Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Phising problem, provider sperrt internetzugang aufgrund von webhoast

Phising problem, provider sperrt internetzugang aufgrund von webhoast


Log-Analyse und Auswertung: Phising problem, provider sperrt internetzugang aufgrund von webhoast

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.08.2012, 17:08   #1
myknox
 
Phising problem, provider sperrt internetzugang aufgrund von webhoast - Standard

Phising problem, provider sperrt internetzugang aufgrund von webhoast


> > Es wurden vermutlich Sicherheitslücken ausgenutzt, die dem
> > Angreifer die Möglichkeit gegeben haben, eine Phishing Seite auf Ihre
> > Webseite zu kopieren.

wurde mir zugesandt, und im anschluss vorrübergehend mein inetzugang gesperrt, möglicherweise kann mir jemand helfen?, danke für logs check...

OTL logfile created on: 03.08.2012 17:40:28 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\myknox\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407
7,95 Gb Total Physical Memory
15,90 Gb Paging File
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C:
Drive C:
Drive E:
Drive F:
Computer Name: MYKNOX-HP
Boot Mode: Normal
Company Name Whitelist: Off
========== Processes (SafeList) ==========
PRC - C:\Users\myknox\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.)
PRC - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc)
PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
PRC - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe (Infineon Technologies AG)
PRC - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe (Infineon Technologies AG)
PRC - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe (Infineon Technologies AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (ArcSoft, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\NVIDIA Corporation\nView\nview.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avcodec-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avformat-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\swscale-2.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\Cultures\avutil-51.dll ()
MOD - C:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll ()
MOD - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
MOD - C:\Windows\SysWOW64\flcdlmsg.dll ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (DpHost) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV:64bit: - (McAfee Endpoint Encryption Agent) -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe ()
SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
SRV:64bit: - (HP Power Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (HPDayStarterService) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe (SiSoftware)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (hpCMSrv) -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.)
SRV - (HP ProtectTools Service) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (PdiService) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (HPFSService) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (FLCDLOCK) -- c:\Windows\SysWOW64\flcdlock.exe (Hewlett-Packard Company)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (IFXSpMgtSrv) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
SRV - (PersonalSecureDriveService) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe (Infineon Technologies AG)
SRV - (IFXTCS) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe (Infineon Technologies AG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (uArcCapture) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (ArcSoft, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MfeEpePc) -- C:\windows\SysNative\drivers\MfeEpePc.sys (McAfee, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (DAMDrv) -- C:\Windows\SysNative\drivers\DAMDrv64.sys (Hewlett-Packard Company)
DRV:64bit: - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron Technology Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (ARCVCAM) -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys (ArcSoft, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (PersonalSecureDrive) -- C:\Windows\SysNative\drivers\psd.sys (Infineon Technologies AG)
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys (SiSoftware)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011.05.07 06:55:59
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.14 02:53:26
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.09 00:12:12
