Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Antimalware Doc entfernen klappt nciht ganz (https://www.trojaner-board.de/88375-antimalware-doc-entfernen-klappt-nciht-ganz.html)

xxxlalala 20.07.2010 10:46
Code:
O1 HOSTS File: ([2010.07.19 17:31:27 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [EPSON Stylus Photo R2400] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATI9SE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Users\i\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: digitalriver.com ([windows7] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{398ed822-80fc-11df-ac4e-0018f3af945a}\Shell - "" = AutoRun
O33 - MountPoints2\{398ed822-80fc-11df-ac4e-0018f3af945a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{4110cd2a-c70c-11de-97ba-0018f3af945a}\Shell - "" = AutoRun
O33 - MountPoints2\{4110cd2a-c70c-11de-97ba-0018f3af945a}\Shell\AutoRun\command - "" = G:\AS2conscription.exe -- File not found
O33 - MountPoints2\{462ff3aa-01bf-11df-a769-0018f3af945a}\Shell - "" = AutoRun
O33 - MountPoints2\{462ff3aa-01bf-11df-a769-0018f3af945a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.19 23:55:58 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.07.19 17:35:16 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\MFTools
[2010.07.19 17:31:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.19 16:37:11 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\i\Desktop\OTL.exe
[2010.07.19 13:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.07.19 11:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010.07.19 11:09:47 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Roaming\Yahoo!
[2010.07.19 11:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010.07.19 11:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.19 11:08:35 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.17 21:59:38 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\panik_koljah_nmzs_-_spastik_desaster_2009
[2010.07.13 11:52:22 | 000,000,000 | ---D | C] -- C:\REFlex
[2010.07.12 00:00:34 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\AlienShooter2 Conscription Saves
[2010.07.11 23:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\Sigma_Team
[2010.07.11 23:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sigma Team
[2010.07.11 23:38:49 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\Ovi
[2010.07.09 10:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.07.08 23:50:54 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Roaming\Nokia Ovi Suite
[2010.07.08 23:04:35 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\NokiaAccount
[2010.07.08 23:04:35 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\Nokia
[2010.07.08 23:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.07.08 23:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.07.08 22:39:04 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Roaming\Nokia
[2010.07.08 22:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010.07.08 22:36:53 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.07.08 22:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.07.08 22:28:07 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Roaming\PC Suite
[2010.07.08 21:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.07.08 21:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010.07.08 21:47:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.07.08 21:45:22 | 000,092,672 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010.07.08 21:42:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010.07.08 21:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010.07.08 21:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010.07.07 12:19:11 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\nicolebilder
[2010.07.06 20:37:49 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\The Lord of the Rings Online
[2010.07.06 20:37:49 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\The Lord of the Rings Online
[2010.07.06 10:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010.07.06 09:46:30 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\alesschau
[2010.07.04 13:50:04 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\bla
