAE88}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D5026AAE-922F-48CC-BB52-48ACF6A572D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DA8D839B-4F88-4AFF-88AA-7D6CEACB0CEB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{DAD37DF3-C62B-4905-B9D7-DD599037B732}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DD50FE03-1485-41FC-80D7-A62BCE4C6E91}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{E4EAB50B-6736-4502-9106-E0ACC4618D18}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E6FC7F69-54FC-44DD-AC5A-86D59082599A}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{FCC7EDA5-D1B5-42AE-8F98-DB8FCECD0733}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07488AB7-0E42-46C6-959C-5D742A898451}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{08861E7C-B3AA-4D80-945D-36A2C7A41FFB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{0A1405AF-619D-4FD6-8681-6BD96EBAFBFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{11CB86A1-40AB-4E73-99E3-9755AAC0FD2C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{1F315597-CCC7-48CE-9BA3-C8B5AB086DA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{20F1A615-18BA-477D-88F8-E98B5863B77D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{24D29565-3DAC-4925-A1A5-4E8EFB8F6E83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{29BE874A-CAFD-4004-ADAB-2BE4DCEA8404}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{29EE9DE6-4558-49B2-B2A0-6D95A346E966}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{2AAD94E4-8C1A-4555-8C6E-114DB5D99C0C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3AA3A8B9-57E3-4134-BB3F-412521B653D2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{3C519C3C-E1C4-4A9D-A4BF-C385465AA4AB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{4D1A0808-FAD0-4245-A90F-487477D7BACC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4FB4CA1D-5204-4475-9394-314E08C72E22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{606567D6-3DE0-4EDD-A3DC-9ACB0B65434E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{6BE1A36A-398A-4EA8-B386-E8D3874777D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{722E6F4F-E60F-4F6E-943C-C5206A866F07}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{81075477-713E-470B-9699-D2D44CF14F7F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{85F10D55-2EC0-44B8-BF61-4B9799222BED}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{87A5B499-2AF5-458A-ACAC-080C07417DF2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{8C5864C9-2742-4994-8CAC-90D892ACE738}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A2EFC3F3-22E2-49FC-84C6-3C0B848E483B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{AEC275E7-4099-4327-97F4-D857C3002F52}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{AF7D62CA-D1D7-46A8-B0A8-38450E105154}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{B555CA16-3538-46A8-A29D-5B2649AB0B14}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{B8BEB4E4-FDE2-4B43-A840-5B71C0FE9633}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{B8F3328C-4658-4502-961B-BFB68C27D1C7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{BB3FD184-61A7-410B-A7D9-B299639ACDC8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{BD0BF748-0937-4AE9-9E06-4A727749A67C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{C28F2A73-BCB2-42E0-A208-8764AE209E2D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{C67E27A2-19D1-49A7-88CB-174ED2C179CA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{C8CA399C-403A-41D1-B3DD-98887899FCD4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D30FB217-E5A2-4FC2-9608-167A3F0940BF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{D35B375B-CDD5-4ABD-88B1-B1ABD0FD3CA7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D5E87B81-3F78-4B05-B14E-8A4FBB96EF93}" = dir=in | app=c:\program files (x86)\cyberlink\homemedia\homemedia.exe | 
"{DA1F9FC2-5DAC-4310-A774-DE180D86B50D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{DE77AFA3-49CD-4A53-8BE0-1626E95E6615}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EBE4B797-B3EF-4170-9593-4748B7C104E7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{EC5210CD-C53C-4ADD-ABB7-BEE451A4AB8E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{EF9720F5-5664-45EF-98B7-27FDA0524EE6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"TCP Query User{19D7E8C7-4B06-4CA1-83D7-F0782ECF6CB1}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{7F7BEB63-40A1-4A76-9C7E-1965F7C4FAE8}C:\users\lappi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lappi\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{8D8F9A03-AB7F-4DAF-9B7E-5D1890A42F1C}C:\program files (x86)\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"TCP Query User{8FD63D73-615E-4463-838C-36556721987E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{001601E5-9BF7-4309-9AB5-AD5ADE713F1D}C:\users\lappi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lappi\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{5A4218DA-545A-4A53-B46D-6BE3976F74E3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{B674DF40-EB26-48BB-A6EF-DA10B3E3BF92}C:\program files (x86)\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"UDP Query User{C4035A21-5F00-4E26-AB22-59B59715AC14}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02D65B2D-FF5E-42DF-A432-526D4345F8EB}" = NI-ORB 1.7.0f0 for 64 Bit Windows
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit)
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{266597A9-1664-0000-0100-DCBF2B69166B}" = Autodesk Vault 2012 (Client) German Language Pack
"{2844A4FA-B106-49E0-BD30-15FA4A40C13F}" = NI VC2005MSMs x64
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{334CE4F7-CA62-43DC-9E44-EE13CDDFC191}" = NI Spy Windows 64 Support 2.5.1
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46CAA7BE-5BB3-4B6B-B82B-6010B393BAF1}" = NI-MDBG 1.7.0f0 for 64 Bit Windows
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C3D327A-36E7-403B-A08A-7DF9F1F7F79B}" = NI MAX Help for 64 Bit Windows
"{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}" = Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack
"{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}" = Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5783F2D7-A028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2012
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5DB24653-C033-4BD6-BD1F-F19EE6261ECE}" = NI-RIO for 64-bit Windows
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{685214A2-B0B1-48FA-9796-5CA3442E4C19}" = NI-IMAQdx 64-bit Driver Support
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{72B7DCDE-09E5-49AE-9AEC-28C3B7C76D8E}" = NI-PAL 2.1.0f1 for 64 Bit Windows
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{754821F1-716F-4A28-9D35-29834F42F7D3}" = NI-DIM 1.7.0f0 for 64 Bit Windows
"{7601FB82-D496-4EDA-A0BB-6A40999EF910}" = NI PXI Hardware 64-bit Support for Windows 2.3.1
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7F4DD591-1664-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2012
"{7F4DD591-1664-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2012 Language Pack - Deutsch
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUSR_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9ECEF557-A045-49C9-80E5-2112F542FB6A}" = NI-Serial 3.3 64-bit driver
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A60EC3AC-F2B1-41BB-9A91-837D10E0D021}" = NI-MXDF 1.8.0f0 for 64 Bit Windows
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42AD7D2-421E-4B86-9501-37D60FACF46B}" = NI Portable Configuration Help for 64 Bit Windows
"{B46DECD1-1664-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2012 (Desktop Content)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{BB94460E-04F9-4465-98D6-B6D92F4B40D0}" = NI-IMAQ 64-bit Driver Support
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CF526A26-1664-0000-0000-02E95019B628}" = Autodesk Vault 2012 (Client)
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D25FF5C1-1664-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2012
"{D385F5B2-6880-4B57-B857-DE1BFB234804}" = NI-DAQmx - LabVIEW shared documentation for 64 Bit Windows 1.3.1
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D508C13F-FD07-4F97-AA43-DBAA93698C7F}" = NI-VISA x64 support 4.2
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}" = Eco Materials Adviser (x64)
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE7DA413-6B0D-4551-B274-A499DC158117}" = NI PXI Platform Services for Windows 64-bit 2.3.1
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"Autodesk Inventor Professional 2012" = Autodesk Inventor Professional 2012 Deutsch
"DWG TrueView 2012" = DWG TrueView 2012
"Elantech" = ETDWare PS/2-X64 8.0.6.0_WHQL
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.5.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{00EA6C15-7168-4102-9B18-0BB4094766B6}" = NI-IMAQ Configuration 2.5
"{01E47856-B1A1-4B69-A0DF-714942D5E4E8}" = NI-MDBG 1.7.0f0 for Phar Lap ETS
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"{035456F9-982A-49C0-A8D8-E9C0FEA659E4}" = NI-Serial 3.3
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{05401431-E24F-4500-BE67-6471C062E400}" = NI LabVIEW 8.5.1 Resource
"{0551E151-A312-44B2-956D-32715A988EB8}" = NI-PAL 2.1.0f1 for Phar Lap ETS
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{06313EE8-F60C-4176-9092-01E0420267BF}" = NI LabVIEW 8.5.1 CINtools
"{0633AAD6-4FBD-4F94-A420-FE5FAC85FD24}" = NI-Serial 3.3 MAX Provider
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{065F29A4-D4D9-4BB9-85AF-8A878907BBD6}" = NI LabVIEW Run-Time Engine 8.5.1
"{0699C67B-F5B5-4CA3-A3A9-B976406FA4DA}" = NI Service Locator
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{071ED036-038F-4F6C-8188-B5E02602C8AD}" = NI LabVIEW MAX XML
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07EC2A8F-AF18-4908-942A-3CD62E9FB4B7}" = NI License Manager
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C51A9B5-A6A7-4A62-AD72-A0164F997583}" = NI LabVIEW 8.5.1 Help
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E9389C0-0E8A-4174-A430-CFAFF29CC3A7}" = PokerStrategy.com Equilab
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F7038A9-4CA2-4A63-B4F4-D3DB79B089D4}" = NI-Serial 3.3 Help
"{0FB31DF8-38DF-4C9D-B313-AFAFC3FBA02B}" = NI LVBrokerAux 8.2.1
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{1538B06D-3F62-4622-B9D2-27B894C3496C}" = NI LVBrokerAux 8.5.0
"{155156B0-7C04-47A2-9CB4-D395DC4F1595}" = NI LabVIEW 8.5 FPGA Realtime Support
"{15D5755D-3795-45FE-9ED6-BC0DAFA3B333}" = NI-RPC 3.4.0f1
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{1767C198-96AA-4D7C-B4DD-C34165607E7D}" = NI-Intel8254x for LabVIEW Real-Time
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F4ADCB-387E-43A5-8292-A4A37704D670}" = NI MDF Support
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19DA604D-3BD7-4C44-B62D-5F8A6D4F0117}" = NI LabVIEW 8.5.1 Instr.lib
"{1A710265-096B-46CB-8849-53A209D9A8CF}" = NI Certificates Deployment Support
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1CF99BB2-C257-49A9-A5AB-078132CFFFC5}" = NI-STE10/100A 2.1.0f2 for Phar Lap ETS
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{20D21946-CC38-4380-94F7-E49A447AD12F}" = NI-MXDF 1.8.0f0
"{2175FC8F-7729-4C10-AC3E-6ACC7CBE0DEB}" = NI Logos LabVIEW 8.5.1 (German) Support
"{21DFC7B6-3C9E-4D37-AA0A-4C75EE72E745}" = NI-RIO 2.3.1 driver for Real-Time Embedded Targets
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{23CED7EB-EBD1-4F1B-A58F-0EAD62C59667}" = NI LabVIEW 8.5.1 iMath
"{23CEFC22-D1F5-4EED-A8FF-A3F60CCE7616}" = NI-IMAQdx .NET Support
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24D2C6D6-B47C-4B27-BDD7-EE70F745E78A}" = NI-RIO 2.3.1
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26BCC645-5CD6-4864-B779-A38C8C59EC3C}" = NI-VISA 4.2
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{27540AD5-C2CD-484D-AAEF-AD1A8DF26CB7}" = NI-DIM 1.7.0f0 for Phar Lap ETS
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{297BDF30-471F-4E8C-9C05-09C3882300CD}" = NI LabWindows/CVI 8.1.1 Run-Time Engine
"{297FA251-FF30-4F16-978C-4A65EA804EFF}" = NI LabVIEW Real-Time Error Dialog
"{29A816A6-86EF-41ED-806C-012728927595}" = NI Remote Provider for MAX
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2F60CB4C-4134-42CA-B8A6-76F732CBADC2}" = NI Variable Manager
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FD67C2E-0F4B-4691-8680-24CD60217220}" = NI Variable Engine
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33C5793B-DEE4-4C5B-AABA-F99827EC4359}" = NI LabVIEW Real-Time Support for NI 17xx Series