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.27 20:12:12
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.09 16:48:22
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.27 20:12:12
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.09 16:48:22
[2011.12.25 16:49:13
[2012.07.30 19:41:27
[2012.05.05 03:04:53
[2012.07.18 14:44:31
[2012.02.09 00:12:12
[2012.03.14 02:53:26
[2012.07.30 19:41:27
[2012.02.09 00:06:30
[2012.07.27 20:12:12
[2012.04.09 16:48:19
[2012.06.17 20:14:58
[2012.06.17 20:14:58
[2012.06.17 20:14:58
[2012.06.17 20:14:58
[2012.06.17 20:14:58
[2012.06.17 20:14:58
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - Extension: YouTube = C:\Users\myknox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\myknox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\myknox\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\myknox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\myknox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2009.06.10 23:00:26
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IFXSPMGT] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1748065405-1643717342-2163592131-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.48.124.202 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5DCFC2E-FE3E-4710-9D0F-6CF79A17A853}: DhcpNameServer = 194.107.133.58
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E029BEF5-4D0A-44C8-9293-DFEB86C0724A}: DhcpNameServer = 194.48.124.202 194.48.124.200
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3c776641-750d-11e1-9fd1-081196a893b0}\Shell - "" = AutoRun
O33 - MountPoints2\{3c776641-750d-11e1-9fd1-081196a893b0}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{da217bce-6b84-11e1-b550-081196a893b0}\Shell - "" = AutoRun
O33 - MountPoints2\{da217bce-6b84-11e1-b550-081196a893b0}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f8fc9738-5b1d-11e1-b51b-081196a893b0}\Shell - "" = AutoRun
O33 - MountPoints2\{f8fc9738-5b1d-11e1-b51b-081196a893b0}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{fee0d577-711c-11e1-b06e-081196a893b0}\Shell - "" = AutoRun
O33 - MountPoints2\{fee0d577-711c-11e1-b06e-081196a893b0}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.03 17:39:16
[2012.08.03 17:28:58
[2012.08.03 17:28:48
[2012.08.03 17:28:47
[2012.08.03 17:28:46
[2012.08.03 17:28:46
[2012.08.03 14:44:26
[2012.08.02 04:29:02
[2012.08.01 22:57:21
[2012.08.01 22:57:21
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.28 18:14:07
[2012.07.26 02:11:05
[2012.07.26 01:56:14
[2012.07.26 01:56:14
[2012.07.24 21:07:17
[2012.07.24 21:07:14
[2012.07.24 21:07:11
[2012.07.23 14:47:49
[2012.07.23 14:47:49
[2012.07.23 14:47:49
[2012.07.23 14:47:49
[2012.07.23 14:47:49
[2012.07.23 14:25:37
[2012.07.23 14:25:37
[2012.07.23 14:25:35
[2012.07.23 14:25:11
[2012.07.23 14:25:11
[2012.07.23 14:25:11
[2012.07.23 14:25:11
[2012.07.23 14:24:57
[2012.07.23 14:24:56
[2012.07.23 14:24:56
[2012.07.23 14:24:56
[2012.07.23 14:24:56
[2012.07.23 14:24:22
[2012.07.23 14:24:21
[2012.07.23 14:24:15
[2012.07.23 14:24:08
[2012.07.23 14:24:08
[2012.07.23 14:24:04
[2012.07.23 14:24:04
[2012.07.22 20:59:16
[2012.07.22 20:59:16
[2012.07.21 00:18:27
[2012.07.21 00:01:34
[2012.07.20 23:59:24
[2012.07.20 23:59:24
[2012.07.20 14:51:30
[2012.07.20 14:51:30
[2012.07.20 14:51:16
[2012.07.17 18:38:13
[2012.07.12 03:00:28
[2012.07.12 03:00:28
[2012.07.12 03:00:27
[2012.07.12 03:00:27
[2012.07.12 03:00:26
[2012.07.12 03:00:26
[2012.07.12 03:00:26
[2012.07.12 03:00:26
[2012.07.12 03:00:25
[2012.07.12 03:00:25
[2012.07.12 03:00:25
[2012.07.12 03:00:24
[2012.07.12 03:00:24
[2012.07.11 22:09:58
[2012.07.11 22:09:58
[2012.07.11 22:09:53
[2012.07.11 22:09:51
[2012.07.11 22:09:51
[2012.07.11 16:12:29
[2012.07.11 16:12:22
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.03 17:39:20
[2012.08.03 17:30:00
[2012.08.03 17:28:48
[2012.08.03 17:26:04
[2012.08.03 17:25:34
[2012.08.03 17:10:35
[2012.08.03 17:08:38
[2012.08.03 17:08:38
[2012.08.03 17:08:38
[2012.08.03 17:08:38
[2012.08.03 17:08:38
[2012.08.03 17:04:18
[2012.08.03 14:40:22
[2012.08.03 14:13:33
[2012.08.03 14:13:33
[2012.08.03 14:06:22
[2012.08.03 14:06:17
[2012.08.03 01:30:05
[2012.08.03 01:30:05
[2012.08.02 04:30:52
[2012.08.01 16:28:39
[2012.08.01 16:28:39
[2012.08.01 01:53:20
[2012.07.31 12:00:02
[2012.07.31 04:18:28
[2012.07.31 04:11:22
[2012.07.31 02:57:10
[2012.07.30 04:21:03
[2012.07.26 01:56:15


