Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Seiten-Ladefehler beim Öffnen von Youtube

Seiten-Ladefehler beim Öffnen von Youtube


Plagegeister aller Art und deren Bekämpfung: Seiten-Ladefehler beim Öffnen von Youtube

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.05.2012, 16:41   #1
xMax
 
Seiten-Ladefehler beim Öffnen von Youtube - Standard

Seiten-Ladefehler beim Öffnen von Youtube


Hallo liebes Trojaner-board Forum,

ich habe seit gestern das Problem, dass beim Laden der Internetseite youtube eine Fehlermeldung (Seiten-Ladefehler) kommt, d.h. ich komme nicht einmal auf die Seite rauf.
Ich habe hier im Forum mal rumgestöbert und bin auf diesen Thread gestoßen, wo das gleiche Problem geschildert wird.

Nun habe ich die gleichen Anweisungen befolgt:

Hier der Durchlaufbericht von Malwarebytes:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.30.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
***** :: *****-DESKTOP [Administrator]

30.05.2012 15:40:11
mbam-log-2012-05-30 (15-40-11).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 501666
Laufzeit: 1 Stunde(n), 34 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Program Files (x86)\Atari\TDU2\Test Drive Unlimited 2 v1.069 build 1 + 7 Trainer.exe (HackTool.GamesCheat) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Max\Downloads\4Front Truepianos VSTi v1.4.1 Incl Keygen-AiR\Keygen.exe (Malware.Packer.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL Logfiles:
OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.05.2012 17:26:34 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\Max\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 63,08% Memory free
8,00 Gb Paging File | 6,54 Gb Available in Paging File | 81,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 255,41 Gb Free Space | 54,85% Space Free | Partition Type: NTFS
 
Computer Name: *****-DESKTOP | User Name: *****| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Max\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV:64bit: - (SharedAccess) -- C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NIWinCDEmu) -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3176921
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 F6 4E A7 25 83 CA 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {88ac3cb6-596b-4217-964c-b6757ef9602d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109980&babsrc=SP_ss&mntrId=54ffe893000000000000001966fbc4ed
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?ch_id=skins7&q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6R8lVLrC4N&i=26
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "express-files Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3176921&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:2.0
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:\\Users\\Max\\AppData\\Local\\Temp\\proxtube.pac"
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.01.26 22:26:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.03 16:10:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.29 17:21:11 | 000,000,000 | ---D | M]
 
[2009.12.22 18:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
[2012.05.18 13:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions
[2010.06.09 16:27:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.05 00:39:31 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.05 21:50:07 | 000,000,000 | ---D | M] (Incredibar Toolbar) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions\ffxtlbr@incredibar.com
[2012.05.18 13:40:00 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions\ich@maltegoetz.de
[2012.03.05 21:50:13 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\qrc1bu7a.default\extensions\info@bflix.info
[2012.03.27 18:32:16 | 000,000,929 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\conduit.xml
[2012.05.23 20:43:29 | 000,000,950 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-1.xml
[2011.03.31 10:23:08 | 000,000,950 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-10.xml
[2010.07.20 15:01:21 | 000,000,961 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-2.xml
[2010.09.20 17:21:16 | 000,000,961 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-3.xml
[2010.11.02 09:01:43 | 000,000,961 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-4.xml
[2010.12.28 10:05:00 | 000,000,961 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-5.xml
[2011.03.03 10:02:20 | 000,000,961 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-6.xml
[2011.03.03 10:05:14 | 000,000,950 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-7.xml
[2011.03.05 20:40:44 | 000,000,950 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-8.xml
[2011.03.05 23:21:03 | 000,000,950 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin-9.xml
[2010.04.22 13:33:22 | 000,000,945 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\qrc1bu7a.default\searchplugins\icqplugin.xml
[2012.01.20 20:00:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.27 16:56:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.20 21:51:24 | 000,105,020 | ---- | M] () (No name found) -- C:\USERS\MAX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRC1BU7A.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2012.05.03 16:10:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.28 18:17:58 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.20 18:31:47 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.03.28 18:17:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.28 18:17:58 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.28 18:17:58 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.28 18:17:58 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.28 18:17:58 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{016CE6A6-1CCB-4EEB-89EC-2F829D6629C9}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.30 15:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.30 15:39:00 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.05.30 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.05.29 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Malwarebytes
[2012.05.29 20:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.29 17:22:06 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.29 17:22:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.05.29 17:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.05.29 00:05:52 | 000,000,000 | ---D | C] -- C:\Users\Max\Documents\Labels
[2012.05.28 23:32:38 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sfArk
[2012.05.28 23:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sfArk
[2012.05.28 23:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sfArk
[2012.05.21 16:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.05.18 19:04:28 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{8737DD25-5A56-4348-BC71-3173CEA6912F}
[2012.05.18 19:04:17 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{2204C0CB-FCDB-413A-90A2-F43F2D127227}
[2012.05.10 13:35:34 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.05.10 13:35:28 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.05.10 13:35:25 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.05.10 13:35:24 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.05.03 16:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.03 16:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.05.02 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{179AD918-57C1-414B-B51B-7A0ACDAA3455}
[2012.05.02 20:43:36 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{E05835E6-DE85-4155-8F0E-AC0AF8850384}
[2012.04.30 21:41:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{9C45FDE9-9F6E-4B59-8B7F-6CF3DD419339}
[2012.04.30 21:40:53 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\{1C89EF75-A4BA-40AD-A9C4-2A0FC2F0BAB2}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.30 17:28:06 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.30 17:28:06 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.30 17:20:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.30 17:20:35 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.30 16:39:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.30 15:39:03 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.29 20:22:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.29 17:22:06 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.05.29 17:22:06 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.29 17:21:11 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.05.27 18:00:00 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Max.job
[2012.05.11 07:38:00 | 000,359,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.10 22:15:20 | 001,519,798 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.10 22:15:20 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.10 22:15:20 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.10 22:15:20 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.10 22:15:20 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.30 15:39:03 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.29 17:22:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.29 17:20:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.05.29 17:20:49 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.03.30 14:26:32 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2012.03.27 17:47:17 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2012.03.27 17:47:17 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2012.01.10 11:32:52 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.01.10 11:32:52 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.10.21 12:07:15 | 000,286,208 | ---- | C] () -- C:\Windows\SysWow64\binkw32.dll
[2011.04.01 23:38:24 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.04.01 23:37:52 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.04.01 23:37:04 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.09.16 13:06:54 | 000,007,602 | ---- | C] () -- C:\Users\Max\AppData\Local\Resmon.ResmonCfg
[2010.06.12 19:08:10 | 000,000,174 | ---- | C] () -- C:\Windows\DieVölker.ini

