Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
BKA Trojaner mit weißem Bildschirm

BKA Trojaner mit weißem Bildschirm


Log-Analyse und Auswertung: BKA Trojaner mit weißem Bildschirm

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.05.2013, 22:35   #1
danihhlg
 
BKA Trojaner mit weißem Bildschirm - Standard

BKA Trojaner mit weißem Bildschirm


Hallo allerseits,

ich habe von einem Freund einen Laptop bekommen, der laut seiner Aussage mit dem BKA-Trojaner infiziert ist. Wenn ich den Rechner starte, sehe ich nur einen weißen Bildschirm ohne Möglichkeit irgendetwas zu tun. Der abgesicherte Modus lässt sich auch nicht benutzen, der Rechner startet direkt neu. Über die Eingabeaufforderung habe ich mit OTL wie hier beschrieben, die Logfiles erstellt.

Schon einmal vielen Dank für die Hilfe!

OTL.txt
Code:
ATTFilter
OTL logfile created on: 5/27/2013 12:03:45 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = f:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 3.06 Gb Available Physical Memory | 76.43% Memory free
8.00 Gb Paging File | 7.08 Gb Available in Paging File | 88.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 59.12 Gb Free Space | 50.77% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.58 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive E: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 3.73 Gb Total Space | 3.73 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
 
Computer Name: BERND-PC | User Name: Bernd | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/05/26 22:57:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- f:\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009/09/17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Stopped] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/29 14:03:41 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/12/19 09:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/05/08 16:31:01 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 16:31:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/02/28 18:35:22 | 000,018,432 | ---- | M] () [Auto | Stopped] -- C:\Users\Bernd\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe -- (GhosteryStatsUpdater)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/12/21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/08/05 12:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/11/09 15:33:30 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012/11/09 15:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012/11/09 15:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012/11/09 15:33:30 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012/11/09 15:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012/11/09 15:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012/10/17 13:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012/05/08 16:31:01 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 16:31:01 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/19 17:56:15 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/23 06:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/07/30 00:11:23 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/23 17:48:59 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/09 05:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 15:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/20 10:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/05/05 04:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/03 16:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/?rlz=1W4CHBB_deDE524
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
 
[2012/08/21 16:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (GhosteryStats) - {C331A7D9-4187-464C-BE66-FDBC56C07678} - C:\Users\Bernd\AppData\LocalLow\GhosteryStats\IE\GhosteryStats.dll (David Cancel)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe File not found
O4 - HKLM..\Run: [ZoneAlarm Installer] C:\Program Files (x86)\CheckPoint\Install\Launcher.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50C5F4A0-8A3E-4AA0-9037-84431D3B5C08}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF8FA1D1-227D-4A47-9E13-B5EE35F769AC}: DhcpNameServer = 195.50.140.114 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000 Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-532675968-2162539954-2112059143-1000 Winlogon: Shell - (C:\Users\Bernd\AppData\Roaming\skype.dat) - C:\Users\Bernd\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/27 00:02:39 | 007,149,824 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/27 00:02:39 | 000,694,454 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/05/27 00:02:39 | 000,693,478 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/05/27 00:02:39 | 000,691,216 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013/05/27 00:02:39 | 000,689,132 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/05/27 00:02:39 | 000,679,366 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013/05/27 00:02:39 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/05/27 00:02:39 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/27 00:02:39 | 000,551,794 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2013/05/27 00:02:39 | 000,385,344 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/05/27 00:02:39 | 000,353,546 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2013/05/27 00:02:39 | 000,137,086 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/05/27 00:02:39 | 000,133,776 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013/05/27 00:02:39 | 000,132,964 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013/05/27 00:02:39 | 000,130,164 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/05/27 00:02:39 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/05/27 00:02:39 | 000,127,168 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/05/27 00:02:39 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/05/27 00:02:39 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/27 00:02:39 | 000,089,460 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2013/05/27 00:02:39 | 000,069,118 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2013/05/27 00:00:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/26 23:59:06 | 3220,602,880 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/26 22:45:24 | 000,000,004 | ---- | M] () -- C:\Users\Bernd\AppData\Roaming\skype.ini
[2013/05/26 22:40:36 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 22:40:36 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 22:31:58 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/06 20:31:07 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/05 11:39:36 | 000,076,800 | R--- | M] () -- C:\Users\Bernd\AppData\Roaming\skype.dat
[2013/05/03 15:07:28 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\AiO Home Center Registration Remind Task.job
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/05/05 11:44:51 | 000,000,004 | ---- | C] () -- C:\Users\Bernd\AppData\Roaming\skype.ini
[2013/05/05 11:30:30 | 000,076,800 | R--- | C] () -- C:\Users\Bernd\AppData\Roaming\skype.dat
[2013/04/03 16:09:54 | 000,000,367 | ---- | C] () -- C:\Users\Bernd\Heimnetzgruppe - Verknüpfung.lnk
[2010/09/10 16:27:11 | 000,033,134 | ---- | C] () -- C:\Users\Bernd\AppData\Roaming\UserTile.png
[2009/12/03 03:51:27 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F