OTL Extras logfile created on: 03.08.2012 17:40:28 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\myknox\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407
7,95 Gb Total Physical Memory
15,90 Gb Paging File
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C:
Drive C:
Drive E:
Drive F:
Computer Name: MYKNOX-HP
Boot Mode: Normal
Company Name Whitelist: Off
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1748065405-1643717342-2163592131-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0508BCE0-F083-43E5-BCFF-A82A21ED6908}" = lport=137
"{09974AFF-6AAE-4A09-8F02-EAF7A0E8A99B}" = rport=137
"{0B25610B-F25A-434E-9BC0-8F79BCE62C64}" = rport=139
"{11BFE75E-0615-4DE7-B010-687A21BA05D5}" = rport=138
"{15AA491C-7BA8-432D-9640-D2BD914BDFFA}" = lport=139
"{18265822-9C21-47D0-910B-7865EC60BAB5}" = rport=10243
"{19FA9074-1098-46A1-85F4-527478B52473}" = lport=445
"{2C597BAF-BE7A-4ECE-8403-D77B5DB9EF56}" = lport=2177
"{2F908037-22DA-4C66-8B91-BD051A65184F}" = rport=2177
"{2F99B6ED-4DAE-4171-B5DE-8D01E3EE4CAC}" = lport=rpc
"{340851AA-744D-4BC3-A045-CABE39D0885D}" = lport=56907
"{4BEF922A-89FF-4DA0-8D2B-C65B2A91AB76}" = rport=1900
"{56EF4AE5-6D4F-4ED9-96D0-EE85EDA2E35F}" = lport=5355
"{5FE829D9-843B-4670-8444-A5BA11F6C574}" = lport=2869
"{78F10CCF-CEAE-49F3-93B2-F8BEC96E2C2B}" = lport=1900
"{7ABA195A-5E35-4141-A08D-E1824D8DC57D}" = rport=2177
"{809203E3-D5EE-4AAE-B217-070703C74382}" = rport=5355
"{814D5296-D608-4BD1-B9CA-1FC524EF9C5E}" = lport=rpc-epmap
"{87055CCB-494D-46E5-9809-C3C18DFD7368}" = lport=2869
"{92ACF2F3-56BD-4E8C-890F-C95CC10F24DE}" = rport=445
"{96ED433F-B4EE-4D0E-845F-2BA287464A3C}" = lport=138
"{9E2EEBAA-EF59-4498-8D42-7B797630940D}" = lport=56907
"{A66A135E-19B1-4E5D-A052-121A0EE202F2}" = lport=1900
"{AEB3EB91-62C1-4974-8700-91E4F7438700}" = lport=rpc
"{B69AFAA5-CE23-491B-8A71-D623250FA1A2}" = lport=56907
"{BDA2F51D-A97E-4DFA-BC23-5466A77180FF}" = lport=10243
"{DDAF1B6A-D500-4BA9-B00D-2D5D18534D70}" = lport=2177
"{E62A64F4-6125-4921-A0C6-7C43A32D20F6}" = lport=rpc
"{F1C3C70F-1E08-49ED-A540-052669BA5640}" = lport=56907
"{F69DEF2D-1191-4694-96AB-0C72FBDC0B11}" = lport=808
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0482D3C7-0BD9-4701-A808-F962FC2317F1}" = protocol=6
"{09D9F17F-B69B-46FB-8BEF-AAA60B5ECF53}" = protocol=6
"{0C593E82-7C39-4D26-A20A-08B6B77D36D1}" = protocol=17
"{1411959D-D42B-4858-8D3C-14FCB080BF56}" = dir=in
"{16CC2DE6-98F8-4408-A16E-84078ACC67F9}" = protocol=17
"{16DE25F4-49BA-4CE3-913C-89B4DD3BDEB5}" = protocol=1
"{19858006-436E-4625-99E3-5F72D2BAC511}" = protocol=6
"{248ADA00-4934-4AFF-80AB-5ADBFF05CBA1}" = protocol=6
"{27BE67AF-179F-40C3-86CB-B623D2A2BF6B}" = protocol=6
"{29AC8CFC-7137-4E4A-BDEC-6CBD5819FB54}" = protocol=17
"{2E72EF7F-DE3B-4A48-83A4-37FEA4D0F651}" = protocol=17
"{312BD4D9-B65A-4839-AA98-E5429769EB97}" = protocol=17
"{32C90F85-CA84-4A6A-ADB8-216AC9CD8F3C}" = protocol=58
"{33CFDD87-69FE-4F63-AFCF-44B48F07CB64}" = protocol=17
"{39A80EC2-DB40-42BF-B0D9-215541ECB82C}" = protocol=6
"{43B73BCD-07E0-4D66-892B-FE0DBAEFA934}" = protocol=17
"{442DE084-1070-4B33-8682-8B1689B215F0}" = protocol=17
"{4810AE86-121F-44C9-9EF1-CC5C47BA8BDB}" = protocol=58
"{483B968F-A440-4257-B70B-9BE13149A217}" = protocol=17
"{4B8378B6-2105-4C4C-8B19-D3F5FC7321F7}" = protocol=17
"{51BC850A-1755-4414-A39E-6D7AE4DD6C93}" = protocol=6