< End of report >
--- --- ---

[/code]

Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.05.2012 17:26:34 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 63,08% Memory free
8,00 Gb Paging File | 6,54 Gb Available in Paging File | 81,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 255,41 Gb Free Space | 54,85% Space Free | Partition Type: NTFS
 
Computer Name: *****-DESKTOP | User Name: *****| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- Reg Error: Key error.
batfile [open] -- Reg Error: Key error.
batfile [print] -- Reg Error: Key error.
chm.file [open] -- Reg Error: Key error.
cmdfile [edit] -- Reg Error: Key error.
cmdfile [open] -- Reg Error: Key error.
cmdfile [print] -- Reg Error: Key error.
comfile [open] -- Reg Error: Key error.
cplfile [cplopen] -- Reg Error: Key error.
exefile [open] -- Reg Error: Key error.
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
htafile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- Reg Error: Key error.
inffile [open] -- Reg Error: Key error.
inffile [print] -- Reg Error: Key error.
inifile [open] -- Reg Error: Key error.
inifile [print] -- Reg Error: Key error.
InternetShortcut [open] -- Reg Error: Key error.
InternetShortcut [print] -- Reg Error: Key error.
jsfile [edit] -- Reg Error: Key error.
jsfile [open] -- Reg Error: Key error.
jsfile [print] -- Reg Error: Key error.
jsefile [edit] -- Reg Error: Key error.
jsefile [open] -- Reg Error: Key error.
jsefile [print] -- Reg Error: Key error.
piffile [open] -- Reg Error: Key error.
regfile [edit] -- Reg Error: Key error.
regfile [open] -- Reg Error: Key error.
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- Reg Error: Key error.
scrfile [open] -- Reg Error: Key error.
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
vbefile [edit] -- Reg Error: Key error.
vbefile [open] -- Reg Error: Key error.
vbefile [print] -- Reg Error: Key error.
vbsfile [edit] -- Reg Error: Key error.
vbsfile [open] -- Reg Error: Key error.
vbsfile [print] -- Reg Error: Key error.
wsffile [edit] -- Reg Error: Key error.
wsffile [open] -- Reg Error: Key error.
wsffile [print] -- Reg Error: Key error.
wshfile [open] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.
Applications\iexplore.exe [open] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{109AE55C-F18F-4FCF-8589-E06D013609F6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{275EB080-E0CD-40C2-9D24-B3247EF9388D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2A31C337-F57D-4176-BBC3-6082F3C0E5F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2DC4C171-2387-4B0B-8B56-5418D0C8E705}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{4083033C-5A5B-411C-A00D-88269C847A7B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41873BFC-47B9-4555-9AA6-75428AB344E3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4E10FAB4-6E8B-4BA1-85C1-716D9AB0D9D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{654D987F-DA61-4E4F-A66E-DAE56B431586}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6802BA10-A500-47EE-9460-A6B00673E44D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6B3B49E2-497D-41A9-971D-A927FE61E947}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{797CE1D2-227B-40FA-8B05-4439DBC850A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7E58C967-52DF-4CEF-9327-2E7B88949EA4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9008EB82-C484-43B5-8F72-7500EAB323AF}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9557EA4E-AFE5-433D-BCA3-BD944C4778E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{97A71FBD-DEC7-4E24-BB75-994E7510075B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9B0AAE97-A903-4D0B-8266-5019BEB275E8}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A1C313A3-21C2-4B31-8C51-8916ECC18DE5}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{D266FBA1-E384-4D1F-8712-555F09A204EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D664DD7B-491B-4DF4-A69F-61C7EC1DA447}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E42874E9-7322-41FA-ABD0-7EFE7D8ACFBE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FE119D9E-FEA3-4074-897D-02C1A18AF06A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{FE80FCB1-12F5-47AD-8EE0-BAEE6312FD44}" = rport=445 | protocol=6 | dir=out | app=system | 
