![]() |
Plagegeister aller Art und deren Bekämpfung: Internet lahmt gewaltigWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
| ![]() Internet lahmt gewaltig Hallo, ich habe das Problem, dass mein Internet seit einigen Tagen laggt ohne Ende. Ich habe nach einer Lösung gesucht und bin im Netz auf eure Seite gestoßen. Hier haben einige ein ähnliches Problem gepostet. Getreu der beschriebenen Vorgehensweise habe ich Malwarebytes drüber laufen lassen und siehe da, 18 Funde. Ich poste mal die Log File: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Database version: v2012.12.07.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Max :: REEFER-MADNESS [administrator] 07.12.2012 18:55:09 mbam-log-2012-12-07 (22-28-05).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 519260 Time elapsed: 3 hour(s), 32 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 15 HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken. HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> No action taken. HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> No action taken. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> No action taken. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken. HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken. HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> No action taken. HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken. Registry Values Detected: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: VShareTB -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> No action taken. (end) Hier sind noch die Defogger, OTL und GMER Logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff ( Log created at 08:26 on 08/12/2012 (Max) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=- OTL Logfile: Code:
ATTFilter OTL logfile created on: 08.12.2012 08:45:34 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Max\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 69,75% Memory free 7,18 Gb Paging File | 6,25 Gb Available in Paging File | 87,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,92 Gb Total Space | 25,21 Gb Free Space | 8,76% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,13 Gb Free Space | 51,30% Space Free | Partition Type: NTFS Computer Name: REEFER-MADNESS | User Name: Max | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.08 08:24:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.03.31 03:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012.03.31 03:38:14 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2011.09.08 18:30:10 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011.09.08 18:29:46 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011.07.21 00:58:57 | 000,468,432 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.02.27 15:26:12 | 000,296,400 | ---- | M] () -- C:\Program Files\3DataManager\WTGService.exe PRC - [2008.06.30 11:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe PRC - [2008.06.30 11:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2008.06.30 11:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2008.06.30 11:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2008.06.25 12:56:30 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe PRC - [2008.06.25 12:56:24 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe PRC - [2008.06.05 14:26:36 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008.06.05 14:26:36 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.05.02 13:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.10.03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe ========== Modules (No Company Name) ========== MOD - [2012.11.29 19:10:39 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\7584733b0bfcbe669ea38a81b914a83a\System.Management.ni.dll MOD - [2012.11.29 19:09:01 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f6525d01b5cfcafeea3997aafc54d5d1\System.Runtime.Remoting.ni.dll MOD - [2012.11.29 19:08:53 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\739c5209c3538b3457c2f8f9ad196cbb\System.Xaml.ni.dll MOD - [2012.11.29 18:50:22 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll MOD - [2012.11.29 18:50:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll MOD - [2012.11.28 20:59:52 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll MOD - [2012.11.28 20:59:23 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll MOD - [2012.11.27 21:25:08 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\960b6130c64f21d8f5d8d3eb183ae660\PresentationFramework.ni.dll MOD - [2012.11.27 21:24:24 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6053166746abce42f4c4432e0ec54fc7\PresentationCore.ni.dll MOD - [2012.11.27 21:23:53 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\947466e2a04c48c43a8b255eb236ba71\WindowsBase.ni.dll MOD - [2012.11.27 21:23:42 | 000,311,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\06984f22adf8d7422b9262f7ba3437c5\PresentationFramework.Classic.ni.dll MOD - [2012.11.27 21:14:05 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9d1f9ff307e93bb9929b2b11661623cb\System.Core.ni.dll MOD - [2012.11.27 21:14:04 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ff1ceec110e2983a75c2c21f50274ac2\System.Windows.Forms.ni.dll MOD - [2012.11.27 21:13:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e46c644e0ef0456434b32f3e91b56424\System.Xml.ni.dll MOD - [2012.11.27 21:13:34 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\20ce3ca371acfbe996c6a21b5469992d\System.Drawing.ni.dll MOD - [2012.11.27 21:13:29 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\aaf8a137263c899815f0acff07eb1562\System.ni.dll MOD - [2012.11.27 21:13:09 | 014,417,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\031abbfbd476fdc0c392160b67f2c662\mscorlib.ni.dll MOD - [2012.04.16 19:41:34 | 000,115,137 | ---- | M] () -- C:\Users\Max\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll MOD - [2012.03.31 03:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008.08.05 13:16:20 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll MOD - [2008.06.05 14:19:56 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter) SRV - [2012.12.07 14:22:49 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.29 10:35:36 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.09.08 18:29:46 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.07.21 00:58:57 | 000,468,432 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.02.27 15:26:12 | 000,296,400 | ---- | M] () [Auto | Running] -- C:\Program Files\3DataManager\WTGService.exe -- (WTGService) SRV - [2008.10.09 09:04:01 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008.06.25 12:56:30 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -- (STacSV) SRV - [2008.06.25 12:56:24 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -- (AESTFilters) SRV - [2008.05.02 13:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012.02.23 13:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2011.12.08 05:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011.12.08 05:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011.12.08 05:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011.12.08 05:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011.12.08 05:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011.09.08 19:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2011.09.08 19:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2011.09.08 19:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.09.08 17:52:20 | 000,248,832 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.07.21 00:49:59 | 000,023,464 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva) DRV - [2011.07.21 00:49:33 | 000,046,480 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsmux.sys -- (acsmux) DRV - [2011.07.21 00:49:33 | 000,036,624 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsint.sys -- (acsint) DRV - [2010.11.18 01:36:02 | 000,021,744 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc.pkms -- (PCDSRVC{E9D79540-57D5953E-06020101}_0) DRV - [2010.01.12 13:54:49 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010.01.12 13:54:32 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.03.25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009.03.25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) DRV - [2009.03.25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) DRV - [2009.03.25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009.03.25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) DRV - [2009.03.25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) DRV - [2009.03.25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009.03.08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid) DRV - [2009.03.06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd) DRV - [2009.02.20 16:27:08 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2009.02.20 16:27:06 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2008.08.05 13:16:06 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2008.06.30 11:28:10 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.06.25 12:56:36 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.03.14 13:46:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2008.03.13 12:41:12 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) DRV - [2008.03.13 12:34:40 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2008.03.13 12:34:38 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008.03.13 12:34:36 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008.01.21 03:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2007.10.12 01:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007.10.12 00:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) DRV - [2007.01.15 16:57:08 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV - [2006.11.10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com/ [binary data] IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_US IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS_enAT299 IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D: FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D: FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7B8AA36F4F-6DC7-4c06-77AF-5035170634FE%7D:2012.02.14 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru: FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru: FF - prefs.js..network.proxy.autoconfig_url: "chrome://viewtubes/content/viewtubes_false.pac" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\3-addons\addon [2010.04.07 14:16:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.07 15:07:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.03.02 12:14:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 14:22:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.07 14:22:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.02 14:35:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.02 14:35:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 14:22:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.07 14:22:12 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.02 14:35:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.02 14:35:37 | 000,000,000 | ---D | M] [2010.01.11 18:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions [2010.01.11 18:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.11.23 19:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\pwmc4br3.default\extensions [2012.06.14 20:03:40 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\pwmc4br3.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2010.04.27 12:02:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\pwmc4br3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.12.14 23:44:15 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\pwmc4br3.