"{539BD935-8BDC-4D9D-BBD6-A86DA5EDE6E4}" = protocol=6
"{570307BF-1C88-494D-92BD-5EE154E3F712}" = dir=in
"{57E5CA5C-5E47-44B2-9BD4-6E6072A942DE}" = protocol=6
"{5D0F5443-60A7-4A28-BA4F-45F78B2D0807}" = protocol=17
"{5FBA049F-1AD9-43F4-852A-A4A18A2DA374}" = dir=in
"{609C5FA7-FD98-43D6-8511-0A855A453933}" = protocol=6
"{70CD5067-0A36-49EA-8B13-9C8333FFFB0D}" = protocol=17
"{74EED40F-F846-49AC-9567-D938E6A177B9}" = dir=in
"{7687C20F-9CC0-41EB-8F86-EA0747FB3A8A}" = protocol=17
"{7CCEF05B-FDF3-4C16-9305-4DA68DA096B8}" = protocol=17
"{7FDAA1F3-7197-4430-8F82-6C67C42079E4}" = protocol=17
"{88EC382A-C0F6-4622-86E6-7164676302B1}" = dir=in
"{91979D9B-DDAE-4923-9C52-D3BE7B2AFF55}" = protocol=6
"{9499DEA0-C934-4A76-926F-A1CB2A8E455F}" = protocol=17
"{9612C03E-166E-49E0-9AEC-BB2332A05AAB}" = protocol=6
"{A5455084-D144-46C1-B0AD-697D8D61D629}" = protocol=17
"{A5C423FA-091C-45B0-88D9-F30834096998}" = protocol=1
"{A65C97F9-D923-4014-847E-50D7C77A8906}" = protocol=6
"{A7175C86-011D-4419-9DF9-09120A9F526C}" = protocol=17
"{A95865E2-7EEC-4C28-A15E-81A5D74A1483}" = protocol=6
"{B2101234-F2C9-43F1-86AB-02904B2E5C05}" = dir=in
"{B8FE9BB3-2B79-4420-8803-4329C5E75A7E}" = protocol=6
"{B96F67B6-8A03-4783-A3A2-D8E3782BE49A}" = protocol=6
"{C124EA95-C4A9-42B2-A162-4ED2821CBBB3}" = protocol=6
"{C461654F-161D-4361-BBAC-461983CF73CF}" = protocol=6
"{C7AAAB49-F18F-40AD-83FF-C7C6FFBEA818}" = protocol=17
"{C806E49C-73DB-49A5-9713-97C6C5FD270F}" = protocol=6
"{CE0336AB-F96A-4A83-B87F-0E27CE576869}" = protocol=17
"{D249E28A-46E5-4B77-B03B-570D0175F250}" = protocol=6
"{E1775464-4823-4906-A4F8-8DE250B71CCD}" = protocol=6
"{ED94BF19-00E3-4071-BD3E-00D85252DECF}" = protocol=1
"{F38811C7-0561-4260-ABF8-519834A4D7D1}" = protocol=17
"{F96C27CC-B8F9-4F71-AB6B-D593C847BD49}" = protocol=17
"{FC574FC7-5E68-423F-9B02-A190B4EF42B5}" = protocol=1
"{FC88B861-353D-4D57-B1FD-251CDDA7EB04}" = protocol=17
"{FDED67B3-8921-4AC9-A95F-F99E786704EC}" = protocol=6
"TCP Query User{5DDD3080-463B-4793-BEE6-7A7F91319B3D}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6
"TCP Query User{66437B20-0D46-4A06-BECC-482C66CBF962}D:\world_of_tanks\worldoftanks.exe" = protocol=6
"TCP Query User{761E54A4-956C-410B-8DA5-1DA78C99E3D6}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6
"TCP Query User{78FCBC29-781D-45BD-808F-93B59D521DED}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6
"TCP Query User{7B3C1E64-66F1-4647-A9FC-3CA0EF82D225}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6
"TCP Query User{89023705-C203-4B21-985C-FD4855D8037D}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6
"TCP Query User{8F9E96EC-2241-4E0D-B87E-47DF26D025AF}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6
"TCP Query User{9C56889D-6B68-49BE-931C-6CBAA7BC6FAF}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6
"TCP Query User{AA5D64FA-A916-4640-AE31-A78371FA12C5}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=6
"TCP Query User{E7DCF7FE-152A-4D19-8D86-A1FC47AEF258}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6
"UDP Query User{08A0C7FD-B700-43DD-AAC8-69AC9D8DE764}D:\world_of_tanks\worldoftanks.exe" = protocol=17
"UDP Query User{1C1EB6E8-3738-41EE-B41C-44E359D900BA}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17
"UDP Query User{1D982762-5871-4675-878D-E1877814795D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17