< End of report >
Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 5/27/2013 12:03:45 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = f:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 3.06 Gb Available Physical Memory | 76.43% Memory free
8.00 Gb Paging File | 7.08 Gb Available in Paging File | 88.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 59.12 Gb Free Space | 50.77% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.58 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive E: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 3.73 Gb Total Space | 3.73 Gb Free Space | 99.98% Space Free | Partition Type: FAT32
 
Computer Name: BERND-PC | User Name: Bernd | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09CC0B14-5758-4B4B-9411-90309606ED82}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{114311E6-D809-46F0-A8BA-D166390649C3}" = lport=139 | protocol=6 | dir=in | app=system | 
"{17A96155-D854-4C3C-A37D-C87E848AE30E}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | 
"{1A645D1D-D226-4D90-ADAE-468FF638CC60}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{203F0B92-1462-4B1B-8244-18590D189A49}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2586B526-B96C-4F3E-BEB5-B461E0C4CB81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2E7971FF-7CEB-4515-84CC-DBF330C43D55}" = rport=138 | protocol=17 | dir=out | app=system | 
"{357C5974-EA09-4FEB-976E-9116C9C278ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{39818858-0EFB-4BE2-AA21-D47F1D89D6C9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3CAFD03A-6625-4B28-BEE7-51F29B6FAFA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3E79FB51-B2BA-447D-B548-A4CBBB0A5190}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{41C73F2E-C141-435D-9A57-4F82DF059775}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{54D43670-7505-4BAA-B23E-D81FE3A6F3E0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{97CA988B-0D38-4502-9100-44BADDC86546}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | 
"{A033171B-9768-424A-90DD-CCABB5D8F9F1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A2109EF8-42C9-424E-83A9-0CDAFA795B3A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A7627CE7-DA12-46A7-BF53-D78345007498}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AE1DF6BD-509B-4400-B15E-5B0005A10BD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{AE20DCC5-EEC4-4823-BAD9-7ABF7A7DF640}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B02F9FEA-EE19-47AB-8793-95B2EFF1F45F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B919E6AE-F6BE-4FD3-8FC5-BC4177DCB22C}" = lport=445 | protocol=6 | dir=in | app=system | 
"{BC22D416-BB56-4CEB-8453-B2D1B611435C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BCE14E04-BB4F-466C-B51F-52BF01D67221}" = lport=138 | protocol=17 | dir=in | app=system | 
"{EF427B69-4CD5-4D1E-BAF8-A077BEEE358C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F67547F6-6D2D-4C93-A973-E7247A321023}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F748896A-2A9F-4B3A-A94C-C82D6F837566}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FB88D93B-9E42-4560-9FA3-370619189A2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000136F8-C5B2-47B4-A225-87927C18C6B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{00F71B4C-4043-45A6-BE2E-30D962E91509}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{0A97601A-D54E-416E-B755-B3E6DD47486D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{18B664BA-0B65-4400-9556-0CC5D13AEE6B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{1B169BCB-4743-4953-A42C-43DD3EECC418}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{299FE444-DA6A-4AF6-80E6-9257D069D586}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{392F6243-675B-4653-B03A-1CFA28FD8E04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4CAC34C7-1EEE-474C-9AA8-3DCAF2E1760D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4F454FD7-5B31-406B-BCA9-2A04162B808A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{50202EE8-B7AE-4199-91EB-E174C9528FC2}" = protocol=6 | dir=out | app=system | 
"{56326521-EFFB-4A11-9C33-AC0E559B983C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{58C8E1A3-69A0-41A8-9C61-36E38265F6A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5D179551-289A-497F-A183-3F1A4DB791E2}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe | 
"{5D855715-CC7C-432C-8C16-45BF6287D917}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{5DFE9078-E842-48BC-9367-BBD3842F5733}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6380841C-9DA7-478B-A22F-2946062EE365}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{6F86C552-6369-4C4E-8FC7-E1EAFA10DDA7}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe | 