[2010.07.03 13:20:46 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\Battlefield Heroes
[2010.07.03 00:15:32 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\My Downloads
[2010.07.02 00:32:10 | 000,000,000 | ---D | C] -- C:\Users\i\Documents\Dungeons and Dragons Online
[2010.07.02 00:28:36 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Roaming\Turbine
[2010.07.02 00:28:15 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\Turbine
[2010.07.02 00:27:18 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\ApplicationHistory
[2010.07.02 00:25:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010.07.02 00:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
[2010.07.01 21:27:22 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\PMB Files
[2010.07.01 21:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.07.01 21:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010.07.01 16:54:46 | 000,000,000 | ---D | C] -- C:\Users\i\AppData\Local\PunkBuster
[2010.07.01 11:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2010.06.30 09:22:26 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\seiteoffline
[2010.06.26 12:09:39 | 000,000,000 | ---D | C] -- C:\Users\i\workspace
[2010.06.26 12:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\IronPython 2.6 for .NET 4.0
[2010.06.24 03:00:42 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 03:00:42 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 03:00:42 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 10:38:09 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.06.23 10:38:07 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.06.23 10:38:07 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.06.23 10:38:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.06.21 14:21:03 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\herkansing marko
[2010.06.21 11:26:54 | 000,000,000 | ---D | C] -- C:\Users\i\Desktop\internetneu
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.20 10:43:49 | 004,194,304 | -HS- | M] () -- C:\Users\i\NTUSER.DAT
[2010.07.20 10:39:15 | 000,002,646 | ---- | M] () -- C:\Users\i\Desktop\rep.html
[2010.07.19 23:53:35 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.19 23:53:35 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.19 23:51:36 | 000,739,790 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.19 23:51:36 | 000,624,776 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.19 23:51:36 | 000,110,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.19 23:46:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.19 23:46:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.19 23:46:07 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.19 18:33:53 | 002,027,047 | -H-- | M] () -- C:\Users\i\AppData\Local\IconCache.db
[2010.07.19 17:42:27 | 000,293,376 | ---- | M] () -- C:\Users\i\Desktop\84zd3nru.exe
[2010.07.19 17:40:06 | 000,000,020 | ---- | M] () -- C:\Users\i\defogger_reenable
[2010.07.19 17:38:46 | 000,050,477 | ---- | M] () -- C:\Users\i\Desktop\Defogger.exe
[2010.07.19 17:35:22 | 000,284,915 | ---- | M] () -- C:\Users\i\Desktop\Gmer.zip
[2010.07.19 17:31:27 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010.07.19 16:37:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\i\Desktop\OTL.exe
[2010.07.19 16:22:25 | 000,007,627 | ---- | M] () -- C:\Users\i\AppData\Local\Resmon.ResmonCfg
[2010.07.19 15:58:38 | 000,410,680 | ---- | M] () -- C:\Users\i\Desktop\Load.exe
[2010.07.19 15:52:28 | 000,002,943 | ---- | M] () -- C:\Users\i\Desktop\HiJackThis.lnk
[2010.07.19 11:46:52 | 000,150,136 | ---- | M] () -- C:\Users\i\Desktop\essentialslog.jpg
[2010.07.19 11:46:52 | 000,001,456 | ---- | M] () -- C:\Users\i\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010.07.19 11:45:49 | 000,222,755 | ---- | M] () -- C:\Users\i\Desktop\essentialslog.psd
[2010.07.19 11:25:42 | 000,035,192 | ---- | M] () -- C:\Users\i\Documents\cc_20100719_112537.reg
[2010.07.19 11:09:41 | 000,000,969 | ---- | M] () -- C:\Users\i\Desktop\CCleaner.lnk
[2010.07.19 11:08:13 | 000,339,991 | ---- | M] () -- C:\Users\i\Desktop\RSIT.exe
[2010.07.19 11:02:59 | 000,001,438 | ---- | M] () -- C:\Users\i\Desktop\firefox.exe - Shortcut.lnk