"UDP Query User{33E03CA1-05FF-4B5F-9F6A-9B005AE704DD}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17
"UDP Query User{41978C27-00D4-4ADC-8E6D-4A422E10BFAA}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17
"UDP Query User{6CDB689A-DA56-4DAD-82D9-D2677E546F7C}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17
"UDP Query User{74594F0D-92DC-455D-BF3C-7AF61065DC82}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17
"UDP Query User{DA3D429E-2BED-4A35-8A7F-3EA6C80E9EAA}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17
"UDP Query User{E142BCF3-B590-4195-8957-9B7C9797EE85}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=17
"UDP Query User{E47AE31E-AABB-4AC4-9F61-61B7C31F7A81}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{50928788-ED14-4B45-97FF-EC3C4EC7BBC1}" = HP 3D DriveGuard
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}" = Validity Fingerprint Sensor Driver
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2012.SP1
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CF9ACC81-C8C3-4BD1-BD1F-FE13CF344E20}" = HP Power Assistant
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D856C86A-6D49-4A32-BBC2-54714EAF2CA0}" = HP ProtectTools Security Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F19F75-2802-4E60-B04B-B7151BBEE53F}" = HP HotKey Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.0
"HPProtectTools" = HP ProtectTools Security Manager
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020C4F3D-DCEA-4E4F-9921-CCE666B2C0CD}" = DayZ Commander
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}" = HP SoftPaq Download Manager
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B21E4B2-89B8-499D-803A-34ABF929401E}" = HP Connection Manager
"{52B18ABC-AD5F-4C3C-B391-04F57B380449}" = HP Client Automation Agent Preload
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72CD20B8-55F3-4B4F-A44F-E381232E84ED}" = HP QuickWeb
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86790597-5E41-47AF-A6E4-6295D0C21B8B}" = A1 Dashboard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{93139A49-0360-4718-8B93-C1F9EB12E3D8}" = Roxio Secure Burn
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{954079D6-28E0-417D-AC43-F728E3CB7CE5}" = HP System Default Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}" = Roxio MyDVD Business 2010
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}" = HP Software Framework
"{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}" = Roxio MyDVD Business 2010
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BEFDCF8F-BA60-4AF8-9588-4B63A91FF43F}" = XSplit
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFCB119B-6A71-489F-A81A-61627969D35C}" = HP ESU for Microsoft Windows 7
"{F24F876B-7D71-4BD6-88E9-614D3BB84216}" = Alcor Micro Smart Card Reader Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"A1 Dashboard" = A1 Dashboard
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"PokerStars" = PokerStars
"PrecisionX" = EVGA Precision X 3.0.2
"PunkBusterSvc" = PunkBuster Services
"Steam App 209870" = Blacklight: Retribution
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"SZCCID" = Alcor Micro Smart Card Reader Driver
"VIP Access SDK" = VIP Access SDK (1.0.0.55)
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2012 19:20:48