"{34067EE8-710C-4EDA-965F-C977FB2CEDCC}" = NI Spy 2.5.1
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38A4AD83-3492-4A4E-A502-48106D88DD3E}" = NI USI 1.5.0
"{39CD244E-9E9E-4DF1-8B3F-853DD8795382}" = NI LabVIEW 8.5.1 VI.lib
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3BEFE7B3-1FAF-4C0E-A44D-7E5AF5916087}" = NI LabVIEW 8.5 Help File
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor
"{4262645A-40CC-47C7-8934-903FB7E9DC09}" = NI-PAL 2.1.0f1
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45FA54F6-8574-49D2-9E2D-0BDDE6237822}" = NI LabVIEW Run-Time Engine 8.2.1
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{47CED407-95BF-4EF5-AD14-89F979480E1A}" = Secure Download Manager
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{53736430-DBEC-4582-B072-2F1F0A2C4EA6}" = NI LabVIEW Run-Time Engine 7.1.1
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5474BF08-A9D0-49A2-9FCA-4D081B3797B5}" = NI Logos XT Support
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{573EC2A4-F061-47A3-A7BC-6012B42D6C8F}" = NI-IMAQ Camera Files
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57E227A9-B368-48A5-88A6-4A9436F24F9F}" = NI-VISA 4.2 for LabVIEW Real-Time
"{590A82CF-654B-4200-8EF4-9AE32F87DC27}" = NI CVS-1450 Series Remote Provider
"{59DD18B4-3953-4D52-BB1C-C68275F47CE8}" = NI Portable Configuration
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5CFB8587-36ED-4425-A736-E93F1E79A275}" = NI-IMAQ 4.0
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5DBDA3D6-7D16-419C-8434-219011CF652B}" = NI-VISA Runtime 4.2
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6015C797-82BE-4655-8D53-581C838F14B0}" = NI-TNF 1.4.1f0 for Phar Lap ETS
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{6124C288-11D7-4698-9267-419B8027AE6C}" = NI LabVIEW FPGA Elemental I_O Common
"{61DE264E-A629-4AB7-B70F-C1E5375ED0CD}" = NI RT MSVS 7.1
"{623452CA-42D2-4AD3-B469-0C2114A5E1AE}" = NI LabVIEW 8.5.1 Deutsch
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials
"{637F6ABF-5CC0-471E-9A8C-7A6B6321BFF2}" = NI LabVIEW FPGA Support for Host Communication
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{671A5B67-1A00-424A-A902-49BC020FB3D1}" = NI VC2005MSMs x86
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C6AFAC5-AAA1-4E12-9E09-011E3F6B436D}" = NI LabVIEW 8.5.1 WWW
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6CF70201-637F-4A89-B82C-30A163B87016}" = NI LabVIEW 8.5 License
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E605604-E2CE-4331-AA19-5FEF273F3CFD}" = NI LabVIEW Real-Time FIFO for Runtime
"{6E82F407-333F-4A8B-B3F2-3AB9CC711737}" = NI-SMC9 1.2.0f0 for Phar Lap ETS
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{707A4E0C-8ACE-41BD-8597-117E6C3A5EA2}" = NI DataSocket 4.5.4
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D79D45-4F40-4ECF-8198-BD57635E65DA}" = NI PXI Platform Services for LabVIEW Real-Time 2.3.1
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73935D21-6136-4FF6-8069-33D767E61429}" = NI-DIM 1.7.0f0
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{74F4EA0E-6E74-4336-BFB7-8B1376CACBB1}" = NI Instrument IO Assistant for LabVIEW 8.5
"{759C67E8-31B8-4F5B-88B3-7B2E2D24A572}" = NI LabVIEW 8.5 Real-Time Target Support Files
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{76454862-992F-4A12-9D61-76E52A1C6922}" = Windows Live Messenger
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{77F73F6E-139D-4B38-AB0D-6D2F0E860478}" = NI Logos 4.9.1
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{797D46F1-214B-484F-BCC2-69E0BC0E3359}" = NI-VISA 4.2 MAX Provider
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C0B9FD1-5181-4446-AD62-299873B5508B}" = NI Uninstaller
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7DE3B2CC-B0EA-4607-B407-7E5E7C8BEAB0}" = NI LabVIEW Broker
"{7DEA0C8C-2DB7-4311-87D8-A90921BF8B53}" = NI PXI Platform Services Provider for MAX 2.3.1
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E3668CB-1228-416E-B721-C2FA3247B985}" = NI LabVIEW Real-Time FIFO for Runtime
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F778D76-6D44-4058-99F2-6F17CFC35A18}" = NI LabVIEW 8.5.1 Menus
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{873B6C52-4EAF-4FA8-A156-907FE78D74F3}" = NI LabWindows/CVI Code Generator
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8D0DA463-9515-4469-82EB-A621A7E330B4}" = NI-IMAQ IO .NET Support
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E25212F-D6E5-4504-BE07-0F03A603B5E5}" = NI-APAL Error Files 1.2.0f0
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{8EB3022D-F805-421C-A573-59EC3EE5C08C}" = NI-IMAQ Provider for MAX
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{90F878B3-11B9-4BAD-8772-6251ADC7779C}" = NI LabVIEW Deployable License 8.5.0
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{911F2BEE-4919-4BA3-A097-B014070FD738}" = NI Assistant Framework LabVIEW Code Generator 8.0
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FA4246-7317-4A35-A74C-EF7D15B28C03}" = NI PXI Platform Services for Windows 2.3.1
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95B2CC9F-9C29-4F43-A4E7-9953FDFDC90F}" = NI-ORB 1.7.0f0 for Phar Lap ETS
"{95F1D58C-3A9C-4505-A554-A10322E4766B}" = NI-ORB 1.7.0f0
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{98618CFE-CACD-48C4-85EA-F9197FFEDD0C}" = NI Assistant Framework LabVIEW Code Generator 6.1
"{99413197-FA7B-42B4-9ABD-CE2CF7AD1B96}" = NI Variable Engine LabVIEW 8.5.1 (German) Support
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C307CEE-ED73-4BFB-A04D-F7E6BD633FE4}" = NI LabVIEW 8.5.1 Project
"{9D286976-1EF7-400F-A437-F08BD9995162}" = NI-RIO I/O Control for LabVIEW 8.5
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D9C8C52-6D2F-4FBA-B98B-DDA5817F6D67}" = NI LabVIEW 8.5 MeasAppChm File
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{9FBEC876-60EB-4BAC-BF51-E7EF29C1D71A}" = NI Assistant Framework LabVIEW Code Generator 8.2
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia
"{AA91B347-DDC0-41D7-BBAB-30EF9E8BBFC6}" = NI-Serial 3.3 for LabVIEW Real-Time
"{AAA8E1BC-4034-4934-9A77-D9898F2AABA4}" = NI LabVIEW 8.5.1 Applibs
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAEAC72F-9B68-464A-BC8B-587946B99B4E}" = NI MAX LabVIEW Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{AF427A47-6C0E-4A37-90FF-FBEC042D889A}" = NI LabVIEW 8.5.1 Manuals
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2A873FC-C107-4B0F-8EF7-AC921B6A946F}" = NI Vision Acquisition Express VI
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B515A110-E99B-4556-B9B4-36FE67E5FE62}" = NI-IMAQdx 3.1.2
"{B59C4A37-E4EA-41E8-922F-EF8E6762412F}" = NI-MDBG 1.7.0f0
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BAFBA29B-7219-4A45-8B18-0C992126A280}" = NI OPC Support
"{BB6B7CF3-6231-4F11-8F5B-8A7F10F3F587}" = NI Assistant Framework
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Süß & Schrecklich Ergänzungs-Pack
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C1B880D6-0260-4679-BF8C-A105C69F870A}" = NI LabVIEW 8.5.1 Examples
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C84DBE54-E341-452E-BA71-57F5548C629D}" = NI Enhanced DSC Deployment Support 8.5
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C89DE19D-0B53-45C2-9534-73EDA1E8FCB7}" = NI LabVIEW 8.5.1 Templates
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D105D090-E9E5-4572-A61C-01EDE7568A17}" = NI TDMS
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D2EB6337-42E5-4D6E-B01F-2FF9E30F4A06}" = NI Web Pipeline
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D3FE1E36-DF92-442F-AAE6-FFF4D5913834}" = NI LabVIEW Merge Utility 8.5.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47BF5FF-D068-4A36-82B4-F55E68F38BE9}" = NI-INTEL8255X 2.1.0f0 for Phar Lap ETS
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D88B4D82-11CD-4E56-872F-6E34A643D2DE}" = NI MXS
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9529709-28B0-4DA1-8749-8924C11AAFF2}" = NI Registration Wizard
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DBAB74B6-A70E-46F7-881D-07838F930A4C}" = NI-RIO Common Files for LabVIEW 8.5
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DCC02AC1-1A01-4A72-9B16-0E328803CD91}" = NI MXS 4.4.0f0 for LabVIEW Real-Time
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E046A9E5-3991-40F6-91D2-57A28B4ACC60}" = NI Remote PXI Provider for MAX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12130E0-A154-42B5-8A34-1094C47082A9}" = NI-IMAQ .NET Support
"{E218404D-A7E6-409D-A857-8DF3BFDE81A3}" = NI-IMAQ IO 2.1
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51A29FF-C828-4AA1-AC39-9A312411FFEC}" = NI LabVIEW 8.5 Simulation
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B1DA8B-D2C2-4E4F-82CF-28C169FD4598}" = NI Assistant Framework LabVIEW Code Generator 7.1
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E5FF4ACF-89A3-4FF9-AD1F-A3F1DD5CF5F5}" = NI-VISA Server 4.2
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{E6BBBB50-76E9-4F2F-AA8C-3FDDEB978A87}" = NI Assistant Framework LabVIEW Code Generator 8.5
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EB9E7F70-8F2E-412A-A182-FAC85345FDCC}" = NI Assistant Framework LabVIEW Code Generator 7.0
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED58A59C-A037-4956-A672-6D010420FCD6}" = NI-BROADCOM57XX 2.1.0f1 for Phar Lap ETS
"{EDF51FA5-6909-47E1-AAFE-411BA8900AA1}" = NI-DAQmx - LabVIEW shared documentation
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF168C8D-7EAD-4BEC-ACC7-167A0AA2944B}" = NI Example Finder 8.5.1
"{EF291E73-31C0-4759-A0F6-3845DF9685B0}" = NI LabVIEW Integer Math and Analysis
"{EF2932C5-BD99-40B7-82E1-5E6815B3E7ED}" = NI LabVIEW 8.5.1 gMath
"{EF3660C5-203A-426E-A22C-81E35785F3B6}" = NI LabVIEW 8.5.1 User.lib
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F08FF422-BDBC-4816-810A-085880C15FC6}" = NI Software Provider for MAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F566E322-AA55-4AAE-A3E8-43B1786710A5}" = NI Measurement & Automation Explorer 4.3
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7D0E9F5-6025-49FA-B13C-CFA27E062062}" = NI EULA Depot
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDA3B45E-073C-4394-90F5-44887B54CC2C}" = NI LabVIEW 8.5 Device Detection and Deployment Support
"{FDEABB07-6AC3-41E1-A17C-CA5D9707EF72}" = NI-RPC 3.4.0f1 for Phar Lap ETS
"{FDF8AE1D-C47B-4A0B-9A78-F4CC00236C42}" = NI-MXDF 1.8.0f0 for Phar Lap ETS
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Vault 2012 (Client)" = Autodesk Vault 2012 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Calculatem Pro_is1" = Calculatem Pro
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DivX Setup" = DivX-Setup
"EADM" = EA Download Manager
"Holdem Indicator_is1" = Holdem Indicator 2.3.2
"ibaAnalyzer" = ibaAnalyzer v5.21.3
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Packard Bell MyBackup
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"NI Uninstaller" = National Instruments-Software
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"PokerStars" = PokerStars
"PokerTracker3" = PokerTracker 3 (remove only)
"PostgreSQL 8.4" = PostgreSQL 8.4
"PremElem90" = Adobe Premiere Elements 9
"RouterControl" = RouterControl 2.0
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WTA-06eb6600-64b5-47c3-b6fa-7ff1ff2f3cfc" = Jewel Quest Solitaire
"WTA-07606b8a-2b3b-4542-be1e-1fbd0fb8a291" = FATE
"WTA-08088377-5408-490f-bc00-811ab5c6a155" = Slingo Deluxe
"WTA-0f12f38c-a64a-46af-b289-be2a46c95da0" = Mystery P.I. - The London Caper
"WTA-46208327-facf-4724-b4eb-fcd31a20c91a" = Virtual Villagers - The Secret City
"WTA-71cb4c31-7f0a-4f0e-8614-b0758e707d95" = Bejeweled 2 Deluxe
"WTA-7a931507-7018-49b2-8194-f5270f35e64a" = Zuma Deluxe
"WTA-813785b6-6024-4c2d-9ceb-4ed1e8a22c86" = Torchlight
"WTA-82596a95-dbbf-4624-92d7-4a0580689489" = Polar Bowler
"WTA-82c3f7f1-e3e5-4d3e-879e-fed9df6ddd15" = Wedding Dash
"WTA-93b4139e-5995-45d6-b869-7e49ad69221d" = John Deere Drive Green
"WTA-98473aaf-1a49-4a16-86b0-e0d836409520" = Diner Dash 2 Restaurant Rescue
"WTA-9e7c7af7-67b5-4fe6-b560-e140de7c5560" = Crazy Chicken Kart 2
"WTA-aa97fe7c-8120-467e-a783-7e1ffa9a52fc" = Plants vs. Zombies - Game of the Year
"WTA-b98c8cd9-181a-464d-b6f1-2e8e061acf54" = Penguins!
"WTA-c2b35758-fa65-4d7c-9f2d-924256554958" = Agatha Christie - 4:50 from Paddington
"WTA-f63728e7-2d28-4ae0-a675-d8025ecad800" = Chuzzle Deluxe
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2012 04:03:16 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 463682
 