[2010.07.19 01:14:29 | 000,001,007 | ---- | M] () -- C:\Users\i\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010.07.19 01:14:29 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.19 01:03:25 | 000,363,520 | ---- | M] () -- C:\Users\i\Desktop\rkill.com
[2010.07.16 15:53:36 | 027,810,221 | ---- | M] () -- C:\Users\i\Desktop\16072010005.mp4
[2010.07.12 10:13:52 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010.07.12 00:02:24 | 108,827,564 | ---- | M] () -- C:\Users\i\Desktop\Schatten_seperat.tif
[2010.07.11 23:43:14 | 000,010,752 | ---- | M] () -- C:\Users\i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.08 23:03:35 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.08 22:38:09 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010.07.08 22:25:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.07.08 21:43:14 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.07.07 16:12:19 | 000,192,894 | ---- | M] () -- C:\Users\i\Desktop\sbb.pdf
[2010.07.06 12:27:07 | 000,015,364 | -H-- | M] () -- C:\Users\Public\Documents\.DS_Store
[2010.07.06 12:25:55 | 000,000,082 | -H-- | M] () -- C:\Users\Public\Documents\._sbb.pdf
[2010.07.05 23:42:40 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.05 23:42:19 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.07.05 15:02:46 | 001,897,016 | ---- | M] () -- C:\Users\Public\Documents\P7058246.JPG
[2010.07.05 15:02:42 | 002,035,287 | ---- | M] () -- C:\Users\Public\Documents\P7058244.JPG
[2010.07.04 17:50:40 | 000,192,894 | ---- | M] () -- C:\Users\Public\Documents\sbb.pdf
[2010.07.03 12:51:42 | 000,138,056 | ---- | M] () -- C:\Users\i\AppData\Roaming\PnkBstrK.sys
[2010.07.03 12:51:27 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.07.02 00:28:17 | 000,000,089 | ---- | M] () -- C:\Users\i\AppData\Local\fusioncache.dat
[2010.06.30 10:02:47 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.29 08:51:48 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.06.27 11:13:42 | 000,010,235 | ---- | M] () -- C:\Users\i\Desktop\Doc5.docx
[2010.06.25 21:39:03 | 000,073,701 | -H-- | M] () -- C:\Users\Public\Documents\._hallo2.jpg
[2010.06.25 21:38:57 | 000,073,758 | -H-- | M] () -- C:\Users\Public\Documents\._hallo1.jpg
[2010.06.25 21:34:36 | 003,757,567 | ---- | M] () -- C:\Users\Public\Documents\hallo2.jpg
[2010.06.25 21:34:02 | 003,757,746 | ---- | M] () -- C:\Users\Public\Documents\hallo1.jpg
[2010.06.23 19:28:53 | 000,073,043 | -H-- | M] () -- C:\Users\Public\Documents\._gut7.jpg
[2010.06.23 19:28:43 | 000,074,385 | -H-- | M] () -- C:\Users\Public\Documents\._gut6.jpg
[2010.06.23 19:24:14 | 003,610,875 | ---- | M] () -- C:\Users\Public\Documents\gut7.jpg
[2010.06.23 19:23:30 | 003,702,399 | ---- | M] () -- C:\Users\Public\Documents\gut6.jpg
[2010.06.23 18:39:51 | 000,066,262 | -H-- | M] () -- C:\Users\Public\Documents\._na2444.jpg
[2010.06.23 18:37:28 | 000,072,788 | -H-- | M] () -- C:\Users\Public\Documents\._sofia3.jpg
[2010.06.23 18:36:52 | 000,074,451 | -H-- | M] () -- C:\Users\Public\Documents\._gut4.jpg
[2010.06.23 18:36:39 | 000,074,801 | -H-- | M] () -- C:\Users\Public\Documents\._gut3.jpg
[2010.06.23 18:36:02 | 001,908,885 | ---- | M] () -- C:\Users\Public\Documents\na2444.jpg
[2010.06.23 18:32:28 | 007,713,743 | ---- | M] () -- C:\Users\Public\Documents\gut4.jpg
[2010.06.23 18:30:48 | 007,025,611 | ---- | M] () -- C:\Users\Public\Documents\gut3.jpg
[2010.06.23 18:26:50 | 000,073,310 | -H-- | M] () -- C:\Users\Public\Documents\._12.jpg
[2010.06.23 18:26:13 | 000,072,714 | -H-- | M] () -- C:\Users\Public\Documents\._gut2.jpg
[2010.06.23 18:26:04 | 000,072,850 | -H-- | M] () -- C:\Users\Public\Documents\._gut1.jpg
[2010.06.23 18:17:50 | 004,725,714 | ---- | M] () -- C:\Users\Public\Documents\gut2.jpg
[2010.06.23 18:17:10 | 005,033,392 | ---- | M] () -- C:\Users\Public\Documents\gut1.jpg
[2010.06.21 23:22:08 | 000,049,664 | ---- | M] () -- C:\Users\i\Desktop\Sinn,Kunst,Reden.doc
[2010.06.21 11:05:45 | 001,285,120 | ---- | M] () -- C:\Users\i\Desktop\Können wir sinnvoll über Kunst sprechen1-2-2-2.doc
[2010.06.20 19:51:47 | 000,401,989 | ---- | M] () -- C:\Users\i\Desktop\24-10--25-copy.jpg
[2010.06.20 19:33:12 | 000,432,716 | ---- | M] () -- C:\Users\i\Desktop\24-10--17-copy.jpg
 