"{9AFD51AB-63EC-4FF2-8B44-0A6990AAE1D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A249BEA4-3DAE-49D1-A800-368F67C24086}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A87F6DEC-2C82-44A0-9817-8AC693746537}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{AC3E1B20-7EBC-42B5-947B-2488E9403FE8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B4F266FE-3701-4EA8-A32D-5DBC3DB6B3B7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B7F1FE9D-9CA7-4FD4-8325-DCC577B63E9E}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{BA4948F0-D2B0-4F4A-B13A-FAB3FF77DE61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BC940547-C7CC-407D-BFC6-337ED7FA2A12}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{BEC1ABAE-D1B8-4FE5-A9BF-8C0908A9A41D}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{EDDB555B-8AC7-42BD-BE01-70D9ACCE9013}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{F2531BE7-3F12-476D-906D-56ACC5F17BDB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F63FB575-7029-4DB9-9699-EF7FF446702B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{FE14A6EE-4971-4312-A4CD-D9C383F694DD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138CD2BA-D40F-B371-83A2-6412684CEFDD}" = ATI Catalyst Install Manager
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5C78A469-7C0C-4467-D0B3-15F61E55ABF8}" = ccc-utility64
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"Asus WebStorage" = Asus WebStorage
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0F6977FE-6405-5046-89DC-4EF328B66286}" = CCC Help French
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D5F9B49-7130-6937-0F4C-150F9FE7CB09}" = CCC Help Polish
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2548979D-7A27-03E4-B429-1F204D0D0D73}" = CCC Help Portuguese
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28CEB42A-1A7B-5CEC-B484-8E80215076A3}" = CCC Help Czech
"{2FE4D51A-43EE-1DE3-8BDB-11C60A07B98F}" = CCC Help Japanese
"{3034658B-0919-A344-6DC9-6ACD83BFA948}" = CCC Help Korean
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3316EB44-FD16-E49E-43DE-57D89FA95D2B}" = CCC Help Russian
"{3520D413-1AFF-7043-F880-05A950D6D821}" = CCC Help Spanish
"{35CDE395-E328-A794-821A-E41B74DC5822}" = Catalyst Control Center InstallProxy
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3D12E442-EDE8-F984-A18C-3CC668645201}" = Catalyst Control Center Graphics Full Existing
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5EFE43EE-97FB-CAAB-8B8A-714B87BD1ADA}" = CCC Help Greek
"{60E1EDE7-8CE2-1C35-E0B7-D14573FDF89A}" = CCC Help Danish
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{67B00457-8327-E055-C264-1661D39086C9}" = Catalyst Control Center Graphics Previews Vista
"{68B77719-C9D1-F15D-F91F-6F86B5B3B005}" = Catalyst Control Center Graphics Light
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}" = Island Wars 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FBCA935-E4E4-2881-2957-E8A3519E5772}" = CCC Help Dutch
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{922875CF-AFA6-3330-3BFF-42A48FC05537}" = CCC Help German
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9EF42EE0-39EA-515F-7092-C4A98BB14BB7}" = Catalyst Control Center Core Implementation
"{9F109E31-307D-9B92-4FC3-B8C8516085B9}" = Catalyst Control Center Localization All
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A392CD81-5299-2017-692A-DF3DF40898E2}" = CCC Help Finnish
"{A4A94E6D-65F7-D09E-3731-9668B7868E20}" = CCC Help Hungarian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A964CE7E-17C0-FE15-6A00-B2EFF54A03B7}" = CCC Help Chinese Traditional
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B27CC5E3-17F8-D598-DA75-F077D10078E1}" = CCC Help Norwegian
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B940CCF6-86B3-170C-48E6-DAADBE8926A6}" = ccc-core-static
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDFB10C3-4E6A-ACDC-F079-BF1704B5E191}" = CCC Help Swedish
"{CF9041ED-60C9-36ED-9DB9-F55AAD993865}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D4C85DA0-E167-DE66-E135-AB56B2FED8B9}" = CCC Help Turkish
"{D6B72835-3D53-99F7-4F8C-702D9CD6045D}" = CCC Help English
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DF7D9FB0-76CE-F8BB-F5D9-02AD79AE8875}" = CCC Help Italian
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK Home Center Software
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E6FC490C-3FAD-A5DD-69BC-ADB23CE6E2AE}" = CCC Help Thai
"{E7382773-CBE8-33A9-862E-C2337CD0F359}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{E9AD42D7-0B44-1ED5-F5C4-B7169084F89C}" = CCC Help Chinese Standard
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F705E354-7F59-9CF7-D570-13376C04BAE5}" = Catalyst Control Center Graphics Full New
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Nokia Suite" = Nokia Suite
"Spielefieber Braingames für Vista" = Spielefieber Braingames für Vista   
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar 
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-532675968-2162539954-2112059143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BrainGame" = Dr Kawashima
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/8/2012 10:45:07 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0x92c  Startzeit der fehlerhaften Anwendung: 0x01cd2d28d7ad7772  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 66c45811-991c-11e1-a51f-e0cb4e1aa276
 