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.208,
Zeitstempel: 0x500975a9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x7508c9f1 ID des fehlerhaften
Prozesses: 0x11fc Startzeit der fehlerhaften Anwendung: 0x01cd6929c9b7ff0f Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 087dfcf7-d51d-11e1-b00a-101f74f7c480
Error - 24.07.2012 10:21:01
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x1b50 Startzeit der fehlerhaften Anwendung: 0x01cd69a78cb78f95 Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: cac18dbc-d59a-11e1-84e5-101f74f7c480
Error - 24.07.2012 10:21:13
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0xffffffff ID des fehlerhaften
Prozesses: 0x13b8 Startzeit der fehlerhaften Anwendung: 0x01cd69a794451cd5 Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: d227e359-d59a-11e1-84e5-101f74f7c480
Error - 24.07.2012 10:21:22
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x748fc9f1 ID des fehlerhaften
Prozesses: 0x708 Startzeit der fehlerhaften Anwendung: 0x01cd69a79a04e832 Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: d7c5ce57-d59a-11e1-84e5-101f74f7c480
Error - 24.07.2012 14:04:33
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74d9c9f1 ID des fehlerhaften
Prozesses: 0x7a8 Startzeit der fehlerhaften Anwendung: 0x01cd69c6c7554b5e Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 052721b3-d5ba-11e1-9002-001e101f21c1
Error - 24.07.2012 14:05:27
Description = Programm GUID_SCDS.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ea0 Startzeit:
01cd69c6cb3af89a Endzeit: 2 Anwendungspfad: C:\Users\myknox\Desktop\SCDS-Runtime\GUID_SCDS.exe
Berichts-ID:
21a259c6-d5ba-11e1-9002-001e101f21c1
Error - 24.07.2012 14:05:54
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x1868 Startzeit der fehlerhaften Anwendung: 0x01cd69c6f7741d3e Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 355053fa-d5ba-11e1-9002-001e101f21c1
Error - 24.07.2012 14:06:08
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74d9c9f1 ID des fehlerhaften
Prozesses: 0xe4c Startzeit der fehlerhaften Anwendung: 0x01cd69c6ffe72bda Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 3da7c3de-d5ba-11e1-9002-001e101f21c1
Error - 24.07.2012 14:06:17
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74d9c9f1 ID des fehlerhaften
Prozesses: 0xec8 Startzeit der fehlerhaften Anwendung: 0x01cd69c70579f31f Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 433c38d9-d5ba-11e1-9002-001e101f21c1
Error - 24.07.2012 14:06:42
Description = Name der fehlerhaften Anwendung: ArmA2OA.exe, Version: 1.62.95.248,
Zeitstempel: 0x500d59cb Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74d9c9f1 ID des fehlerhaften
Prozesses: 0x1de4 Startzeit der fehlerhaften Anwendung: 0x01cd69c71427a434 Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\arma 2 operation
arrowhead\ArmA2OA.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 51e9c2de-d5ba-11e1-9002-001e101f21c1
[ HP Connection Manager Events ]
Error - 01.04.2012 11:45:12
Description = 2012.04.01 17:45:12.885
Daten sind unzulässig. (Ausnahme von HRESULT: 0x8007000D)
Error - 05.06.2012 15:34:59
Description = 2012.06.05 21:34:59.284
Daten sind unzulässig. (Ausnahme von HRESULT: 0x8007000D)
Error - 17.06.2012 14:42:15
Description = 2012/06/17 20:42:15.907
failed [hr:0x800706BA]
Error - 19.06.2012 07:49:53