========== Files Created - No Company Name ==========
 
[2010.07.20 10:39:15 | 000,002,646 | ---- | C] () -- C:\Users\i\Desktop\rep.html
[2010.07.19 17:42:25 | 000,293,376 | ---- | C] () -- C:\Users\i\Desktop\84zd3nru.exe
[2010.07.19 17:39:45 | 000,000,020 | ---- | C] () -- C:\Users\i\defogger_reenable
[2010.07.19 17:38:45 | 000,050,477 | ---- | C] () -- C:\Users\i\Desktop\Defogger.exe
[2010.07.19 17:35:21 | 000,284,915 | ---- | C] () -- C:\Users\i\Desktop\Gmer.zip
[2010.07.19 15:58:37 | 000,410,680 | ---- | C] () -- C:\Users\i\Desktop\Load.exe
[2010.07.19 15:52:28 | 000,002,943 | ---- | C] () -- C:\Users\i\Desktop\HiJackThis.lnk
[2010.07.19 11:46:51 | 000,150,136 | ---- | C] () -- C:\Users\i\Desktop\essentialslog.jpg
[2010.07.19 11:45:47 | 000,222,755 | ---- | C] () -- C:\Users\i\Desktop\essentialslog.psd
[2010.07.19 11:25:39 | 000,035,192 | ---- | C] () -- C:\Users\i\Documents\cc_20100719_112537.reg
[2010.07.19 11:08:11 | 000,339,991 | ---- | C] () -- C:\Users\i\Desktop\RSIT.exe
[2010.07.19 11:02:59 | 000,001,438 | ---- | C] () -- C:\Users\i\Desktop\firefox.exe - Shortcut.lnk
[2010.07.19 01:14:29 | 000,001,007 | ---- | C] () -- C:\Users\i\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010.07.19 01:03:20 | 000,363,520 | ---- | C] () -- C:\Users\i\Desktop\rkill.com
[2010.07.17 14:54:14 | 108,827,564 | ---- | C] () -- C:\Users\i\Desktop\Schatten_seperat.tif
[2010.07.16 17:59:37 | 027,810,221 | ---- | C] () -- C:\Users\i\Desktop\16072010005.mp4
[2010.07.12 10:13:50 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.07.08 23:53:55 | 000,010,752 | ---- | C] () -- C:\Users\i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.08 23:03:35 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.08 22:38:09 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010.07.08 22:25:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.07.08 21:43:14 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.07.07 16:12:17 | 000,192,894 | ---- | C] () -- C:\Users\i\Desktop\sbb.pdf
[2010.07.06 12:27:07 | 001,897,016 | ---- | C] () -- C:\Users\Public\Documents\P7058246.JPG
[2010.07.06 12:26:23 | 002,035,287 | ---- | C] () -- C:\Users\Public\Documents\P7058244.JPG
[2010.07.06 12:25:55 | 000,192,894 | ---- | C] () -- C:\Users\Public\Documents\sbb.pdf
[2010.07.06 12:25:55 | 000,000,082 | -H-- | C] () -- C:\Users\Public\Documents\._sbb.pdf
[2010.07.02 00:28:17 | 000,000,089 | ---- | C] () -- C:\Users\i\AppData\Local\fusioncache.dat
[2010.07.01 16:55:06 | 000,215,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.07.01 11:28:46 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.01 11:28:46 | 000,138,056 | ---- | C] () -- C:\Users\i\AppData\Roaming\PnkBstrK.sys
[2010.07.01 11:28:17 | 000,215,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.07.01 11:28:15 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.07.01 11:28:12 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.06.30 10:02:47 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.29 08:51:48 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.06.27 11:13:40 | 000,010,235 | ---- | C] () -- C:\Users\i\Desktop\Doc5.docx