Error - 02.07.2012 04:03:17 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 02.07.2012 04:03:17 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 464680
 
Error - 02.07.2012 04:03:17 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 464680
 
Error - 02.07.2012 04:03:18 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 02.07.2012 04:03:18 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 465679
 
Error - 02.07.2012 04:03:18 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 465679
 
Error - 02.07.2012 04:03:19 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 02.07.2012 04:03:19 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 466677
 
Error - 02.07.2012 04:03:19 | Computer Name = Lap | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 466677
 
[ System Events ]
Error - 02.04.2012 15:02:16 | Computer Name = Lap | Source = ipnathlp | ID = 31004
Description = 
 
Error - 02.04.2012 15:08:56 | Computer Name = Lap | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst NIS erreicht.
 
Error - 02.04.2012 15:10:07 | Computer Name = Lap | Source = ipnathlp | ID = 31004
Description = 
 
Error - 02.04.2012 15:10:06 | Computer Name = Lap | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst NIS erreicht.
 
Error - 03.04.2012 13:03:32 | Computer Name = Lap | Source = ipnathlp | ID = 34001
Description = 
 
Error - 03.04.2012 13:03:32 | Computer Name = Lap | Source = ipnathlp | ID = 30013
Description = 
 
Error - 03.04.2012 13:05:04 | Computer Name = Lap | Source = ipnathlp | ID = 30013
Description = 
 
Error - 04.04.2012 18:26:23 | Computer Name = Lap | Source = ipnathlp | ID = 34001
Description = 
 
Error - 04.04.2012 18:26:23 | Computer Name = Lap | Source = ipnathlp | ID = 30013
Description = 
 
Error - 04.04.2012 18:26:43 | Computer Name = Lap | Source = ipnathlp | ID = 30013
Description = 
 
 
< End of report >
         
--- --- ---



OTL.txt
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 21.07.2012 23:20:48 - Run 2
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Lappi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 75,22% Memory free
15,71 Gb Paging File | 13,56 Gb Available in Paging File | 86,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576,07 Gb Total Space | 362,20 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
 
Computer Name: LAP | User Name: Lappi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Lappi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
PRC - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corp.)
PRC - C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Lappi\AppData\Local\Temp\toip0_tmp.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (Live Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (mitsijm2012) -- C:\Programme\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (Autodesk, Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (TurboBoost) Intel(R) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (AdobeActiveFileMonitor9.0) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (NITaggerService) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
SRV - (LkCitadelServer) -- C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)
SRV - (NIDomainService) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
SRV - (lkTimeSync) -- C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)
SRV - (lkClassAds) -- C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)
SRV - (NILM License Manager) -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)
SRV - (mxssvr) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
SRV - (NiRioRpc) -- C:\Windows\SysWOW64\NiRioRpc.exe (National Instruments Corporation)
SRV - (niSvcLoc) -- C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corp.)
SRV - (OpcEnum) -- C:\Windows\SysWOW64\Opcenum.exe (OPC Foundation)
SRV - (nipxirmu) -- C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)
DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)
DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (niimaqdxk) -- C:\Windows\SysNative\drivers\niimaqdxkl.sys (National Instruments Corporation)
DRV:64bit: - (NiViPxiK) -- C:\Windows\SysNative\drivers\NiViPxiKl.sys (National Instruments Corporation)
DRV:64bit: - (NiViPciK) -- C:\Windows\SysNative\drivers\NiViPciKl.sys (National Instruments Corporation)
DRV:64bit: - (NiViFWK) -- C:\Windows\SysNative\drivers\NiViFWKl.sys (National Instruments Corporation)
DRV:64bit: - (NIPALK) -- C:\Windows\SysNative\drivers\nipalk.sys (National Instruments Corporation)
DRV:64bit: - (nipalusbedl) -- C:\Windows\SysNative\drivers\nipalusbedl.sys (National Instruments Corporation)
DRV:64bit: - (nipalfwedl) -- C:\Windows\SysNative\drivers\nipalfwedl.sys (National Instruments Corporation)
DRV:64bit: - (nidimk) -- C:\Windows\SysNative\drivers\nidimkl.sys (National Instruments Corporation)
DRV:64bit: - (nimxdfk) -- C:\Windows\SysNative\drivers\nimxdfkl.sys (National Instruments Corporation)
DRV:64bit: - (nimdbgk) -- C:\Windows\SysNative\drivers\nimdbgkl.sys (National Instruments Corporation)
DRV:64bit: - (niorbk) -- C:\Windows\SysNative\drivers\niorbkl.sys (National Instruments Corporation)
DRV:64bit: - (nipbcfk) -- C:\Windows\SysNative\drivers\nipbcfk.sys (National Instruments Corporation)
DRV:64bit: - (ni1065k) -- C:\Windows\SysNative\drivers\ni1065k.sys (National Instruments Corporation)
DRV:64bit: - (nipxigpk) -- C:\Windows\SysNative\drivers\nipxigpk.sys (National Instruments Corporation)
DRV:64bit: - (ni1045k) -- C:\Windows\SysNative\drivers\ni1045kl.sys (National Instruments Corporation)
DRV:64bit: - (ni1006k) -- C:\Windows\SysNative\drivers\ni1006k.sys (National Instruments Corporation)
DRV:64bit: - (nipxirmk) -- C:\Windows\SysNative\drivers\nipxirmkl.sys (National Instruments Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.02 22:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.18 22:28:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.18 22:28:49 | 000,000,000 | ---D | M]
 