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(38) [2010.09.11 15:00:02 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\pwmc4br3.default\extensions\firefox@tvunetworks.com [2012.09.01 10:36:38 | 000,012,042 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\extensions\FF_AddOn@viewtubes.de.xpi [2012.11.22 19:15:11 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.23 19:10:18 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.09.13 20:30:06 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2010.08.15 16:18:50 | 000,002,253 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\searchplugins\askcom.xml [2011.03.29 15:47:53 | 000,002,059 | ---- | M] () -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pwmc4br3.default\searchplugins\daemon-search.xml [2012.12.07 14:22:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.12.07 14:22:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.12.07 14:22:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2012.12.07 14:22:04 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2012.12.07 15:07:46 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.03.02 12:14:43 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX [2012.12.07 14:22:50 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2012.06.22 14:49:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 23:22:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.22 14:49:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.22 14:49:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.22 14:49:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.22 14:49:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: localhost O1 - Hosts: ::1 localhost O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\Run: [Samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe /NoDialog File not found O4 - HKU\S-1-5-18..\Run: [Samsung.PCSync] C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe /NoDialog File not found O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A1B4E92-08AF-4202-A5F2-80DD98E9CA56}: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A1B4E92-08AF-4202-A5F2-80DD98E9CA56}: NameServer =, O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3749CED4-D864-4208-841C-494C6466ECE8}: NameServer =, O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\Windows\System32\dpmodemx32.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2312d9cf-9bf9-11df-9c2b-d63c14fc9c5a}\Shell - "" = AutoRun O33 - MountPoints2\{2312d9cf-9bf9-11df-9c2b-d63c14fc9c5a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{3495be03-a007-11df-a6d5-d00d6b6f4b7b}\Shell - "" = AutoRun O33 - MountPoints2\{3495be03-a007-11df-a6d5-d00d6b6f4b7b}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{3495be26-a007-11df-a6d5-aa14cde41417}\Shell - "" = AutoRun O33 - MountPoints2\{3495be26-a007-11df-a6d5-aa14cde41417}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{48926993-9d0b-11df-82ec-ddba8c174639}\Shell - "" = AutoRun O33 - MountPoints2\{48926993-9d0b-11df-82ec-ddba8c174639}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{9708ad85-6a12-11df-b08d-8a61a6c8c63d}\Shell - "" = AutoRun O33 - MountPoints2\{9708ad85-6a12-11df-b08d-8a61a6c8c63d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{a49d164b-936e-11df-bc3e-83ff5b3254cc}\Shell - "" = AutoRun O33 - MountPoints2\{a49d164b-936e-11df-bc3e-83ff5b3254cc}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{d27701fc-a2d0-11df-a9ce-c5aa243f9486}\Shell - "" = AutoRun O33 - MountPoints2\{d27701fc-a2d0-11df-a9ce-c5aa243f9486}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{d6eaa544-9d70-11df-8eb1-862f93e29b08}\Shell - "" = AutoRun O33 - MountPoints2\{d6eaa544-9d70-11df-8eb1-862f93e29b08}\Shell\AutoRun\command - "" = H:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{daa3d6de-5a18-11e0-b6c0-857f70439a41}\Shell - "" = AutoRun O33 - MountPoints2\{daa3d6de-5a18-11e0-b6c0-857f70439a41}\Shell\AutoRun\command - "" = F:\INSTALL.EXE O33 - MountPoints2\{ed865173-4239-11df-874a-8641b0fd134a}\Shell - "" = AutoRun O33 - MountPoints2\{ed865173-4239-11df-874a-8641b0fd134a}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1 O33 - MountPoints2\{fa5f70be-424a-11df-84d2-d0b4abb97a2d}\Shell - "" = AutoRun O33 - MountPoints2\{fa5f70be-424a-11df-84d2-d0b4abb97a2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.12.08 08:23:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe [2012.12.07 15:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.12.07 15:20:02 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.07 15:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.12.07 14:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.12.02 14:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.11.27 21:09:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi ========== Files - Modified Within 30 Days ========== [2012.12.08 08:40:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.08 08:40:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.08 08:40:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.08 08:40:11 | 353,303,923 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.12.08 08:28:00 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.12.08 08:27:25 | 000,000,020 | ---- | M] () -- C:\Users\Max\defogger_reenable [2012.12.08 08:24:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe [2012.12.08 08:23:05 | 000,302,592 | ---- | M] () -- C:\Users\Max\Desktop\fxfvptv8.exe [2012.12.08 08:11:07 | 000,050,477 | ---- | M] () -- C:\Users\Max\Desktop\Defogger.exe [2012.12.07 15:29:34 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.12.07 15:07:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.12.07 15:07:47 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job [2012.11.30 00:25:04 | 001,255,755 | ---- | M] () -- C:\Users\Max\Desktop\Letter of Recommendation_Hämmerle.pdf [2012.11.28 20:55:14 | 