[2010.06.25 21:38:50 | 003,757,746 | ---- | C] () -- C:\Users\Public\Documents\hallo1.jpg
[2010.06.25 21:38:50 | 003,757,567 | ---- | C] () -- C:\Users\Public\Documents\hallo2.jpg
[2010.06.25 21:38:50 | 000,073,758 | -H-- | C] () -- C:\Users\Public\Documents\._hallo1.jpg
[2010.06.25 21:38:50 | 000,073,701 | -H-- | C] () -- C:\Users\Public\Documents\._hallo2.jpg
[2010.06.23 19:28:46 | 003,610,875 | ---- | C] () -- C:\Users\Public\Documents\gut7.jpg
[2010.06.23 19:28:46 | 000,073,043 | -H-- | C] () -- C:\Users\Public\Documents\._gut7.jpg
[2010.06.23 19:28:37 | 003,702,399 | ---- | C] () -- C:\Users\Public\Documents\gut6.jpg
[2010.06.23 19:28:37 | 000,074,385 | -H-- | C] () -- C:\Users\Public\Documents\._gut6.jpg
[2010.06.23 18:39:48 | 001,908,885 | ---- | C] () -- C:\Users\Public\Documents\na2444.jpg
[2010.06.23 18:39:48 | 000,066,262 | -H-- | C] () -- C:\Users\Public\Documents\._na2444.jpg
[2010.06.23 18:37:21 | 003,459,735 | ---- | C] () -- C:\Users\Public\Documents\sofia3.jpg
[2010.06.23 18:37:21 | 000,072,788 | -H-- | C] () -- C:\Users\Public\Documents\._sofia3.jpg
[2010.06.23 18:36:27 | 007,713,743 | ---- | C] () -- C:\Users\Public\Documents\gut4.jpg
[2010.06.23 18:36:27 | 007,025,611 | ---- | C] () -- C:\Users\Public\Documents\gut3.jpg
[2010.06.23 18:36:27 | 000,074,801 | -H-- | C] () -- C:\Users\Public\Documents\._gut3.jpg
[2010.06.23 18:36:27 | 000,074,451 | -H-- | C] () -- C:\Users\Public\Documents\._gut4.jpg
[2010.06.23 18:26:43 | 004,303,294 | ---- | C] () -- C:\Users\Public\Documents\12.jpg
[2010.06.23 18:26:43 | 000,073,310 | -H-- | C] () -- C:\Users\Public\Documents\._12.jpg
[2010.06.23 18:25:55 | 005,033,392 | ---- | C] () -- C:\Users\Public\Documents\gut1.jpg
[2010.06.23 18:25:55 | 004,725,714 | ---- | C] () -- C:\Users\Public\Documents\gut2.jpg
[2010.06.23 18:25:55 | 000,072,850 | -H-- | C] () -- C:\Users\Public\Documents\._gut1.jpg
[2010.06.23 18:25:55 | 000,072,714 | -H-- | C] () -- C:\Users\Public\Documents\._gut2.jpg
[2010.06.21 23:22:08 | 000,049,664 | ---- | C] () -- C:\Users\i\Desktop\Sinn,Kunst,Reden.doc
[2010.06.20 19:51:47 | 000,401,989 | ---- | C] () -- C:\Users\i\Desktop\24-10--25-copy.jpg
[2010.06.20 19:33:11 | 000,432,716 | ---- | C] () -- C:\Users\i\Desktop\24-10--17-copy.jpg
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.25 23:30:50 | 000,000,038 | ---- | C] () -- C:\Windows\BookPrintXP.ini
[2010.02.03 02:21:49 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.11.04 19:26:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2009.11.04 19:26:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2009.11.04 19:26:06 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.11.04 19:26:05 | 000,003,072 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.11.04 19:26:05 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009.11.04 19:26:05 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2005.11.11 12:43:28 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libssl32.dll
[2005.11.11 12:43:24 | 000,887,296 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.08.31 10:20:00 | 000,233,557 | ---- | C] () -- C:\Windows\System32\esint54.dll
[2005.05.06 20:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
< End of report >