[2011.11.08 21:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.08 21:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.11.11 11:10:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.08 21:56:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2007.02.08 11:48:16 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll
[2007.07.24 19:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv85win32.dll
[2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll
CHR - plugin: National Instruments LabVIEW 8.5 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv85win32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.6_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe ()
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FD56C09-6ECC-48A6-A9F4-F4124939300E}: DhcpNameServer = 80.69.102.158 80.69.100.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6B2E251-A481-4DCF-B60D-EB6914984B14}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.28 21:22:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.21 23:17:35 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1A1D696A-BE55-45B1-8860-ADB12262B51C}
[2012.07.21 14:42:23 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lappi\Desktop\OTL.exe
[2012.07.21 12:19:12 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F617FA0F-5388-42D7-B2D2-C92D2594326A}
[2012.07.21 00:10:37 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{85CFAA36-2CF4-46A6-B13F-7828D9AB0198}
[2012.07.21 00:03:46 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{30724DAB-2FFA-41F5-AAC6-D6F1E076388C}
[2012.07.20 23:49:02 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{C5A64C54-7022-44A7-A66E-B6F00AE57AF5}
[2012.07.20 23:21:07 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FE871A74-1F12-4D15-A7DA-7703A72301EC}
[2012.07.20 22:53:18 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DA5357D0-2B09-4144-A651-2CDB05F435E2}
[2012.07.20 22:47:21 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.07.20 22:24:29 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe2
[2012.07.20 16:12:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.doof
[2012.07.20 15:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.07.20 15:27:15 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A1E27FD8-4FEF-463D-BD38-BB25702646DA}
[2012.07.20 12:38:02 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Malwarebytes
[2012.07.20 12:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.20 12:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.20 12:37:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.20 12:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.20 12:17:40 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\recovery
[2012.07.20 11:14:09 | 000,448,816 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Lappi\Desktop\rannohdecryptor(1).exe
[2012.07.20 10:47:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\USB STICK
[2012.07.20 10:46:32 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\TestApp
[2012.07.20 10:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012.07.20 10:15:41 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F7CCFEEF-2AA2-4FB9-BF0B-B2562311403D}
[2012.07.19 19:05:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.19 10:55:54 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{19858E1C-0E86-482D-ABCE-38E068130D1C}
[2012.07.19 10:55:37 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{37E6CCAB-0F4E-4A68-A31E-9AE3A224CA19}
[2012.07.18 16:37:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{7A2296A4-B9DF-4F63-A341-F8D45E2957E0}
[2012.07.18 16:37:05 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{9647DEA8-172F-443E-A4E0-E37BB247C2A2}
[2012.07.18 13:25:29 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{04199C8B-B678-4544-A83F-779D71065DAC}
[2012.07.17 12:09:29 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{95276960-8B18-465F-B7EB-A210DC6C4C07}
[2012.07.17 12:09:20 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1E7CBCC5-62CC-40A3-B9C3-9A1B9994C26E}
[2012.07.17 00:07:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4498FDE3-CE88-477B-AF4D-A3F95D119E8B}
[2012.07.17 00:07:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E1AD682C-B018-4D1A-8589-A9A3EE0B443F}
[2012.07.16 11:36:04 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{BD544E83-AE6B-471A-A74A-61B365DDBFA1}
[2012.07.16 11:35:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F15C7F40-D6E8-4AAD-AD7A-8473172B0081}
[2012.07.15 20:03:15 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E86B1D2B-F067-4A59-B1D3-E42152C6FABB}
[2012.07.15 20:03:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4D622138-C60E-4EBF-8519-207C3123AD92}
[2012.07.13 19:40:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Avira
[2012.07.13 19:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.13 19:35:06 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.07.13 19:35:06 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.07.13 19:35:06 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.07.13 19:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.07.13 19:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.07.13 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{89C4A33D-D20E-42C6-ACD5-AEB10C707B19}
[2012.07.13 19:21:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{72FEA66D-918B-4E56-884F-3C521B701158}
[2012.07.13 07:18:52 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{8A78F4E3-4E3D-40EC-8414-DD7D124B445F}
[2012.07.13 07:18:40 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DB938290-22BE-4BD9-AC79-FAF5633F79D9}
[2012.07.12 10:28:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.12 10:28:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.12 10:28:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.12 10:28:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.12 10:28:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.12 10:28:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.12 10:28:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.12 10:28:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.12 10:28:09 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.12 10:28:09 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.12 10:28:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.12 10:28:08 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.12 10:28:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.12 10:22:38 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{85C317F0-7C90-4CD5-8413-749672FE9A87}
[2012.07.12 10:22:24 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{417912D1-787D-435D-87CC-F39360B07131}
[2012.07.11 10:18:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 10:18:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 10:18:04 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 10:18:03 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 10:18:02 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DBF550C7-3373-4531-A2A3-6F0FA6C686AF}
[2012.07.11 10:10:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B45F20E3-AACA-4483-934F-6540AD410BBF}
[2012.07.10 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B26F3ED7-41EB-4C02-BD93-46A6E6916C83}
[2012.07.10 20:00:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{786DC934-26E4-4CE4-991D-E8646419D27E}
[2012.07.09 22:56:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{08801874-C5BB-4157-BEEB-6BB830FD8D74}
[2012.07.09 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F5A2237F-CE38-4458-B58C-45BB72645713}
[2012.07.09 08:18:13 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{ABB348B0-9BF1-4DB3-8D9C-20F561EBB7BB}
[2012.07.08 20:16:22 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FE039327-2786-47FF-913F-7F774B44EEFD}
[2012.07.08 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{897BB818-85D6-48C9-AB7C-F5180FD65E37}
[2012.07.06 14:56:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\Electronic Arts
[2012.07.06 12:24:53 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{25051771-9CA6-4AF5-AE94-7E14D2806E1A}
[2012.07.06 12:24:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DCF6AAFE-5008-4940-963C-648A8C4B6F9C}
[2012.07.06 10:20:45 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{26C01DF9-CFF4-4D23-86C3-1A4D2A066F99}
[2012.07.06 07:14:58 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.04 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{5271F948-65C1-488F-9D75-699C83F2A532}
[2012.07.03 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{192D90FE-EEE0-4DF8-9C43-957F53A18F8E}
[2012.07.03 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{461E061E-3254-4D0F-9446-EA5DB5D12ACB}
[2012.07.02 08:13:55 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{0BCF28D7-BDBF-4AFD-B83F-FF0EDA38B6C1}
[2012.07.02 08:13:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A9EA459B-5662-43D9-9216-2B12E408A0FB}
[2012.07.01 19:24:56 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{682974CC-5B6C-4DE2-A541-A39B13DC56D1}
[2012.07.01 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4FC3D156-837B-45BC-AD00-D7A17315201A}
[2012.06.29 01:02:06 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{41DEB95E-9D86-44D5-A632-0D5454132B1C}
[2012.06.29 01:01:49 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{AAB1F0E7-9A54-418E-8214-074C2216F5D2}
[2012.06.28 09:58:56 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DA1F0AA1-3CB6-46BA-89AD-8CC0AD45CA86}
[2012.06.28 09:58:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A4309ECB-CC4E-4DA0-9F13-12A25BD4338C}
[2012.06.27 08:43:18 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A873697D-60CD-496B-959F-F53A1627F6BB}
[2012.06.27 08:43:06 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1BD016EA-1B73-496B-9053-6D2FC04DD5DE}
[2012.06.26 10:57:24 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\Dänemark
[2012.06.26 10:57:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\DIPLOM ARBEIT
[2012.06.26 08:38:47 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{16424B62-A725-4FE8-9455-23EB85A8C9DC}
[2012.06.26 08:38:35 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{6CCFDD70-4934-456D-A22D-F4C16C85E46D}
[2012.06.26 08:38:34 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{D13F010D-9DD1-48C0-971B-1B01BAB11F92}
[2012.06.26 01:32:04 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{60547B7B-F3C3-42C7-AEAA-A25E8E9D6C6C}
[2012.06.24 03:41:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{6B95241C-B39D-49A9-A645-379E79685238}
[2012.06.24 03:40:50 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{5C3F5E8D-0D55-4F8B-B151-E3C8B7C4F531}
[2012.06.23 22:32:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games
[2012.06.23 22:32:52 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\EA Games
[2012.06.23 19:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012.06.23 19:19:42 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2012.06.23 18:09:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\SIMS 3
[2012.06.23 15:39:21 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E430A732-F611-4469-BEE9-E7DF0633FB0F}
[2012.06.23 03:37:54 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B30FC8B5-155E-4FFA-B33D-FF45CFB544F4}
[2012.06.22 15:35:36 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{C9F6D3CC-65E8-44CF-8342-1924707EE8AA}
[2012.06.22 15:35:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FCDBA0DC-172E-4C10-BFD4-BC4CD80A2E18}
[2012.06.22 08:01:46 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{821C7DBB-F48F-485F-A0F9-C24274BC2851}
[1 C:\Users\Lappi\Documents\*.tmp files -> C:\Users\Lappi\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.21 23:23:06 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.21 23:23:06 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.21 23:15:41 | 000,000,430 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012.07.21 23:15:34 | 000,000,069 | ---- | M] () -- C:\Windows\pxisys.ini
[2012.07.21 23:15:34 | 000,000,030 | ---- | M] () -- C:\Windows\pxiesys.ini
[2012.07.21 23:15:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.21 23:15:12 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.21 14:35:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lappi\Desktop\OTL.exe
[2012.07.20 23:51:35 | 004,503,728 | ---- | M] () -- C:\ProgramData\pmt_0piot.pad
[2012.07.20 16:03:14 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe2
[2012.07.20 16:03:14 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe.doof
[2012.07.20 12:37:55 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.20 11:55:02 | 281,329,664 | ---- | M] () -- C:\Users\Lappi\Desktop\kav_rescue_10.iso
[2012.07.20 11:17:30 | 000,025,866 | ---- | M] () -- C:\Users\Lappi\Desktop\config.xml
[2012.07.20 11:11:52 | 000,448,816 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Lappi\Desktop\rannohdecryptor(1).exe
[2012.07.20 10:48:51 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.20 10:48:51 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.20 10:48:51 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.20 10:48:51 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.20 10:48:51 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.20 10:47:13 | 000,000,465 | ---- | M] () -- C:\Users\Lappi\Desktop\sd9setup.exe.lnk
[2012.07.20 10:42:18 | 003,834,832 | ---- | M] () -- C:\Users\Lappi\Desktop\sd9setup.exe
[2012.07.19 16:48:48 | 000,001,899 | ---- | M] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.17 00:10:56 | 000,000,437 | ---- | M] () -- C:\Windows\wininit.ini
[2012.07.13 19:35:14 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.13 07:16:48 | 000,537,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.10 01:00:25 | 000,000,000 | ---- | M] () -- C:\Users\Lappi\AppData\Roaming\TS3Patch.lck
[2012.07.10 00:19:44 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.09 23:50:44 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2012.07.09 23:44:26 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
[2012.07.06 14:59:39 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2012.07.06 14:54:39 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk
[2012.06.27 18:46:36 | 657,254,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.24 12:06:59 | 000,002,053 | ---- | M] () -- C:\Users\Lappi\Desktop\JDownloader.lnk
[1 C:\Users\Lappi\Documents\*.tmp files -> C:\Users\Lappi\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.20 12:37:55 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.20 12:09:11 | 281,329,664 | ---- | C] () -- C:\Users\Lappi\Desktop\kav_rescue_10.iso
[2012.07.20 11:17:30 | 000,025,866 | ---- | C] () -- C:\Users\Lappi\Desktop\config.xml
[2012.07.20 11:14:15 | 000,799,232 | ---- | C] () -- C:\Users\Lappi\Desktop\Avira-RansomFileUnlocker.exe
[2012.07.20 10:46:32 | 000,000,465 | ---- | C] () -- C:\Users\Lappi\Desktop\sd9setup.exe.lnk
[2012.07.20 10:43:26 | 003,834,832 | ---- | C] () -- C:\Users\Lappi\Desktop\sd9setup.exe
[2012.07.19 16:48:48 | 000,001,899 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.19 16:48:47 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad
[2012.07.13 19:35:14 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.10 01:00:25 | 000,000,000 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\TS3Patch.lck
[2012.07.10 00:19:44 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.09 23:50:44 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2012.07.09 23:44:26 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
[2012.07.06 14:59:39 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
[2012.07.06 14:59:39 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2012.07.06 14:54:39 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk
[2012.06.26 01:33:34 | 000,000,437 | ---- | C] () -- C:\Windows\wininit.ini
[2012.06.24 12:06:59 | 000,002,053 | ---- | C] () -- C:\Users\Lappi\Desktop\JDownloader.lnk
[2012.06.19 19:23:52 | 001,233,440 | ---- | C] () -- C:\Users\Lappi\DSCN3407.JPG
[2012.06.19 19:23:52 | 001,199,768 | ---- | C] () -- C:\Users\Lappi\DSCN3408.JPG
[2012.04.09 14:40:18 | 000,005,077 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
[2012.03.18 02:07:49 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012.03.13 15:47:38 | 000,017,408 | ---- | C] () -- C:\Users\Lappi\AppData\Local\WebpageIcons.db
[2011.11.08 00:26:16 | 000,000,069 | ---- | C] () -- C:\Windows\pxisys.ini
[2011.11.08 00:26:16 | 000,000,030 | ---- | C] () -- C:\Windows\pxiesys.ini
[2011.11.07 19:17:39 | 001,642,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.31 12:11:46 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.05.31 12:11:45 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.05.31 12:11:44 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.05.31 12:11:43 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.05.31 12:11:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== LOP Check ==========
 