Error - 5/8/2012 10:52:23 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0xae4  Startzeit der fehlerhaften Anwendung: 0x01cd2d29a21136bb  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 6b154e31-991d-11e1-a51f-e0cb4e1aa276
 
Error - 5/9/2012 10:01:28 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: TrustCheckerIEPlugin.dll, 
Version: 1.5.232.0, Zeitstempel: 0x4c178aee  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x0000cff3  ID des fehlerhaften Prozesses: 0x13f0  Startzeit der fehlerhaften Anwendung:
 0x01cd2dec2e1fe9d2  Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet
 Explorer\iexplore.exe  Pfad des fehlerhaften Moduls: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
Berichtskennung:
 783d65de-99df-11e1-a5ad-e0cb4e1aa276
 
Error - 5/9/2012 10:07:50 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0x928  Startzeit der fehlerhaften Anwendung: 0x01cd2decc142134d  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 5c366fb7-99e0-11e1-a5ad-e0cb4e1aa276
 
Error - 5/9/2012 10:09:30 AM | Computer Name = Bernd-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 928    Startzeit: 01cd2decc142134d    Endzeit: 15    Anwendungspfad: 
C:\Program Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 5/10/2012 10:25:48 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0x460  Startzeit der fehlerhaften Anwendung: 0x01cd2eb8894e7540  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 092a4ae6-9aac-11e1-a61f-e0cb4e1aa276
 