xxxlalala 20.07.2010 10:46
extras.txt

Code:
OTL Extras logfile created on: 20.07.2010 10:42:19 - Run 3
OTL by OldTimer - Version 3.2.9.1    Folder = C:\Users\i\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 17,68 Gb Free Space | 30,23% Space Free | Partition Type: NTFS
Drive D: | 239,50 Gb Total Space | 11,46 Gb Free Space | 4,79% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,89 Gb Total Space | 1,53 Gb Free Space | 80,80% Space Free | Partition Type: FAT32
Drive G: | 82,49 Gb Total Space | 13,77 Gb Free Space | 16,69% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive O: | 29,28 Gb Total Space | 9,92 Gb Free Space | 33,88% Space Free | Partition Type: FAT32
 
Computer Name: I-PC
Current User Name: i
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe (Adobe Systems, Inc.)
.txt [@ = txtfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DBB6F9-62DD-487C-91BB-17333552BF36}" = Adobe Setup
"{15206372-2480-4698-9879-9825F12A307B}" = Adobe Premiere Pro CS4 Third Party Content
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E093855-359A-43EC-9D36-60B087C6215E}" = IronPython 2.6 for .NET 4.0
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A6ED905-D19D-4954-8499-0DAF386460F7}" = Media Manager for WALKMAN 1.2
"{5C963017-1A53-425B-8B2B-9495AF15382C}" = Adobe Media Encoder CS4 Importer
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{701E5B2B-09A3-4EF0-81D6-455C9B8ED073}" = Adobe Setup
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{81CB77FF-9789-4337-A46E-185F7876AC40}" = Adobe Photoshop Lightroom 2.6
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84C7A433-CED3-4410-9D69-0BF5486B9631}" = Sony CD Architect 5.2
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{8925AD1C-13DE-4709-9E88-6A0C320D0D43}" = ICC Profiles
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADE9794-F65D-11BE-051B-B6E52B5CDD04}" = Adobe Community Help
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9B13886-4787-4BE5-B291-7A668CF30F1E}" = EPSON ColorBase
"{ABA38B85-6F0A-43F0-9DF6-73066B0E9054}" = Adobe Setup
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0321}" = USB2.0 0.35M WebCam
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6DDE2AE-8E63-48C4-89C5-EACD4AC6E665}" = UltraEdit 16.00
"{C71607E2-84EC-4C1F-A649-82E530920C23}" = Adobe Setup
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D0ACED35-5F54-4898-97AC-C1456323A8E3}" = Adobe Media Encoder CS4 Exporter
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F5371573-B045-4A4C-9171-6D99C8FAC876}" = Adobe After Effects CS4 Third Party Content
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FBB02B04-C034-4382-A3F6-57416E2752C4}" = Adobe Creative Suite 5 Master Collection
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows Driver Package - Nokia Modem  (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_126a6c50d960aa4e8761045cec9b633" = Adobe Media Encoder CS4 Exporter
"Adobe_15f4da9bfad48542a17f089e7c5e0ab" = Adobe After Effects CS4 Third Party Content
"Adobe_48bbd0b5673fdf22ea2ad2f6f129e8e" = Adobe Premiere Pro CS4 Third Party Content
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"Adobe_5a8cdebdcb3cd1974a9407c51ce9b53" = Adobe Media Encoder CS4 Importer
"ASIO4ALL" = ASIO4ALL
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows Driver Package - Nokia Modem  (06/09/2010 7.01.0.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"foobar2000" = foobar2000 v1.0.1
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"JDownloader" = JDownloader
"LastFM_is1" = Last.fm 1.5.4.24567
"Live 8.0.4" = Live 8.0.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"SilverFast Epson" = SilverFast Epson 6.6.2r1
"SilverFast HDRStudio" = SilverFast HDRStudio 6.6.0r1
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"SystemRequirementsLab" = System Requirements Lab
"TrueCrypt" = TrueCrypt
"uTorrent" = µTorrent
"ViceVersa Pro 2_is1" = ViceVersa Pro 2 (Build 2012)
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Yahoo! Companion" = Yahoo! Toolbar
"Zenses2" = Zenses2 Beta2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 19.07.2010 02:54:07 | Computer Name = i-PC | Source = Google Update | ID = 20
Description =
 
Error - 19.07.2010 03:54:08 | Computer Name = i-PC | Source = Google Update | ID = 20
Description =
 
Error - 19.07.2010 04:54:07 | Computer Name = i-PC | Source = Google Update | ID = 20
Description =
 
Error - 19.07.2010 07:50:28 | Computer Name = i-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 19.07.2010 07:50:49 | Computer Name = i-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 19.07.2010 07:50:49 | Computer Name = i-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 with error: A required certificate is not within its validity period when verifying
 against the current system clock or the timestamp in the signed file.  .
 