[2012.03.18 02:25:14 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Atari
[2012.05.09 18:21:28 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Autodesk
[2011.12.18 17:37:17 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\DAEMON Tools Lite
[2011.11.10 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\e-academy Inc
[2011.11.07 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\iba
[2012.07.21 12:19:01 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\ICQ
[2012.04.05 23:12:00 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\JonDo
[2011.11.11 03:12:13 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\pdfforge
[2011.11.02 19:38:21 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SNS
[2011.11.10 20:38:23 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SoftGrid Client
[2011.11.05 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SPORE
[2012.07.20 10:46:32 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\TestApp
[2011.11.07 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\TP
[2011.12.18 17:45:21 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Ubisoft
[2012.07.20 10:11:44 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
         
--- --- ---
__________________

Alt 21.07.2012, 22:55   #4
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () 
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () 
MOD - C:\Users\Lappi\AppData\Local\Temp\toip0_tmp.exe () 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. 
O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. 
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found 
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O7 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2 

[2012.07.20 23:51:35 | 004,503,728 | ---- | M] () -- C:\ProgramData\pmt_0piot.pad 
[2012.07.19 16:48:48 | 000,001,899 | ---- | M] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk 
[2012.07.19 16:48:48 | 000,001,899 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk 
[2012.07.19 16:48:47 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 21.07.2012, 23:28   #5
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



hier die Logfile:


Error: Unable to interpret <OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.07.2012 23:20:48 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Lappi\Desktop> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <7,86 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 75,22% Memory free> in the current context!
Error: Unable to interpret <15,71 Gb Paging File | 13,56 Gb Available in Paging File | 86,34% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 576,07 Gb Total Space | 362,20 Gb Free Space | 62,87% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: LAP | User Name: Lappi | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - C:\Users\Lappi\Desktop\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corp.)> in the current context!
Error: Unable to interpret <PRC - C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\Users\Lappi\AppData\Local\Temp\toip0_tmp.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)> in the current context!
Error: Unable to interpret <SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)> in the current context!
Error: Unable to interpret <SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()> in the current context!
Error: Unable to interpret <SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <SRV - (Live Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)> in the current context!
Error: Unable to interpret <SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)> in the current context!
Error: Unable to interpret <SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <SRV - (mitsijm2012) -- C:\Programme\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (Autodesk, Inc.)> in the current context!
Error: Unable to interpret <SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)> in the current context!
Error: Unable to interpret <SRV - (TurboBoost) Intel(R) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)> in the current context!
Error: Unable to interpret <SRV - (AdobeActiveFileMonitor9.0) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)> in the current context!
Error: Unable to interpret <SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (NITaggerService) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (LkCitadelServer) -- C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)> in the current context!
Error: Unable to interpret <SRV - (NIDomainService) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (lkTimeSync) -- C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (lkClassAds) -- C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (NILM License Manager) -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)> in the current context!
Error: Unable to interpret <SRV - (mxssvr) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (NiRioRpc) -- C:\Windows\SysWOW64\NiRioRpc.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret <SRV - (niSvcLoc) -- C:\Windows\SysWOW64\nisvcloc.exe (National Instruments Corp.)> in the current context!
Error: Unable to interpret <SRV - (OpcEnum) -- C:\Windows\SysWOW64\Opcenum.exe (OPC Foundation)> in the current context!
Error: Unable to interpret <SRV - (nipxirmu) -- C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)> in the current context!
Error: Unable to interpret <DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (niimaqdxk) -- C:\Windows\SysNative\drivers\niimaqdxkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NiViPxiK) -- C:\Windows\SysNative\drivers\NiViPxiKl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NiViPciK) -- C:\Windows\SysNative\drivers\NiViPciKl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NiViFWK) -- C:\Windows\SysNative\drivers\NiViFWKl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NIPALK) -- C:\Windows\SysNative\drivers\nipalk.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nipalusbedl) -- C:\Windows\SysNative\drivers\nipalusbedl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nipalfwedl) -- C:\Windows\SysNative\drivers\nipalfwedl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nidimk) -- C:\Windows\SysNative\drivers\nidimkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nimxdfk) -- C:\Windows\SysNative\drivers\nimxdfkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nimdbgk) -- C:\Windows\SysNative\drivers\nimdbgkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (niorbk) -- C:\Windows\SysNative\drivers\niorbkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nipbcfk) -- C:\Windows\SysNative\drivers\nipbcfk.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ni1065k) -- C:\Windows\SysNative\drivers\ni1065k.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nipxigpk) -- C:\Windows\SysNative\drivers\nipxigpk.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ni1045k) -- C:\Windows\SysNative\drivers\ni1045kl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ni1006k) -- C:\Windows\SysNative\drivers\ni1006k.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (nipxirmk) -- C:\Windows\SysNative\drivers\nipxirmkl.sys (National Instruments Corporation)> in the current context!
Error: Unable to interpret <DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook:  - No CLSID value found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.02 22:26:36 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.18 22:28:50 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.18 22:28:49 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.11.08 21:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2011.11.08 21:57:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}> in the current context!
Error: Unable to interpret <[2011.11.11 11:10:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2011.11.08 21:56:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll> in the current context!
Error: Unable to interpret <[2007.02.08 11:48:16 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll> in the current context!
Error: Unable to interpret <[2007.07.24 19:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv85win32.dll> in the current context!
Error: Unable to interpret <[2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Chrome  ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - default_search_provider: Google (Enabled)> in the current context!
Error: Unable to interpret <CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}> in the current context!
Error: Unable to interpret <CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}> in the current context!
Error: Unable to interpret <CHR - homepage: hxxp://www.google.com/> in the current context!
Error: Unable to interpret <CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer> in the current context!
Error: Unable to interpret <CHR - plugin: Native Client (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lappi\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll> in the current context!
Error: Unable to interpret <CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: National Instruments LabVIEW 8.5 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nplv85win32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL> in the current context!
Error: Unable to interpret <CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL> in the current context!
Error: Unable to interpret <CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll> in the current context!
Error: Unable to interpret <CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll> in the current context!
Error: Unable to interpret <CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll> in the current context!
Error: Unable to interpret <CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll> in the current context!
Error: Unable to interpret <CHR - plugin: Default Plug-in (Enabled) = default_plugin> in the current context!
Error: Unable to interpret <CHR - Extension: YouTube = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Google-Suche = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.6_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\> in the current context!
Error: Unable to interpret <CHR - Extension: Google Mail = C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1002..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe ()> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1004..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe ()> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FD56C09-6ECC-48A6-A9F4-F4124939300E}: DhcpNameServer = 80.69.102.158 80.69.100.102> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6B2E251-A481-4DCF-B60D-EB6914984B14}: DhcpNameServer = 192.168.1.1> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlpg - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\ms-help - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2012.04.28 21:22:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.21 23:17:35 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1A1D696A-BE55-45B1-8860-ADB12262B51C}> in the current context!
Error: Unable to interpret <[2012.07.21 14:42:23 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lappi\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012.07.21 12:19:12 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F617FA0F-5388-42D7-B2D2-C92D2594326A}> in the current context!
Error: Unable to interpret <[2012.07.21 00:10:37 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{85CFAA36-2CF4-46A6-B13F-7828D9AB0198}> in the current context!
Error: Unable to interpret <[2012.07.21 00:03:46 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{30724DAB-2FFA-41F5-AAC6-D6F1E076388C}> in the current context!
Error: Unable to interpret <[2012.07.20 23:49:02 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{C5A64C54-7022-44A7-A66E-B6F00AE57AF5}> in the current context!
Error: Unable to interpret <[2012.07.20 23:21:07 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FE871A74-1F12-4D15-A7DA-7703A72301EC}> in the current context!
Error: Unable to interpret <[2012.07.20 22:53:18 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DA5357D0-2B09-4144-A651-2CDB05F435E2}> in the current context!
Error: Unable to interpret <[2012.07.20 22:47:21 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe> in the current context!
Error: Unable to interpret <[2012.07.20 22:24:29 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe2> in the current context!
Error: Unable to interpret <[2012.07.20 16:12:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe.doof> in the current context!
Error: Unable to interpret <[2012.07.20 15:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab> in the current context!
Error: Unable to interpret <[2012.07.20 15:27:15 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A1E27FD8-4FEF-463D-BD38-BB25702646DA}> in the current context!
Error: Unable to interpret <[2012.07.20 12:38:02 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.07.20 12:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.07.20 12:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.07.20 12:37:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2012.07.20 12:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.07.20 12:17:40 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\recovery> in the current context!
Error: Unable to interpret <[2012.07.20 11:14:09 | 000,448,816 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Lappi\Desktop\rannohdecryptor(1).exe> in the current context!
Error: Unable to interpret <[2012.07.20 10:47:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\USB STICK> in the current context!
Error: Unable to interpret <[2012.07.20 10:46:32 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\TestApp> in the current context!
Error: Unable to interpret <[2012.07.20 10:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools> in the current context!
Error: Unable to interpret <[2012.07.20 10:15:41 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F7CCFEEF-2AA2-4FB9-BF0B-B2562311403D}> in the current context!
Error: Unable to interpret <[2012.07.19 19:05:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi> in the current context!
Error: Unable to interpret <[2012.07.19 10:55:54 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{19858E1C-0E86-482D-ABCE-38E068130D1C}> in the current context!
Error: Unable to interpret <[2012.07.19 10:55:37 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{37E6CCAB-0F4E-4A68-A31E-9AE3A224CA19}> in the current context!
Error: Unable to interpret <[2012.07.18 16:37:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{7A2296A4-B9DF-4F63-A341-F8D45E2957E0}> in the current context!
Error: Unable to interpret <[2012.07.18 16:37:05 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{9647DEA8-172F-443E-A4E0-E37BB247C2A2}> in the current context!
Error: Unable to interpret <[2012.07.18 13:25:29 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{04199C8B-B678-4544-A83F-779D71065DAC}> in the current context!
Error: Unable to interpret <[2012.07.17 12:09:29 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{95276960-8B18-465F-B7EB-A210DC6C4C07}> in the current context!
Error: Unable to interpret <[2012.07.17 12:09:20 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1E7CBCC5-62CC-40A3-B9C3-9A1B9994C26E}> in the current context!
Error: Unable to interpret <[2012.07.17 00:07:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4498FDE3-CE88-477B-AF4D-A3F95D119E8B}> in the current context!
Error: Unable to interpret <[2012.07.17 00:07:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E1AD682C-B018-4D1A-8589-A9A3EE0B443F}> in the current context!
Error: Unable to interpret <[2012.07.16 11:36:04 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{BD544E83-AE6B-471A-A74A-61B365DDBFA1}> in the current context!
Error: Unable to interpret <[2012.07.16 11:35:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F15C7F40-D6E8-4AAD-AD7A-8473172B0081}> in the current context!
Error: Unable to interpret <[2012.07.15 20:03:15 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E86B1D2B-F067-4A59-B1D3-E42152C6FABB}> in the current context!
Error: Unable to interpret <[2012.07.15 20:03:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4D622138-C60E-4EBF-8519-207C3123AD92}> in the current context!
Error: Unable to interpret <[2012.07.13 19:40:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Avira> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:06 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:06 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:06 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira> in the current context!
Error: Unable to interpret <[2012.07.13 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{89C4A33D-D20E-42C6-ACD5-AEB10C707B19}> in the current context!
Error: Unable to interpret <[2012.07.13 19:21:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{72FEA66D-918B-4E56-884F-3C521B701158}> in the current context!
Error: Unable to interpret <[2012.07.13 07:18:52 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{8A78F4E3-4E3D-40EC-8414-DD7D124B445F}> in the current context!
Error: Unable to interpret <[2012.07.13 07:18:40 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DB938290-22BE-4BD9-AC79-FAF5633F79D9}> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:09 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:09 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:08 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:28:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll> in the current context!
Error: Unable to interpret <[2012.07.12 10:22:38 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{85C317F0-7C90-4CD5-8413-749672FE9A87}> in the current context!
Error: Unable to interpret <[2012.07.12 10:22:24 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{417912D1-787D-435D-87CC-F39360B07131}> in the current context!
Error: Unable to interpret <[2012.07.11 10:18:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll> in the current context!
Error: Unable to interpret <[2012.07.11 10:18:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll> in the current context!
Error: Unable to interpret <[2012.07.11 10:18:04 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll> in the current context!
Error: Unable to interpret <[2012.07.11 10:18:03 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll> in the current context!
Error: Unable to interpret <[2012.07.11 10:18:02 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll> in the current context!
Error: Unable to interpret <[2012.07.11 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DBF550C7-3373-4531-A2A3-6F0FA6C686AF}> in the current context!
Error: Unable to interpret <[2012.07.11 10:10:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B45F20E3-AACA-4483-934F-6540AD410BBF}> in the current context!
Error: Unable to interpret <[2012.07.10 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B26F3ED7-41EB-4C02-BD93-46A6E6916C83}> in the current context!