"{FEBC1F75-6F40-410D-BEFF-6FCA66566E5A}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{029C633B-22E8-4CCF-A8BC-C92AE1F4A3C2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{0C444261-59AD-4EAF-A4D3-DF52BC7C83D0}" = protocol=17 | dir=in | app=c:\users\max\downloads\halion_4_vst.rar_downloader_224.exe | 
"{0C639243-FC98-4D49-8EBD-CD4523CC01DA}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe | 
"{0D128984-35C1-4286-BC95-BAB3D9899E8F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{0D26510F-8FE2-4917-B2D4-D1DD83D6846F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0EF8D4DC-BE25-46BB-A6F9-E6404E2060B1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{10ADB03E-19D3-4055-A204-7502DBC4FC2D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1305EBA6-FBBE-4272-9AB1-838AAE325C48}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{13A82EB3-E1CE-4297-9173-C7D3B75AFFFD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{1A82A03C-D7B2-40F6-A224-441E3E779736}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1ACABB70-B172-4C54-A36E-A01411C6DE84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1EA08D15-03E0-4AC5-8E5D-DA6FD11E2044}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{2314E48D-81B2-4C85-B780-44019F283850}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{2D7A70E8-C23A-433B-9D50-EE0D7F013F1B}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe | 
"{2FA2CE82-4C02-4328-96FE-6EB0D3829D33}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{316E2F6D-FF65-4859-B0C5-5A1DEFF51F25}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{48F116C0-F037-4AEB-9A72-391D7E238EF8}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{4E7A0D10-EC8D-4889-9490-461242E86280}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{4EB8CEFD-0000-4E37-BBA1-166FF14F3147}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{54690595-B187-4D3A-AC36-2722D680CA31}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | 
"{5A8E4582-98AE-4FA0-8913-64BB3B2F3DC6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{5E92F20C-17D8-4A7B-8EAF-7116013C128F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{61A4BB5D-D317-49B1-B418-98A06105B82F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{6F537F04-ED75-4313-8AF8-70B18B5EDC17}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{73B3210E-65A9-4211-96D4-99AB6E47B2FA}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{770C2ABE-945C-4D1D-B83D-CE9124FE1329}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{7797C070-A8E7-425A-A439-8F8B09576E18}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{78B4DDA2-BB52-4B75-B0C2-C315424EADEA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7BC685EA-EC68-4831-8958-25116B959BBF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7BCBFF4D-BA51-4968-B9F2-C6381B754BEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{829A302C-AD67-44F3-A363-E2A9F193B599}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8A380A2D-154E-42C3-8B93-BF174E6E9795}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe | 
"{90146089-AD97-48A4-86A3-830910E0DEA1}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe | 
"{9404FC0A-2C20-4705-B81D-D513ED0E423F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9819E46D-2B4D-4534-A125-544C83E25DB7}" = dir=in | app=c:\users\max\downloads\etype_setup.exe | 
"{9CD13601-E962-4F71-9D59-ACFC8DF61ABC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{A2152E0B-3E45-4DFE-ABEB-C959A5C4CDC7}" = dir=out | app=c:\users\max\downloads\etype_setup.exe | 
"{A503D3E2-835D-442A-A96C-D2D7208FD67C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B1124DBF-A8F5-43EB-A36B-1118C130EC55}" = protocol=6 | dir=out | app=system | 
"{B9313BDA-B1BC-4DE2-8FAA-F17DCC74966A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C04F8DC6-CC52-4EF0-9263-6255250760CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C16576F5-799F-4815-AFFF-B816710A6B07}" = protocol=6 | dir=in | app=c:\users\max\downloads\halion_4_vst.rar_downloader_224.exe | 
"{C8850668-57C3-4E3E-A148-605EA3821AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{C93B9C93-F166-4423-8CEE-A1C237400607}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{CB740EC9-7B1C-4FE8-A4A8-0435FB5B02CA}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{E0568925-9C16-468C-B72D-38C5FD1F6FE1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E433C041-DBE7-4235-BFF0-3777A5212129}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | 