Error - 5/10/2012 10:37:47 AM | Computer Name = Bernd-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: f04    Startzeit: 01cd2eba154bc062    Endzeit: 23    Anwendungspfad: 
C:\Program Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 5/11/2012 9:37:52 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0xe60  Startzeit der fehlerhaften Anwendung: 0x01cd2f7a5d7019da  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 815828ef-9b6e-11e1-a7c8-e0cb4e1aa276
 
Error - 5/11/2012 9:45:56 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0x824  Startzeit der fehlerhaften Anwendung: 0x01cd2f7b9e3689ec  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 a1d23b8d-9b6f-11e1-a7c8-e0cb4e1aa276
 
Error - 5/11/2012 9:45:59 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7600.16624,
 Zeitstempel: 0x4c297c56  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00095b51  ID des fehlerhaften
 Prozesses: 0x824  Startzeit der fehlerhaften Anwendung: 0x01cd2f7b9e3689ec  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: a3517919-9b6f-11e1-a7c8-e0cb4e1aa276
 
Error - 5/11/2012 9:49:30 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0xd4c  Startzeit der fehlerhaften Anwendung: 0x01cd2f7cda57a804  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 2162b8d9-9b70-11e1-a7c8-e0cb4e1aa276
 
Error - 5/11/2012 9:49:32 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7600.16624,
 Zeitstempel: 0x4c297c56  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00095b51  ID des fehlerhaften
 Prozesses: 0xd4c  Startzeit der fehlerhaften Anwendung: 0x01cd2f7cda57a804  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: 228ea63b-9b70-11e1-a7c8-e0cb4e1aa276
 
Error - 5/12/2012 5:17:07 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
 Zeitstempel: 0x4a613d79  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001579a2  ID des fehlerhaften
 Prozesses: 0xe48  Startzeit der fehlerhaften Anwendung: 0x01cd301f9045bb06  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWow64\Macromed\Flash\Flash10c.ocx  Berichtskennung:
 3eb52930-9c13-11e1-a4dd-e0cb4e1aa276
 
Error - 5/12/2012 5:17:10 AM | Computer Name = Bernd-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
 Zeitstempel: 0x4d76255d  Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7600.16624,
 Zeitstempel: 0x4c297c56  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00095b51  ID des fehlerhaften
 Prozesses: 0xe48  Startzeit der fehlerhaften Anwendung: 0x01cd301f9045bb06  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll  Berichtskennung: 40215bb9-9c13-11e1-a4dd-e0cb4e1aa276
 
[ Media Center Events ]
Error - 3/14/2012 10:44:34 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 15:44:33 - Fehler beim Herstellen der Internetverbindung.  15:44:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 3/14/2012 10:45:19 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 15:45:03 - Fehler beim Herstellen der Internetverbindung.  15:45:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 3/15/2012 11:19:48 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 16:19:47 - Fehler beim Herstellen der Internetverbindung.  16:19:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 3/15/2012 11:20:28 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 16:20:17 - Fehler beim Herstellen der Internetverbindung.  16:20:17 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/30/2012 4:39:06 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 10:39:06 - Fehler beim Herstellen der Internetverbindung.  10:39:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/30/2012 4:39:19 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 10:39:12 - Fehler beim Herstellen der Internetverbindung.  10:39:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/30/2012 5:39:23 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 11:39:23 - Fehler beim Herstellen der Internetverbindung.  11:39:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 7/30/2012 5:39:30 AM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 11:39:28 - Fehler beim Herstellen der Internetverbindung.  11:39:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 5/26/2013 4:24:39 PM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 22:24:39 - Fehler beim Herstellen der Internetverbindung.  22:24:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 5/26/2013 4:24:50 PM | Computer Name = Bernd-PC | Source = MCUpdate | ID = 0
Description = 22:24:44 - Fehler beim Herstellen der Internetverbindung.  22:24:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 5/26/2013 6:00:47 PM | Computer Name = Bernd-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 5/26/2013 6:00:47 PM | Computer Name = Bernd-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 5/26/2013 6:00:47 PM | Computer Name = Bernd-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 5/26/2013 6:00:47 PM | Computer Name = Bernd-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  avipbb  avkmgr  DfsC  discache  NetBIOS  NetBT  nsiproxy  Psched  rdbss  spldr  tdx  vwififlt  Wanarpv6
WfpLwf
 