Error: Unable to interpret <[2012.07.10 20:00:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{786DC934-26E4-4CE4-991D-E8646419D27E}> in the current context!
Error: Unable to interpret <[2012.07.09 22:56:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{08801874-C5BB-4157-BEEB-6BB830FD8D74}> in the current context!
Error: Unable to interpret <[2012.07.09 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{F5A2237F-CE38-4458-B58C-45BB72645713}> in the current context!
Error: Unable to interpret <[2012.07.09 08:18:13 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{ABB348B0-9BF1-4DB3-8D9C-20F561EBB7BB}> in the current context!
Error: Unable to interpret <[2012.07.08 20:16:22 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FE039327-2786-47FF-913F-7F774B44EEFD}> in the current context!
Error: Unable to interpret <[2012.07.08 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{897BB818-85D6-48C9-AB7C-F5180FD65E37}> in the current context!
Error: Unable to interpret <[2012.07.06 14:56:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\Electronic Arts> in the current context!
Error: Unable to interpret <[2012.07.06 12:24:53 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{25051771-9CA6-4AF5-AE94-7E14D2806E1A}> in the current context!
Error: Unable to interpret <[2012.07.06 12:24:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DCF6AAFE-5008-4940-963C-648A8C4B6F9C}> in the current context!
Error: Unable to interpret <[2012.07.06 10:20:45 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{26C01DF9-CFF4-4D23-86C3-1A4D2A066F99}> in the current context!
Error: Unable to interpret <[2012.07.06 07:14:58 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe> in the current context!
Error: Unable to interpret <[2012.07.04 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{5271F948-65C1-488F-9D75-699C83F2A532}> in the current context!
Error: Unable to interpret <[2012.07.03 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{192D90FE-EEE0-4DF8-9C43-957F53A18F8E}> in the current context!
Error: Unable to interpret <[2012.07.03 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{461E061E-3254-4D0F-9446-EA5DB5D12ACB}> in the current context!
Error: Unable to interpret <[2012.07.02 08:13:55 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{0BCF28D7-BDBF-4AFD-B83F-FF0EDA38B6C1}> in the current context!
Error: Unable to interpret <[2012.07.02 08:13:43 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A9EA459B-5662-43D9-9216-2B12E408A0FB}> in the current context!
Error: Unable to interpret <[2012.07.01 19:24:56 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{682974CC-5B6C-4DE2-A541-A39B13DC56D1}> in the current context!
Error: Unable to interpret <[2012.07.01 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{4FC3D156-837B-45BC-AD00-D7A17315201A}> in the current context!
Error: Unable to interpret <[2012.06.29 01:02:06 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{41DEB95E-9D86-44D5-A632-0D5454132B1C}> in the current context!
Error: Unable to interpret <[2012.06.29 01:01:49 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{AAB1F0E7-9A54-418E-8214-074C2216F5D2}> in the current context!
Error: Unable to interpret <[2012.06.28 09:58:56 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{DA1F0AA1-3CB6-46BA-89AD-8CC0AD45CA86}> in the current context!
Error: Unable to interpret <[2012.06.28 09:58:44 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A4309ECB-CC4E-4DA0-9F13-12A25BD4338C}> in the current context!
Error: Unable to interpret <[2012.06.27 08:43:18 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{A873697D-60CD-496B-959F-F53A1627F6BB}> in the current context!
Error: Unable to interpret <[2012.06.27 08:43:06 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{1BD016EA-1B73-496B-9053-6D2FC04DD5DE}> in the current context!
Error: Unable to interpret <[2012.06.26 10:57:24 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\Dänemark> in the current context!
Error: Unable to interpret <[2012.06.26 10:57:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\DIPLOM ARBEIT> in the current context!
Error: Unable to interpret <[2012.06.26 08:38:47 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{16424B62-A725-4FE8-9455-23EB85A8C9DC}> in the current context!
Error: Unable to interpret <[2012.06.26 08:38:35 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{6CCFDD70-4934-456D-A22D-F4C16C85E46D}> in the current context!
Error: Unable to interpret <[2012.06.26 08:38:34 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{D13F010D-9DD1-48C0-971B-1B01BAB11F92}> in the current context!
Error: Unable to interpret <[2012.06.26 01:32:04 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{60547B7B-F3C3-42C7-AEAA-A25E8E9D6C6C}> in the current context!
Error: Unable to interpret <[2012.06.24 03:41:03 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{6B95241C-B39D-49A9-A645-379E79685238}> in the current context!
Error: Unable to interpret <[2012.06.24 03:40:50 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{5C3F5E8D-0D55-4F8B-B151-E3C8B7C4F531}> in the current context!
Error: Unable to interpret <[2012.06.23 22:32:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games> in the current context!
Error: Unable to interpret <[2012.06.23 22:32:52 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\EA Games> in the current context!
Error: Unable to interpret <[2012.06.23 19:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts> in the current context!
Error: Unable to interpret <[2012.06.23 19:19:42 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll> in the current context!
Error: Unable to interpret <[2012.06.23 18:09:25 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Desktop\SIMS 3> in the current context!
Error: Unable to interpret <[2012.06.23 15:39:21 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{E430A732-F611-4469-BEE9-E7DF0633FB0F}> in the current context!
Error: Unable to interpret <[2012.06.23 03:37:54 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{B30FC8B5-155E-4FFA-B33D-FF45CFB544F4}> in the current context!
Error: Unable to interpret <[2012.06.22 15:35:36 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{C9F6D3CC-65E8-44CF-8342-1924707EE8AA}> in the current context!
Error: Unable to interpret <[2012.06.22 15:35:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{FCDBA0DC-172E-4C10-BFD4-BC4CD80A2E18}> in the current context!
Error: Unable to interpret <[2012.06.22 08:01:46 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\{821C7DBB-F48F-485F-A0F9-C24274BC2851}> in the current context!
Error: Unable to interpret <[1 C:\Users\Lappi\Documents\*.tmp files -> C:\Users\Lappi\Documents\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.21 23:23:06 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.07.21 23:23:06 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.07.21 23:15:41 | 000,000,430 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics> in the current context!
Error: Unable to interpret <[2012.07.21 23:15:34 | 000,000,069 | ---- | M] () -- C:\Windows\pxisys.ini> in the current context!
Error: Unable to interpret <[2012.07.21 23:15:34 | 000,000,030 | ---- | M] () -- C:\Windows\pxiesys.ini> in the current context!
Error: Unable to interpret <[2012.07.21 23:15:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.07.21 23:15:12 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.07.21 14:35:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lappi\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2012.07.20 23:51:35 | 004,503,728 | ---- | M] () -- C:\ProgramData\pmt_0piot.pad> in the current context!
Error: Unable to interpret <[2012.07.20 16:03:14 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe2> in the current context!
Error: Unable to interpret <[2012.07.20 16:03:14 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe.doof> in the current context!
Error: Unable to interpret <[2012.07.20 12:37:55 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.07.20 11:55:02 | 281,329,664 | ---- | M] () -- C:\Users\Lappi\Desktop\kav_rescue_10.iso> in the current context!
Error: Unable to interpret <[2012.07.20 11:17:30 | 000,025,866 | ---- | M] () -- C:\Users\Lappi\Desktop\config.xml> in the current context!
Error: Unable to interpret <[2012.07.20 11:11:52 | 000,448,816 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Lappi\Desktop\rannohdecryptor(1).exe> in the current context!
Error: Unable to interpret <[2012.07.20 10:48:51 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2012.07.20 10:48:51 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context!
Error: Unable to interpret <[2012.07.20 10:48:51 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2012.07.20 10:48:51 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context!
Error: Unable to interpret <[2012.07.20 10:48:51 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[2012.07.20 10:47:13 | 000,000,465 | ---- | M] () -- C:\Users\Lappi\Desktop\sd9setup.exe.lnk> in the current context!
Error: Unable to interpret <[2012.07.20 10:42:18 | 003,834,832 | ---- | M] () -- C:\Users\Lappi\Desktop\sd9setup.exe> in the current context!
Error: Unable to interpret <[2012.07.19 16:48:48 | 000,001,899 | ---- | M] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk> in the current context!
Error: Unable to interpret <[2012.07.17 00:10:56 | 000,000,437 | ---- | M] () -- C:\Windows\wininit.ini> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:14 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk> in the current context!
Error: Unable to interpret <[2012.07.13 07:16:48 | 000,537,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2012.07.10 01:00:25 | 000,000,000 | ---- | M] () -- C:\Users\Lappi\AppData\Roaming\TS3Patch.lck> in the current context!
Error: Unable to interpret <[2012.07.10 00:19:44 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk> in the current context!
Error: Unable to interpret <[2012.07.09 23:50:44 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Lebensfreude.lnk> in the current context!
Error: Unable to interpret <[2012.07.09 23:44:26 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk> in the current context!
Error: Unable to interpret <[2012.07.06 14:59:39 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk> in the current context!
Error: Unable to interpret <[2012.07.06 14:54:39 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk> in the current context!
Error: Unable to interpret <[2012.06.27 18:46:36 | 657,254,249 | ---- | M] () -- C:\Windows\MEMORY.DMP> in the current context!
Error: Unable to interpret <[2012.06.24 12:06:59 | 000,002,053 | ---- | M] () -- C:\Users\Lappi\Desktop\JDownloader.lnk> in the current context!
Error: Unable to interpret <[1 C:\Users\Lappi\Documents\*.tmp files -> C:\Users\Lappi\Documents\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.20 12:37:55 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.07.20 12:09:11 | 281,329,664 | ---- | C] () -- C:\Users\Lappi\Desktop\kav_rescue_10.iso> in the current context!
Error: Unable to interpret <[2012.07.20 11:17:30 | 000,025,866 | ---- | C] () -- C:\Users\Lappi\Desktop\config.xml> in the current context!
Error: Unable to interpret <[2012.07.20 11:14:15 | 000,799,232 | ---- | C] () -- C:\Users\Lappi\Desktop\Avira-RansomFileUnlocker.exe> in the current context!
Error: Unable to interpret <[2012.07.20 10:46:32 | 000,000,465 | ---- | C] () -- C:\Users\Lappi\Desktop\sd9setup.exe.lnk> in the current context!
Error: Unable to interpret <[2012.07.20 10:43:26 | 003,834,832 | ---- | C] () -- C:\Users\Lappi\Desktop\sd9setup.exe> in the current context!
Error: Unable to interpret <[2012.07.19 16:48:48 | 000,001,899 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk> in the current context!
Error: Unable to interpret <[2012.07.19 16:48:47 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad> in the current context!
Error: Unable to interpret <[2012.07.13 19:35:14 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk> in the current context!
Error: Unable to interpret <[2012.07.10 01:00:25 | 000,000,000 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\TS3Patch.lck> in the current context!
Error: Unable to interpret <[2012.07.10 00:19:44 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk> in the current context!
Error: Unable to interpret <[2012.07.09 23:50:44 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Lebensfreude.lnk> in the current context!
Error: Unable to interpret <[2012.07.09 23:44:26 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk> in the current context!
Error: Unable to interpret <[2012.07.06 14:59:39 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk> in the current context!
Error: Unable to interpret <[2012.07.06 14:59:39 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk> in the current context!
Error: Unable to interpret <[2012.07.06 14:54:39 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk> in the current context!
Error: Unable to interpret <[2012.06.26 01:33:34 | 000,000,437 | ---- | C] () -- C:\Windows\wininit.ini> in the current context!
Error: Unable to interpret <[2012.06.24 12:06:59 | 000,002,053 | ---- | C] () -- C:\Users\Lappi\Desktop\JDownloader.lnk> in the current context!
Error: Unable to interpret <[2012.06.19 19:23:52 | 001,233,440 | ---- | C] () -- C:\Users\Lappi\DSCN3407.JPG> in the current context!
Error: Unable to interpret <[2012.06.19 19:23:52 | 001,199,768 | ---- | C] () -- C:\Users\Lappi\DSCN3408.JPG> in the current context!
Error: Unable to interpret <[2012.04.09 14:40:18 | 000,005,077 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf> in the current context!
Error: Unable to interpret <[2012.03.18 02:07:49 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll> in the current context!
Error: Unable to interpret <[2012.03.13 15:47:38 | 000,017,408 | ---- | C] () -- C:\Users\Lappi\AppData\Local\WebpageIcons.db> in the current context!
Error: Unable to interpret <[2011.11.08 00:26:16 | 000,000,069 | ---- | C] () -- C:\Windows\pxisys.ini> in the current context!
Error: Unable to interpret <[2011.11.08 00:26:16 | 000,000,030 | ---- | C] () -- C:\Windows\pxiesys.ini> in the current context!
Error: Unable to interpret <[2011.11.07 19:17:39 | 001,642,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.05.31 12:11:46 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin> in the current context!
Error: Unable to interpret <[2011.05.31 12:11:45 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin> in the current context!
Error: Unable to interpret <[2011.05.31 12:11:44 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll> in the current context!
Error: Unable to interpret <[2011.05.31 12:11:43 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll> in the current context!
Error: Unable to interpret <[2011.05.31 12:11:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.03.18 02:25:14 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Atari> in the current context!
Error: Unable to interpret <[2012.05.09 18:21:28 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Autodesk> in the current context!
Error: Unable to interpret <[2011.12.18 17:37:17 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\DAEMON Tools Lite> in the current context!
Error: Unable to interpret <[2011.11.10 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\e-academy Inc> in the current context!
Error: Unable to interpret <[2011.11.07 18:43:54 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\iba> in the current context!
Error: Unable to interpret <[2012.07.21 12:19:01 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\ICQ> in the current context!
Error: Unable to interpret <[2012.04.05 23:12:00 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\JonDo> in the current context!
Error: Unable to interpret <[2011.11.11 03:12:13 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\pdfforge> in the current context!
Error: Unable to interpret <[2011.11.02 19:38:21 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SNS> in the current context!
Error: Unable to interpret <[2011.11.10 20:38:23 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SoftGrid Client> in the current context!
Error: Unable to interpret <[2011.11.05 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\SPORE> in the current context!
Error: Unable to interpret <[2012.07.20 10:46:32 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\TestApp> in the current context!
Error: Unable to interpret <[2011.11.07 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\TP> in the current context!
Error: Unable to interpret <[2011.12.18 17:45:21 | 000,000,000 | ---D | M] -- C:\Users\Lappi\AppData\Roaming\Ubisoft> in the current context!
Error: Unable to interpret <[2012.07.20 10:11:44 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2> in the current context!
Error: Unable to interpret << End of report >
         