"{E44580BD-A7DE-4584-92BA-6526694DC8C2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{E56F8E06-5FAE-4DC7-973E-7D557A3B4984}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EBA7D698-01DD-44CA-B170-6C50C9A95FA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F19DA537-EBA0-4D0C-A140-7A8BB82846AF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FC0223F7-A82B-4257-887C-C32EEA951C59}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"TCP Query User{1C41BAEB-9B1A-494E-A638-94D3DF434330}C:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\_uplauncher.exe | 
"TCP Query User{233BD39F-2CB4-472A-B041-DB8CC42B5011}C:\program files (x86)\jowood\die völker 2 gold edition\bin\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jowood\die völker 2 gold edition\bin\game.exe | 
"TCP Query User{240E24B4-76F1-4A47-A065-57A0A5BD0A4C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{28BE4179-CD5B-49CB-BBF5-C4C38A063F7E}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe | 
"TCP Query User{4A8CDEEE-5226-43D6-8C92-193F8E4A8B45}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | 
"TCP Query User{52FF53F6-BDE7-43EA-AB16-058E6B81A8D1}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | 
"TCP Query User{78560F6D-9567-4FE6-A408-65E201A72E18}C:\users\max\downloads\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\testdriveunlimited.exe | 
"TCP Query User{7E2068E8-5171-428F-A3D3-0A5F2230536A}C:\program files (x86)\anno 1701\anno1701addon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\anno 1701\anno1701addon.exe | 
"TCP Query User{90B7C640-C3A7-49E0-96F7-1B2159E9DEA4}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe | 
"TCP Query User{A01509DB-BB1D-4C01-BED2-7819C2FB1684}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"TCP Query User{B28CD97F-B718-44F2-9DE3-7AD632B9E5DF}C:\users\max\downloads\bittorrent-7.2.1.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\bittorrent-7.2.1.exe | 
"TCP Query User{C878089A-1D21-4819-9205-FF0D81AF8D80}C:\users\max\documents\tdu\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\max\documents\tdu\tdu\testdriveunlimited.exe | 
"TCP Query User{DE648DDF-DE91-4F1D-9F3A-22D8349699E9}C:\program files (x86)\1c company\13th century - death or glory\engine.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1c company\13th century - death or glory\engine.exe | 
"TCP Query User{E87013D6-896A-4DDE-8401-30836EA7F1D2}C:\program files (x86)\anno 1701\anno1701.exe" = protocol=6 | dir=in | app=c:\program files (x86)\anno 1701\anno1701.exe | 
"TCP Query User{F7C0354E-C98C-4880-9DDD-89FCD41EE30B}C:\users\max\appdata\local\temp\rar$ex00.958\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\local\temp\rar$ex00.958\tdu\testdriveunlimited.exe | 
"UDP Query User{03B71D01-AB7F-4688-B014-B3F18948AAC8}C:\program files (x86)\jowood\dievölker\bin\dv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jowood\dievölker\bin\dv.exe | 
"UDP Query User{28D5D69C-2145-43B7-B6B1-AFEFE2FAF0DD}C:\program files (x86)\1c company\13th century - death or glory\engine.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1c company\13th century - death or glory\engine.exe | 
"UDP Query User{2EDDF671-C5C9-4C07-9A8A-228FF0FFED45}C:\users\max\appdata\local\temp\rar$ex00.958\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\local\temp\rar$ex00.958\tdu\testdriveunlimited.exe | 
"UDP Query User{386E3410-B032-47AD-85E0-E138A43F9251}C:\users\max\documents\tdu\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\max\documents\tdu\tdu\testdriveunlimited.exe | 
"UDP Query User{417E2C22-5F2E-4F4C-9882-407647B8FC24}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe | 
"UDP Query User{4F40E873-F607-4EA9-93F0-9B40F17BDB57}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"UDP Query User{538738AE-BFB8-4193-8A9D-4F03BCFF96CE}C:\program files (x86)\anno 1701\anno1701addon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\anno 1701\anno1701addon.exe | 
"UDP Query User{5C68FED9-CE23-4E8B-8A5D-E7FDE8FD866A}C:\users\max\downloads\bittorrent-7.2.1.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\bittorrent-7.2.1.exe | 
"UDP Query User{6D3A5D84-5721-4A35-947D-242D1B6AC337}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | 
"UDP Query User{6EBDD168-6EF9-4432-A961-C6B1363CF06A}C:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\_uplauncher.exe | 