Error - 19.07.2010 10:08:07 | Computer Name = i-PC | Source = MBAMService | ID = 131073
Description =
 
Error - 19.07.2010 22:30:54 | Computer Name = i-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
 PC Suite 7\TIS_Windows7PIM.dll".  Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 19.07.2010 22:31:11 | Computer Name = i-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\ironpython
 2.6 for .net 4.0\Lib\distutils\command\wininst-8_d.exe".  Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 19.07.2010 22:31:16 | Computer Name = i-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
 - search & destroy\DelZip179.dll" on line 8.  The value "*" of attribute "language"
 in element "assemblyIdentity" is invalid.
 
[ OSession Events ]
Error - 06.05.2010 17:29:22 | Computer Name = i-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6514.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.05.2010 16:01:14 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 17.05.2010 16:57:34 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 17.05.2010 17:46:19 | Computer Name = i-PC | Source = DCOM | ID = 10010
Description =
 
Error - 18.05.2010 04:34:46 | Computer Name = i-PC | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error:  %%2
 
Error - 18.05.2010 19:41:19 | Computer Name = i-PC | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error:  %%2
 
Error - 19.05.2010 02:40:09 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 19.05.2010 02:44:23 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 19.05.2010 02:46:16 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 19.05.2010 02:46:46 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 19.05.2010 02:47:27 | Computer Name = i-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
 
< End of report >

Larusso 20.07.2010 14:54
Noch Probleme? :)

xxxlalala 20.07.2010 22:50
soweit ist alles normal.
macht keine probleme. läuft so schnell wie immer nichts popt auf.
ich frage mich nur immernoch wo der herkommt.

das war jetzt nicht irgendeine lücke von windows oder so sondern ich hab irgendwas runtergeladen was mein antivir nicht erkannt hat ?

Larusso 21.07.2010 13:36
Für gewöhnlich kommt das via Driveby, kwasi du hast ne infizierte Seite aufgerufen welche halt ne Windows Lücke verwendet.

Nur ne Vermutung, woher das wirklich kommen könnte, kannst nur Du nachvollziehen.

Logfile ist sauber :daumenhoc

Hier noch die letzten paar Schritte zur Säuberung Deines Rechners.

Schritt 1

Starte die Defogger.exe und klicke den Re-Enable Button.


Schritt 2

Java aktualisieren

Deine Javaversion ist veraltet. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen müssen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von prm753 herunter und entpacke es auf den Desktop. JavaRA ist geeignet für Windows 9x, 2k, XP und Vista (mit deaktivierter Benuterkontensteuerung).
  • Schließe alle Browserfenster.
  • Doppelklicke die JavaRa.exe, um das Programm zu starten.
  • Die Sprache auswählen, nimm Englisch und klicke "Select".
  • Klicke auf Additional Task, mache Haken bei Remove Useless JRE Files und [b]Remove Sun Download Manager[b].
  • Klicke auf Go und jeweils auf Ok und schließe das Fenster "Additional Tasks" wieder.
  • Klicke auf Remove Older Versions, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen.
  • Klicke auf Yes wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK.
  • Das Logfile wird im Editor geöffnet, bitte speichern und später hier posten.
  • Kontrolliere in Systemsteuerung => Programme, ob noch Java-Versionen vorhanden sind und deinstalliere diese.
  • Rechner neu starten.
Downloade nun Java (Java Runtime Environment (JRE) 6 Update XX) von Oracle und installiere es. Vor dem Download musst Du die Lizenzbedingungen akzeptieren, indem Du "Accept License Agreement" aktivierst. Erweiterte Optionen anhaken, Sponsoren-Programm (Toolbar oder ähnliches) ggfs. abwählen.


Schritt 3

Windows +E Taste drücken --> Rechtsklick über Laufwerk C --> Eigenschaften --> Bereinigen --> weitere Optionen --> Systemwiederherstellung und Schattenkopien bereinigen.


Schritt 4

Tool CleanUp

Starte bitte die OTL.exe.
Klicke nun auf den Bereinigung Button. Dies wird die meisten Tools und Logfiles entfernen.
Sollte denoch etwas bestehen bleiben, bitte manuell entfernen sowie den Papierkorb leeren.


Schritt 5

Automatische Updates

Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.

Windows + R Taste drücken. Kopiere nun folgenden Text in die Kommandozeile

RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl

und klicke auf OK.
Stelle sicher das die automatischen Updates aktiviert sind.