--- --- ---
> in the current context!

OTL by OldTimer - Version 3.2.54.0 log created on 07222012_003640


Geändert von Kakis (21.07.2012 um 23:43 Uhr)

Alt 21.07.2012, 23:44   #6
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



FALSCH

Du musst den FIX eingeben!!! Nicht das Log!

Nochmal und Anleitung beachten!
__________________
--> GUV 2.07 Webcam Trojaner!

Alt 21.07.2012, 23:56   #7
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



das, was du mir gegeben hast, war doch die fix?
die habe ich einlesen lassen - hat erst nach mehreren Versuchen geklappt, da sich der OTL immer aufgehangen hatte (keine Rückmeldung bei ICQ6Toolbar)
und das was am Ende rauskam, habe ich hier hochkopiert.

Wo liegt mein Denkfehler? :S

jetzt müsste es funktioniert haben?

Code:
ATTFilter
All processes killed
Error: Unable to interpret <PRC - CProgram Files (x86)ICQ6ToolbarICQ Service.exe () > in the current context!
Error: Unable to interpret <PRC - CProgram Files (x86)DivXDivX UpdateDivXUpdate.exe () > in the current context!
Error: Unable to interpret <MOD - CUsersLappiAppDataLocalTemptoip0_tmp.exe () > in the current context!
Error: Unable to interpret <IE64bit - HKLM..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} > in the current context!
Error: Unable to interpret <IE64bit - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = httpwww.bing.comsearchq={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox > in the current context!
Error: Unable to interpret <IE - HKLM..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} > in the current context!
Error: Unable to interpret <IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = httpwww.bing.comsearchq={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox > in the current context!
Error: Unable to interpret <IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings ProxyEnable = 0 > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings ProxyEnable = 0 > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..URLSearchHook - No CLSID value found > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..URLSearchHook {855F3B16-6D32-4fe6-8A56-BBB695989046} - CProgram Files (x86)ICQ6ToolbarICQToolBar.dll (ICQ) > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..SearchScopes{6552C7DD-90A4-4387-B795-F8F96747DE19} URL = httpsearch.icq.comsearchresults.phpq={searchTerms}&ch_id=osd > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings ProxyEnable = 0 > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings ProxyOverride = .local > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1002..URLSearchHook {855F3B16-6D32-4fe6-8A56-BBB695989046} - CProgram Files (x86)ICQ6ToolbarICQToolBar.dll (ICQ) > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1002..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1002..SearchScopes{6552C7DD-90A4-4387-B795-F8F96747DE19} URL = httpsearch.icq.comsearchresults.phpq={searchTerms}&ch_id=osd > in the current context!
Error: Unable to interpret <IE - HKUS-1-5-21-2757564449-3827123315-4241601567-1002SoftwareMicrosoftWindowsCurrentVersionInternet Settings ProxyEnable = 0 > in the current context!
Error: Unable to interpret <FF64bit - HKLMSoftwareMozillaPlugins@adobe.comFlashPlayer CWindowssystem32MacromedFlashNPSWF64_11_1_102.dll File not found > in the current context!
Error: Unable to interpret <FF64bit - HKLMSoftwareMozillaPlugins@microsoft.comGENUINE disabled File not found > in the current context!
Error: Unable to interpret <FF - HKLMSoftwareMozillaPlugins@Apple.comiTunes,version= File not found > in the current context!
Error: Unable to interpret <FF - HKLMSoftwareMozillaPlugins@microsoft.comGENUINE disabled File not found > in the current context!
Error: Unable to interpret <O364bit - HKLM..Toolbar (no name) - Locked - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKLM..Toolbar (no name) - Locked - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..ToolbarWebBrowser (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKUS-1-5-21-2757564449-3827123315-4241601567-1002..ToolbarWebBrowser (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. > in the current context!
Error: Unable to interpret <O464bit - HKLM..Run [IntelTBRunOnce] wscript.exe b nologo CProgram FilesIntelTurboBoostRunTBGadgetOnce.vbs File not found > in the current context!
Error: Unable to interpret <O4 - HKLM..Run [DivXUpdate] CProgram Files (x86)DivXDivX UpdateDivXUpdate.exe () > in the current context!
Error: Unable to interpret <O4 - HKUS-1-5-19..RunOnce [mctadmin] CWindowsSystem32mctadmin.exe File not found > in the current context!
Error: Unable to interpret <O4 - HKUS-1-5-20..RunOnce [mctadmin] CWindowsSystem32mctadmin.exe File not found > in the current context!
Error: Unable to interpret <O4 - HKUS-1-5-21-2757564449-3827123315-4241601567-1000..RunOnce [mctadmin] CWindowsSystem32mctadmin.exe File not found > in the current context!
Error: Unable to interpret <O4 - HKUS-1-5-21-2757564449-3827123315-4241601567-1004..RunOnce [mctadmin] CWindowsSystem32mctadmin.exe File not found > in the current context!
Error: Unable to interpret <O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer NoActiveDesktop = 1 > in the current context!
Error: Unable to interpret <O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer NoActiveDesktopChanges = 1 > in the current context!
Error: Unable to interpret <O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem ConsentPromptBehaviorAdmin = 5 > in the current context!
Error: Unable to interpret <O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem ConsentPromptBehaviorUser = 3 > in the current context!
Error: Unable to interpret <O7 - HKUS-1-5-21-2757564449-3827123315-4241601567-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer NoDriveTypeAutoRun = 145 > in the current context!
Error: Unable to interpret <O2064bit - HKLM Winlogon VMApplet - (pagefile) - File not found > in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon VMApplet - (pagefile) - File not found > in the current context!
Error: Unable to interpret <O32 - HKLM CDRom AutoRun - 1 > in the current context!
Error: Unable to interpret <O33 - MountPoints2{eaef0677-c201-11e0-837e-806e6f6e6963}Shell -  = AutoRun > in the current context!
Error: Unable to interpret <O33 - MountPoints2{eaef0677-c201-11e0-837e-806e6f6e6963}ShellAutoRuncommand -  = DAutorun.exe > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 109 bytes - CProgramDataTempDFC5A2B2 > in the current context!
Error: Unable to interpret <[2012.07.20 235135  004,503,728  ----  M] () -- CProgramDatapmt_0piot.pad > in the current context!
Error: Unable to interpret <[2012.07.19 164848  000,001,899  ----  M] () -- CUsersLappiAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupctfmon.lnk > in the current context!
Error: Unable to interpret <[2012.07.19 164848  000,001,899  ----  C] () -- CUsersLappiAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupctfmon.lnk > in the current context!
Error: Unable to interpret <[2012.07.19 164847  004,503,728  ----  C] () -- CProgramDatapmt_0piot.pad > in the current context!
========== FILES ==========
File\Folder ipconfig flushdns c not found.
File\Folder Commands not found.
File\Folder [purity] not found.
File\Folder [emptytemp] not found.
File\Folder [emptyflash] not found.
 
OTL by OldTimer - Version 3.2.54.0 log created on 07222012_005730

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Alt 22.07.2012, 00:00   #8
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Hier ist der Fix: http://www.trojaner-board.de/120063-...tml#post870872

Du hast statt des Fix das Log in OTL eingegeben!
__________________
Mfg, t'john
Das TB unterstützen

Alt 22.07.2012, 00:13   #9
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



so nun aber:

Code:
ATTFilter
All processes killed
========== OTL ==========
No active process named Program Files was found!
No active process named Program Files was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
HKU\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2757564449-3827123315-4241601567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eaef0677-c201-11e0-837e-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eaef0677-c201-11e0-837e-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eaef0677-c201-11e0-837e-806e6f6e6963}\ not found.
File D:\Autorun.exe not found.
ADS C:\ProgramData\Temp:DFC5A2B2 deleted successfully.
C:\ProgramData\pmt_0piot.pad moved successfully.
C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk moved successfully.
File C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File C:\ProgramData\pmt_0piot.pad not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Lappi\Desktop\cmd.bat deleted successfully.
C:\Users\Lappi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Lappi
->Temp folder emptied: 3176077785 bytes
->Temporary Internet Files folder emptied: 260750475 bytes
->Java cache emptied: 9531482 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 47510 bytes
 
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8811748854 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 5198533206 bytes
 
Total Files Cleaned = 16.649,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Lappi
->Flash cache emptied: 0 bytes
 
User: postgres
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07222012_010406

Files\Folders moved on Reboot...
C:\Users\Lappi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lappi\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\Lappi\AppData\Local\Temp\toip0_tmp.exe moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\Lappi\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Lappi\AppData\Local\Temp\MMDUtl.log not found!
File C:\Users\Lappi\AppData\Local\Temp\toip0_tmp.exe not found!
[2012.07.22 01:08:53 | 000,914,549 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5
[2012.07.22 01:08:47 | 000,996,357 | ---- | M] () C:\Windows\temp\LMutilps.log : Unable to obtain MD5

Registry entries deleted on Reboot...
         
der Taskmanager geht nun wieder - scheint ein gutes Zeichen zu sein. Jedoch tritt nun folgender Fehler auf:

RunDLL
"Problem beim Starten von c:\users\lappi\Local\Temp\toip0_tmp.exe

Das angegeben Modul wurde nicht gefunden"

Alt 22.07.2012, 00:21   #10
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Sehr gut!

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
Mfg, t'john
Das TB unterstützen

Alt 22.07.2012, 10:08   #11
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Hey! Sorry gestern war es schon sehr spät, war Zeit fürs Bett.

Ich könnte dich jetzt schon knutschen! Ich kann das Internet wieder einschalten, ohne dass das weiße Bild auftaucht!

Ich werde jetzt dann die nächsten Schritte durchführen und anschließend die Logdatei posten.

Danke, danke!!!

Alt 22.07.2012, 10:16   #12
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Gut, melde Dich bitte mit den Logfiles wieder
__________________
Mfg, t'john
Das TB unterstützen

Alt 22.07.2012, 18:24   #13
Kakis
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



So hier nun die Logs.

Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lappi :: LAP [Administrator]

Schutz: Aktiviert

22.07.2012 11:14:12
mbam-log-2012-07-22 (11-14-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 539953
Laufzeit: 2 Stunde(n), 8 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v1.703 - Logfile created 07/22/2012 at 19:21:16
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lappi - LAP
# Running from : C:\Users\Lappi\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Lappi\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Lappi\AppData\Roaming\pdfforge
File Found : C:\Users\Lappi\Desktop\eBay.lnk

***** [Registry] *****

Key Found : HKLM\SOFTWARE\DT Soft

***** [Registre - GUID] *****

[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v16.0.912.63

File : C:\Users\Lappi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [959 octets] - [22/07/2012 19:21:16]

########## EOF - C:\AdwCleaner[R1].txt - [1086 octets] ##########
         

Alt 22.07.2012, 18:44   #14
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Sehr gut!


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 05.08.2012, 02:06   #15
t'john
/// Helfer-Team
 
GUV 2.07 Webcam Trojaner! - Standard

GUV 2.07 Webcam Trojaner!



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu GUV 2.07 Webcam Trojaner!
absolut, beachten, bereits, besondere, diplomarbeit, einstellungen, funktionier, funktioniert, guv 2.07, hallo zusammen, hoffe, home, interne, internet, laptop, nichts, troja, trojaner, update, updaten, version., versucht, verzweifeln, webcam, windows, windows 7, zusammen



Ähnliche Themen: GUV 2.07 Webcam Trojaner!


  1. GVU Trojaner hat Windows 7 gesperrt - Webcam - paysafecard oder ukash - Trojaner-Board
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (3)
  2. GVU - Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (23)
  3. GVU-Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (3)
  4. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (4)
  5. GVU Trojaner mit Webcam
    Log-Analyse und Auswertung - 11.11.2012 (3)
  6. GVU Trojaner mit Webcam
    Log-Analyse und Auswertung - 26.10.2012 (6)
  7. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (39)
  8. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 14.09.2012 (1)
  9. GVU-Trojaner mit Webcam
    Log-Analyse und Auswertung - 11.09.2012 (9)
  10. GVU Webcam Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.09.2012 (7)
  11. GVU-Trojaner mit Webcam
    Log-Analyse und Auswertung - 03.09.2012 (14)
  12. BSI Trojaner mit Webcam
    Log-Analyse und Auswertung - 21.08.2012 (16)
  13. GVU Trojaner + Webcam
    Log-Analyse und Auswertung - 16.08.2012 (8)
  14. GVU Trojaner mit webcam
    Log-Analyse und Auswertung - 13.08.2012 (24)
  15. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (11)
  16. GVU Trojaner mit Webcam
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (2)
  17. Webcam trojaner?
    Mülltonne - 12.02.2008 (0)

Zum Thema GUV 2.07 Webcam Trojaner! - Hallo zusammen, auch mich hat nun - seit Donnerstag - der Bundespolizei-Trojaner erwischt. Und zwar handelt es sich um die 2.07 GUV Webcam Version. Mein Laptop funktioniert, solange ich das - GUV 2.07 Webcam Trojaner!...
Archiv
Du betrachtest: GUV 2.07 Webcam Trojaner! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.