"UDP Query User{80D2D5DE-6412-40FA-8A46-9D6ECF082F7E}C:\program files (x86)\anno 1701\anno1701.exe" = protocol=17 | dir=in | app=c:\program files (x86)\anno 1701\anno1701.exe | 
"UDP Query User{83FD2BD6-4D8D-4C93-B89A-4197DAD7565F}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"UDP Query User{E92B2C91-9666-4068-A40C-00A67FD52FAE}C:\program files (x86)\jowood\die völker 2 gold edition\bin\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jowood\die völker 2 gold edition\bin\game.exe | 
"UDP Query User{F603CF31-A468-438A-8B6E-FFAF82462C85}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | 
"UDP Query User{F9BE3E77-27CA-4E55-A781-EF380D57F9B1}C:\users\max\downloads\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\testdriveunlimited.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{67e13682-a5ba-4f12-ac10-4b41eacb82da}" = Native Instruments Alicias Keys
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D3364347-0A05-CA85-1DAD-80A7A75BF677}" = ATI Catalyst Install Manager
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6 Demo
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1CD4D45E-4851-496D-840F-2C2E752ECFB7}" = SweetIM Toolbar for Internet Explorer 3.9
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1" = Haushaltsbuch Freeware 2.3
"{1E76EB6E-E390-11DF-95DB-005056C00008}" = MSVCRT Redists
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}" = Die Sims™ 3 Erstelle ein Muster-Tool
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{799A321F-F3E8-4B04-8AF7-2CBB82E56169}" = MAGIX Speed burnR (MSI)
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = Die*Sims™*3 Erstelle einen Sim
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0A88AE-8388-42D5-9134-149BCD77E4F2}" = Die Völker 2 Gold Edition
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9624502C-3D39-41A0-8917-858EC16769CE}" = KORG M1 Le
"{9660B18F-EC12-11DF-B006-0013D3D69929}" = Sound Forge Pro 10.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A67205C5-C0ED-43B5-860F-ECC8C47BDD4A}_is1" = 13th Century - Death or Glory
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4B04CA4-25F6-4A20-B0CA-51FAEF566E94}" = MAGIX Screenshare
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{DA95E878-B181-4366-A433-6145592707A8}" = SweetIM for Messenger 3.1
"{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}" = Noise Reduction Plug-in 2.0i
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BabylonToolbar" = Babylon toolbar on IE
"BitTorrent" = BitTorrent
"Bus-Simulator 2008 Demo_is1" = Bus-Simulator 2008 Demo
"Camel Audio CamelCrusher64" = Camel Audio CamelCrusher64
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"City Racing_is1" = City Racing
"Deckadance" = Deckadance
"Die Völker" = Die Völker
"Drakensang_is1" = Drakensang
"Drumaxx" = Drumaxx
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"FL Studio 10" = FL Studio 10
"FL Studio 9" = FL Studio 9
"Forte Free" = Forte Free 2.0
"Französisch für das 1. Lernjahr" = Französisch für das 1. Lernjahr
"FUSSBALL MANAGER 12" = FUSSBALL MANAGER 12
"Hardcore" = Hardcore
"ICQToolbar" = ICQ Toolbar
"IL Download Manager" = IL Download Manager
"incredibar" = Incredibar Toolbar  on IE and Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LingoPad_is1" = LingoPad 2.6 (Build 360)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Alicias Keys" = Native Instruments Alicias Keys
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
"Native Instruments Massive v1.0.1.008 VSTi DXi RTAS" = Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
"Native Instruments Pro-53 Demo" = Native Instruments Pro-53 Demo
"Native Instruments Service Center" = Native Instruments Service Center
"NSS" = Norton Security Scan
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Pointofix_is1" = Pointofix
"PoiZone" = PoiZone
"Police Supercars Racing_is1" = Police Supercars Racing
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Rob Papen Albino 3" = Rob Papen Albino 3
"RoseBook_is1" = RoseBook 2.1
"Sakura" = Sakura
"Sawer" = Sawer
"sfArk" = sfArk
"shortcircuit" = shortcircuit
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
"Sytrus" = Sytrus
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Toxic Biohazard" = Toxic Biohazard
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---