Error - 5/26/2013 6:00:59 PM | Computer Name = Bernd-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 5/26/2013 6:01:55 PM | Computer Name = Bernd-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 5/26/2013 6:02:23 PM | Computer Name = Bernd-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 5/26/2013 6:02:23 PM | Computer Name = Bernd-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 5/26/2013 6:02:24 PM | Computer Name = Bernd-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 5/26/2013 6:02:23 PM | Computer Name = Bernd-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >

 

Themen zu BKA Trojaner mit weißem Bildschirm
antivir, avira, bho, bildschirm, bingbar, bonjour, browser, desktop, error, firefox, flash player, helper, home, iexplore.exe, install.exe, installation, object, programm, registry, scan, security, senden, software, svchost.exe, trojaner, windows


« GVU Trojaner | Adserverplus-Trojaner entfernen »


Ähnliche Themen: BKA Trojaner mit weißem Bildschirm


  1. Windows 7: Polizei Virus mit weißem Bildschirm
    Log-Analyse und Auswertung - 27.09.2013 (13)
  2. BKA-Trojaner mit weißem Bildschirm und Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (11)
  3. PC plötzlich Blauer Bildschirm mit weißem Text
    Plagegeister aller Art und deren Bekämpfung - 11.08.2013 (25)
  4. Polizei Trojaner - schwarzer Schirm mit weißem Mauszeiger nach Systemwiederherstellung
    Log-Analyse und Auswertung - 02.08.2013 (9)
  5. Windows7 mit weißem Bildschirm nach dem Starten
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (21)
  6. Acer Notebook mit weißem Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (34)
  7. Windows 7 startet nicht mehr, schwarzer Bildschirm beim Booten mit weißem Mauszeiger
    Log-Analyse und Auswertung - 19.03.2013 (0)
  8. BSI.bund.exe führt zu weißem Bildschirm - Win 7
    Log-Analyse und Auswertung - 02.06.2012 (7)
  9. 50€-Virus mit weißem Bildschirm - OTL log erstellt
    Plagegeister aller Art und deren Bekämpfung - 27.03.2012 (13)
  10. Computer startet mit weißem Bildschirm und einer Meldung...
    Log-Analyse und Auswertung - 27.03.2012 (9)
  11. Fehlermeldung auf weißem Bildschirm, auch nach Neustart
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (1)
  12. Roter Kreis mit weißem X - Your computer is infected!
    Log-Analyse und Auswertung - 22.10.2009 (11)
  13. Roter Kreis mit weißem Kreuz
    Plagegeister aller Art und deren Bekämpfung - 10.02.2009 (22)
  14. Bitte um Hilfe: Roter Kreis mit weißem X
    Log-Analyse und Auswertung - 21.10.2008 (2)
  15. YOur computer is infected - roter Kreis mit weißem Kreuz
    Plagegeister aller Art und deren Bekämpfung - 20.10.2008 (9)
  16. Roter Kreis mit weißem Kreuz in der Taskleiste
    Log-Analyse und Auswertung - 14.10.2006 (2)
  17. Roter Kreis mit weißem X - Your computer is Infected!
    Plagegeister aller Art und deren Bekämpfung - 05.01.2006 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA Trojaner mit weißem Bildschirm - Hallo allerseits, ich habe von einem Freund einen Laptop bekommen, der laut seiner Aussage mit dem BKA-Trojaner infiziert ist. Wenn ich den Rechner starte, sehe ich nur einen weißen Bildschirm - BKA Trojaner mit weißem Bildschirm...
Archiv
Du betrachtest: BKA Trojaner mit weißem Bildschirm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55