Schritt 6

Um Dich für die Zukunft vor weiteren Infizierungen zu schützen empfehle ich Dir noch ein paar Programme.
  • SpywareBlaster
    Ein Tutorial zur Verwendung findest Du Hier

  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
    Hinweis: MBAM ersetzt keine Anti- Viren- Software.

  • Temp File Cleaner
    TFC ist ein wirklich starkes Tool zum entfernen von Temp Dateien vom IE und WIndows, leert den Papierkorb und noch viel mehr.
    Ausserdem hilft es Deinen Computer zu beschleunigen.
    Du kannst Dir TFC ( by OldTimer ) hier downloaden.

  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.

  • Halte Dein System aktuell
    Ich kann gar nicht oft genug betonen, wie wichtig es ist, dass der PC auf dem aktuellsten Stand der Dinge ist.
    Es werden oft genug Sicherheitslücken in Windows eigenen Anwendungen gefunden. Diese "Löcher" gehören entfernt, weil Angreifer diese womöglich nutzen um unauthorisiert auf Dein System zu zugreifen.
    Jeden zweiten Dienstag im Monat ist Update Tag. Besuche bitte dazu die Microsoft Update Seite.

  • Halte Deine Software aktuell
    Der einfachste Weg dafür ist der Secunia Online Software.


Schritt 7

Tipps für sicheres Surfen

Das sind meine Vorschläge.
Verwende einen alternativen Browser statt den IE.
Ich empfehle Mozilla Firefox.

Für Firefox gibt es verschiedenste AddOns um sicher durch das WWW zu kommen.
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.

  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

xxxlalala 21.07.2010 20:06
Hallo,
hat alles super geklappt, es gab ein paar ungereimtheiten, aber ich denke das ist nicht so von belang:
ich hatte JavaRa.exe erst nicht als admin ausgeführt und daher war die logfile immer leer. hab dann trotzdem die schritte befolgt, danach aber das programm nochmal als admin gestartet, nochmals die schritte durchgeführt, java nochmals deinstalliert und wieder installiert.. dauert ja alles nicht lange hier die vermutlich wenig aussegekräftige logfile:
Code:
JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Jul 21 20:12:25 2010

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

------------------------------------

Finished reporting.
bereinigen hat geklappt
otl konnte, glaube ich, nicht alles entfernen (wenn damit gemeint ist das es die ganzen programme und tools entfernt die ich benutzt hatte zur virenbekämpfung) weil ich diese vorher schon in einen anderen ordner verschoben hatte, aber ich weiß ja welche datein das sind und mache das von hand.

automaitsche updates sind seid jeher bei mir immer angeschaltet

Spywareblaster hab ich installiert
mbam hatte ich schon lange

der link von tfc hat einen 404 fehler, aber ich hatte tfc trotzdem noch von deiner load.exe und habs ausgeführt

die host file ist gepatcht

secunia hat mir gesagt quicktime firefox und flash sind alt, das sind sie jetzt nicht mehr

Bin von chrome zurück auf firefox (habe vor ca einer woche auf chrome gewechselt, weil ich es irgendwie handlicher fand, hatte dann aber auch zum ersten mal nen virus. auch wenn das nicht im zusammenhang steht.). für chrome gibt es scheinbar keinen vernünftigen Noscript ersatz.
jedenfalls habe ich die plugins installiert.

ich mache bald sowieso eine neuinstallation, wenn ich meinen neuen rechner zusammengebaut habe wird der alte auch neu installiert. der grund weshalb ich das nicht einfach als ich den virus hatte gemacht habe, ist dass ich momentan ein wichtiges projekt bearbeite und momentan nicht genügend externe festplatten für backups habe.

ich bedanke mich herzlichst für die hilfe, ich finde soetwas nicht selbstverständlich(vor allem weil man für wesentlich weniger qualifizierte hilfe auch unmengen geld ausgeben kann). Spenden werde ich natürlich auch was.

viele grüße und danke

Larusso 21.07.2010 21:26
Zitat:
der link von tfc hat einen 404 fehler,
Das Forum war down :)

Dieses Thema scheint erledigt und wird aus den Abos gelöscht. Solltest Du das Thema erneut benötigen, bitte eine PN an mich.

Jeder andere möge bitte einen eigenen Thread starten.


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:47 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131