EDIT:
Noch einmal die installierten Programme:
Code:
ATTFilter
13th Century - Death or Glory	1C Company	06.08.2010		1.0
7-Zip 9.20		12.07.2011		
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	29.04.2010		10.0.45.2
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	28.05.2012	6,00MB	11.2.202.235
Adobe Reader 9.5.1 - Deutsch	Adobe Systems Incorporated	28.05.2012	118,4MB	9.5.1
Adobe Shockwave Player 11.6	Adobe Systems, Inc.	25.01.2012		11.6.3.633
ANNO 1404	Ubisoft	19.04.2011		1.02.0000
ANNO 1602 Königs-Edition		14.08.2010		1.00
Anno 1701	Sunflowers	01.01.2010		1.00
Anno 1701 - Der Fluch des Drachen	Sunflowers	01.01.2010		2.03
Apple Application Support	Apple Inc.	14.04.2012	61,0MB	2.1.7
Apple Mobile Device Support	Apple Inc.	14.04.2012	24,5MB	5.1.1.4
Apple Software Update	Apple Inc.	21.06.2011	2,25MB	2.1.3.127
ASIO4ALL	Michael Tippach	23.12.2011		2.10
ATI Catalyst Install Manager	ATI Technologies, Inc.	01.09.2009	18,2MB	3.0.732.0
avast! Free Antivirus	AVAST Software	25.01.2012		6.0.1367.0
Babylon toolbar on IE		19.03.2012		
Bing Bar	Microsoft Corporation	03.04.2012	24,3MB	7.0.619.0
BitTorrent	BitTorrent Inc.	29.11.2011		7.5.0
Bonjour	Apple Inc.	15.10.2011	1,86MB	3.0.0.10
Bus-Simulator 2008 Demo	astragon Software GmbH	23.06.2010		
Camel Audio CamelCrusher64	Camel Audio	19.01.2012		1.01.0
CCleaner	Piriform	22.05.2012		3.19
Cheat Engine 6.1	Dark Byte	02.04.2012	23,6MB	
City Racing	Media Contact LLC	31.03.2012		1.0
Deckadance	Image-Line	19.08.2011		
Die Sims 2		24.07.2011		
Die Sims 2: Nightlife		24.07.2011		
Die Sims 2: Open For Business		24.07.2011		
Die Sims 2: Wilde Campus-Jahre		24.07.2011		
Die Sims™ 2 Freizeit-Spaß	Electronic Arts	17.03.2012		
Die Sims™ 2 H&M®-Fashion-Accessoires		24.07.2011		
Die Sims™ 2 Vier Jahreszeiten		24.07.2011		
Die Sims™ 3	Electronic Arts	27.03.2012		1.33.2
Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta	Electronic Arts	13.06.2011		1.11.10
Die Sims™ 3 Design-Garten-Accessoires	Electronic Arts	30.03.2012		7.0.55
Die Sims™ 3 Einfach tierisch	Electronic Arts	23.12.2011		10.0.96
Die Sims™ 3 Erstelle ein Muster-Tool	Electronic Arts	13.01.2011		1.0.0
Die Sims™ 3 Gib Gas-Accessoires	Electronic Arts	07.12.2010		5.0.44
Die Sims™ 3 Late Night	Electronic Arts	06.06.2011		6.5.1
Die Sims™ 3 Luxus-Accessoires	Electronic Arts	23.04.2011		3.0.38
Die Sims™ 3 Reiseabenteuer	Electronic Arts	20.01.2010		2.3.33
Die Sims™ 3 Showtime	Electronic Arts	30.03.2012		12.0.273
Die Sims™ 3 Traumkarrieren	Electronic Arts	04.01.2011		4.0.87
Die Völker		11.06.2010		
Die Völker 2 Gold Edition	JoWooD Productions Software AG	01.01.2010	359MB	2.0.2
Die*Sims™*3 Erstelle einen Sim	Electronic Arts	06.08.2010		1.0.26
Drakensang	dtp	24.12.2009		
Drumaxx	Image-Line	17.07.2011		
Edirol HQ Orchestral VSTi v1.03		30.03.2012		
Firebird SQL Server - MAGIX Edition	MAGIX AG	17.07.2011	10,1MB	2.1.27.0
FL Studio 10	Image-Line	19.08.2011		
FL Studio 9	Image-Line	17.07.2011		
Forte Free 2.0	Lugert Verlag	22.03.2011		2.0
Französisch für das 1. Lernjahr		28.01.2010		
FreeMind		14.03.2012	16,2MB	0.9.0_RC_10
FUSSBALL MANAGER 07		12.03.2010		
FUSSBALL MANAGER 12	Electronic Arts	07.01.2012	6.721MB	1.0.0.3
Guitar Pro 6 Demo	Arobas Music	10.07.2011	570MB	
Hardcore	Image-Line	17.07.2011		
Haushaltsbuch Freeware 2.3	makasy.com	03.06.2010		
ICQ Toolbar	ICQ	09.01.2010		3.0.0
ICQ7	ICQ	26.01.2010		7.0
IL Download Manager	Image-Line	17.07.2011		
Incredibar Toolbar  on IE and Chrome		04.03.2012		
iTunes	Apple Inc.	14.04.2012	159,0MB	10.6.1.7
KORG M1 Le	KORG Inc.	10.04.2012	18,4MB	1.0.4
LingoPad 2.6 (Build 360)	Lingo4you	30.07.2010		2.6
MAGIX Screenshare	MAGIX AG	17.07.2011	1,43MB	4.3.6.1987
MAGIX Speed burnR (MSI)	MAGIX AG	17.07.2011	52,9MB	7.0.2.6