mfg
myknox

Alt 03.08.2012, 17:15   #2
markusg
/// Malware-holic
 
Phising problem, provider sperrt internetzugang aufgrund von webhoast - Standard

Phising problem, provider sperrt internetzugang aufgrund von webhoast


hi
1. das otl log sieht unvollständig aus, da fehlen bei den ordnern und dateien in einigen abschnitten die namen.
2. öffne malwarebytes, berichte, poste alle logs
2. öffne avast, poste die fundmeldungen, bzw die dateinamen und pfade + fundmeldungen aus der quarantäne.
3. neues otl log:
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Antwort

Themen zu Phising problem, provider sperrt internetzugang aufgrund von webhoast
antivirus, autorun, battle.net, bho, bonjour, error, failed, firefox, flash player, google, helper, hijack, hijackthis, install.exe, logfile, mozilla, pando media booster, phishing, phising, plug-in, problem, programm, registry, scan, security, software, svchost.exe, teamspeak, usb, usb 3.0, windows


« 14 Funde bei AntiVir nach erscheinen des JAVA Logos (EXP/2008-5353.AR,EXP/CVE-2011-3544.CF) | Bundestrojaner, der auch im abgesicherten Modus startet »


Ähnliche Themen: Phising problem, provider sperrt internetzugang aufgrund von webhoast


  1. Netzwerk infiziert - ISP sperrt Internetzugang
    Plagegeister aller Art und deren Bekämpfung - 03.10.2015 (6)
  2. Phising Mail - Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (14)
  3. Provider sperrt Internetzugang nach Spamversand (Befall unter Win7 Home Prem x64?)
    Plagegeister aller Art und deren Bekämpfung - 04.07.2014 (15)
  4. VoIP-Provider Sipload sperrt Auslandsgespräche
    Nachrichten - 19.06.2014 (0)
  5. paypal phising
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (3)
  6. Phising-Page bei Onlinebanking in FF + Trojan
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (5)
  7. Fedex Phising Link gedrückt..
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (1)
  8. Paypal Phising Mail ?
    Diskussionsforum - 20.05.2013 (6)
  9. phising mail
    Log-Analyse und Auswertung - 13.02.2013 (1)
  10. PAYPAL - PHISING - TR/LOCKSCREEN.BC und co
    Log-Analyse und Auswertung - 23.01.2013 (10)
  11. Microsoft Security Essentials sperrt meinen Laptop aufgrund von Virenfunden.
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  12. Google.de nicht erreichbar - andere Seiten sehr langsam - andere normal DNS-Provider Problem oder Trojaner?
    Log-Analyse und Auswertung - 05.09.2012 (2)
  13. Viren-Problem aufgrund von Softwaredownload
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (10)
  14. Bundespolizei Trojaner sperrt meinen Internetzugang!
    Log-Analyse und Auswertung - 11.07.2012 (17)
  15. problem mit virus, der computer sperrt und 50€ will,,,
    Log-Analyse und Auswertung - 02.02.2012 (22)
  16. Problem mit Router bzw. Internetzugang
    Netzwerk und Hardware - 13.09.2010 (2)
  17. Kein Internetzugang, bei Firewall wird ein Problem festgestellt
    Antiviren-, Firewall- und andere Schutzprogramme - 31.03.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Phising problem, provider sperrt internetzugang aufgrund von webhoast - > > Es wurden vermutlich Sicherheitslücken ausgenutzt, die dem > > Angreifer die Möglichkeit gegeben haben, eine Phishing Seite auf Ihre > > Webseite zu kopieren. wurde mir zugesandt, und - Phising problem, provider sperrt internetzugang aufgrund von webhoast...
Archiv
Du betrachtest: Phising problem, provider sperrt internetzugang aufgrund von webhoast auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131