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	29.05.2012	18,0MB	1.61.0.1400
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.06.2010	38,8MB	4.0.30319
Microsoft Silverlight	Microsoft Corporation	09.05.2012	60,4MB	4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	03.04.2012	1,70MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	03.04.2012	0,29MB	8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	21.12.2009	0,69MB	8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	21.12.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	13.12.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	03.04.2012	0,58MB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	03.04.2012	13,8MB	10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	03.04.2012	15,0MB	10.0.40219
Microsoft WSE 3.0 Runtime	Microsoft Corp.	01.09.2009	0,92MB	3.0.5305.0
MixMeister BPM Analyzer 1.0	MixMeister Technology LLC	01.04.2012		
Mozilla Firefox 12.0 (x86 de)	Mozilla	02.05.2012	39,5MB	12.0
Mozilla Maintenance Service	Mozilla	02.05.2012	0,21MB	12.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	23.03.2011	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.03.2011	1,33MB	4.20.9876.0
Native Instruments Alicias Keys		13.04.2012		
Native Instruments Alicias Keys	Native Instruments	14.04.2012		
Native Instruments Kontakt 5		13.04.2012		
Native Instruments Kontakt 5	Native Instruments	14.04.2012		
Native Instruments Kontakt Factory Selection		13.04.2012		
Native Instruments Kontakt Factory Selection	Native Instruments	14.04.2012		
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS		27.03.2012		
Native Instruments Pro-53 Demo	Native Instruments	17.07.2011		
Native Instruments Service Center		13.04.2012		
Native Instruments Service Center	Native Instruments	14.04.2012		
Noise Reduction Plug-in 2.0i	Sony	14.04.2011	5,31MB	2.0.455
Norton Security Scan	Symantec Corporation	31.01.2010		2.3.0.44
NVIDIA Display Control Panel	NVIDIA Corporation	22.12.2009		1.10
NVIDIA Drivers	NVIDIA Corporation	22.12.2009		1.10
NVIDIA PhysX	NVIDIA Corporation	22.12.2009	120,1MB	9.09.0814
NVIDIA Stereoscopic 3D Driver	NVIDIA Corporation	22.12.2009		7.17.11.9562
OpenOffice.org 3.1	OpenOffice.org	22.12.2009	349MB	3.1.9420
Origin	Electronic Arts, Inc.	27.03.2012		8.5.0.4554
Paint.NET v3.5.10	dotPDN LLC	26.10.2011	10,7MB	3.60.0
Pointofix	Amerigomedia	11.07.2010		
PoiZone	Image-Line	17.07.2011		
Police Supercars Racing	Media Contact LLC	26.12.2010		1.0
QuickTime	Apple Inc.	14.04.2012	73,3MB	7.71.80.42
reFX Nexus VSTi RTAS v2.2.0		26.01.2012		
Rob Papen Albino 3		11.04.2012		
RoseBook 2.1	RoseApps	15.08.2010		
Sakura	Image-Line	17.07.2011		
Sawer	Image-Line	17.07.2011		
sfArk		27.05.2012		
shortcircuit		04.03.2012		
softonic-de3 Toolbar	softonic-de3	30.07.2010		5.7.1.1
Sound Forge Pro 10.0	Sony	14.04.2011	297MB	10.0.491
Steinberg Hypersonic VSTi DXi v2.0		29.03.2012		
SweetIM for Messenger 3.1	SweetIM Technologies Ltd.	10.06.2010	3,94MB	3.1.0004
SweetIM Toolbar for Internet Explorer 3.9	SweetIM Technologies Ltd.	10.06.2010	4,00MB	3.9.0004
Sytrus	Image-Line	28.02.2012		
Test Drive Unlimited	Ihr Firmenname	02.04.2012	7.197MB	0.10.0000
Test Drive Unlimited 2	Atari	05.12.2011		
Text-To-Speech-Runtime	Magix Development GmbH	17.07.2011	0,25MB	1.0.0.0
Toxic Biohazard	Image-Line	17.07.2011		
VIA Plattform-Geräte-Manager	VIA Technologies, Inc.	01.09.2009	2,62MB	1.34
Windows Live Essentials	Microsoft Corporation	04.04.2012		15.4.3555.0308
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	03.04.2012	5,58MB	15.4.5722.2
Windows Media Player Firefox Plugin	Microsoft Corp	15.05.2011	0,29MB	1.0.0.8
Winload Toolbar		19.07.2010		
WinRAR		26.02.2010
So, das wäre es dann.

Ich freue mich über jede Hilfe, die ich bekommen kann!

Da ich meinen Beitrag nicht mehr bearbeiten kann,
nochmal der Link zu dem oben genannten Thread, welcher wohl verloren gegegangen ist: hxxp://www.trojaner-board.de/103447-youtube-seitenladefehler.html
Geändert von xMax (30.05.2012 um 16:48 Uhr)

Alt 31.05.2012, 09:45   #2
Psychotic
/// Malwareteam
 
Seiten-Ladefehler beim Öffnen von Youtube - Standard

Seiten-Ladefehler beim Öffnen von Youtube


Zitat:
C:\Users\Max\Downloads\4Front Truepianos VSTi v1.4.1 Incl Keygen-AiR\Keygen.exe



Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren.

Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malwaredateien )
Dies ist einer der Hauptursachen für Infektionen.

Ausserdem sind Cracks, Keygens, usw. illegal und das ist genauso Diebstahl wie in einem Laden.
Darum haben wir uns darauf geeinigt:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________

__________________
Alt 31.05.2012, 12:39   #3
xMax
 
Seiten-Ladefehler beim Öffnen von Youtube - Standard

Seiten-Ladefehler beim Öffnen von Youtube


Das Problem ist gelöst, kann bitte ein Admin den Thread hier löschen?
__________________
Geändert von xMax (31.05.2012 um 13:02 Uhr)

Antwort

Themen zu Seiten-Ladefehler beim Öffnen von Youtube
7-zip, antivirus, autorun, babylon toolbar, babylontoolbar, bho, bingbar, bonjour, conduit, converter, dateisystem, downloader, error, firefox, flash player, format, hacktool.gamescheat, heuristiks/extra, heuristiks/shuriken, home, iexplore.exe, incredibar toolbar, install.exe, langs, montera, mozilla, mp3, msvcrt, nexus, object, origin, plug-in, problem, realtek, registry, rundll, scan, searchscopes, security, security scan, software, svchost.exe, sweetim, trojaner-board, udp, vdeck.exe, version=1.0, winload toolbar


« Wie System (HDD ausgebaut) an anderem Rechner scannen? Wg. BKA Trojaner, kein XP Zugriff | Kann kein Programm starten »


Ähnliche Themen: Seiten-Ladefehler beim Öffnen von Youtube


  1. Seiten-Ladefehler. Schon so viel probiert!
    Netzwerk und Hardware - 02.01.2015 (1)
  2. Win 8. Youtube Videos nicht abspielbar (seiten ladefehler auf allen browsern)
    Netzwerk und Hardware - 30.07.2014 (8)
  3. Windows7: Seiten-Ladefehler - In Firefox, IE und Chrome
    Netzwerk und Hardware - 13.10.2013 (2)
  4. Windows7: Seiten-Ladefehler in Firefox, IE und Chrome
    Log-Analyse und Auswertung - 13.10.2013 (7)
  5. Seiten-ladefehler
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (1)
  6. Seiten Ladefehler DRINGEND
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (7)
  7. Youtube Neztwerk-Zeitüberschreitung, Seiten-Ladefehler
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (13)
  8. Youtube Seiten-Ladefehler
    Antiviren-, Firewall- und andere Schutzprogramme - 02.06.2012 (4)
  9. Seiten Ladefehler - ist das ein Trojaner /Virus?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (1)
  10. Internet: Seiten-Ladefehler bei bestimmten Urls
    Log-Analyse und Auswertung - 14.02.2012 (7)
  11. Seiten-Ladefehler bei einigen Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 12.06.2011 (1)
  12. Youtube Seiten-Ladefehler alle anderen Seiten funktionieren
    Log-Analyse und Auswertung - 09.06.2011 (12)
  13. Facebook, Youtube Seiten-Ladefehler (keine Wartungsarbeiten)
    Plagegeister aller Art und deren Bekämpfung - 24.01.2011 (3)
  14. seiten ladefehler kommen viel zu oft unter firefox 3.5.7.
    Alles rund um Windows - 06.03.2010 (14)
  15. Seiten-Ladefehler bei Firefox
    Plagegeister aller Art und deren Bekämpfung - 11.08.2009 (8)
  16. Seiten Ladefehler
    Diskussionsforum - 16.07.2009 (2)
  17. bin.clearspring.com beim öffnen von diversen Seiten
    Log-Analyse und Auswertung - 15.07.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Seiten-Ladefehler beim Öffnen von Youtube - Hallo liebes Trojaner-board Forum, ich habe seit gestern das Problem, dass beim Laden der Internetseite youtube eine Fehlermeldung (Seiten-Ladefehler) kommt, d.h. ich komme nicht einmal auf die Seite rauf. Ich - Seiten-Ladefehler beim Öffnen von Youtube...
Archiv
Du betrachtest: Seiten-Ladefehler beim Öffnen von Youtube auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131