000,382,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.11.27 21:22:32 | 000,629,066 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.27 21:22:32 | 000,596,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.27 21:22:32 | 000,126,794 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.27 21:22:32 | 000,104,376 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.24 14:15:55 | 000,100,352 | ---- | M] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2012.12.08 08:26:47 | 000,000,020 | ---- | C] () -- C:\Users\Max\defogger_reenable [2012.12.08 08:22:52 | 000,302,592 | ---- | C] () -- C:\Users\Max\Desktop\fxfvptv8.exe [2012.12.08 08:11:06 | 000,050,477 | ---- | C] () -- C:\Users\Max\Desktop\Defogger.exe [2012.12.07 15:20:07 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.30 00:25:04 | 001,255,755 | ---- | C] () -- C:\Users\Max\Desktop\Letter of Recommendation_Hämmerle.pdf [2012.11.28 21:04:23 | 001,629,075 | ---- | C] () -- C:\Users\Max\Desktop\StreamTorrent10Build0078.exe [2012.04.05 21:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012.01.31 00:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.01.31 00:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.01.31 00:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.01.31 00:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.01.31 00:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011.11.10 14:21:26 | 000,000,107 | ---- | C] () -- C:\Users\Max\IsisGUI.properties [2011.09.08 17:51:22 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2011.08.26 15:34:14 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.06.07 22:15:12 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2010.06.13 10:59:45 | 000,000,680 | ---- | C] () -- C:\Users\Max\AppData\Local\d3d9caps.dat [2010.06.06 13:22:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.02.27 18:58:02 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.01.16 14:04:39 | 000,000,036 | ---- | C] () -- C:\Users\Max\AppData\Local\housecall.guid.cache [2010.01.11 21:22:44 | 000,000,856 | ---- | C] () -- C:\Users\Max\Bilder.lnk [2010.01.11 18:46:48 | 000,000,000 | ---- | C] () -- C:\Users\Max\AppData\Roaming\wklnhst.dat [2010.01.11 13:51:07 | 000,100,352 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.10 22:27:23 | 000,000,000 | ---- | C] () -- C:\ProgramData\Hybrid Morph [2010.01.10 22:16:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\Hybrid Basic [2009.04.15 18:36:12 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT [2009.04.15 17:59:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT [2002.08.13 16:04:12 | 000,217,088 | R--- | C] () -- C:\Users\Max\AppData\Roaming\MafiaSetup.exe ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.04.11 19:40:42 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\3DataManager [2011.03.29 16:44:46 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DAEMON Tools Lite [2012.12.08 08:44:19 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Dropbox [2011.09.09 22:14:14 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DVDVideoSoft [2011.09.09 22:13:41 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DVDVideoSoftIEHelpers [2012.11.29 19:02:16 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\EndNote [2010.11.16 22:26:37 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Fit3DLive [2012.03.26 18:51:48 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\MyPhoneExplorer [2010.11.20 19:47:17 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\PCDr [2010.04.07 14:16:39 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Program Files [2012.04.23 09:43:42 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Samsung [2011.01.20 15:50:47 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Scientific Software [2010.04.17 20:51:21 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Sony [2010.04.17 20:47:21 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Sony Setup [2012.06.14 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\StreamTorrent [2012.03.05 19:28:52 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Swiss Academic Software [2012.04.23 10:39:31 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Temp [2010.01.11 18:46:50 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Template [2011.03.29 19:04:02 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\The Creative Assembly [2010.01.11 18:14:55 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Thunderbird [2012.03.05 09:56:46 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Tropico 3 ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report > OTL Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.12.2012 08:45:34 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Max\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 69,75% Memory free 7,18 Gb Paging File | 6,25 Gb Available in Paging File | 87,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,92 Gb Total Space | 25,21 Gb Free Space | 8,76% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,13 Gb Free Space | 51,30% Space Free | Partition Type: NTFS Computer Name: REEFER-MADNESS | User Name: Max | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1804970119-3248830115-2987160562-1001] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CBC7D85-0DAF-49C5-84EE-B943BCC2879A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{0D0E7244-8783-48F1-85DC-E69FD5C97AE2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{16ABF5B2-C927-4121-B62E-94D4317A0C07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1EC4BD65-46D6-4E1C-8EC3-008BEE727EA9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{49BEFA57-6D94-4B8B-AB81-2A28CC6AF82A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{78DEABE6-8C05-4193-994C-3BAE1B359D87}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9278CB5D-F4F2-412E-9A2F-497D4159C9A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{9B069BB4-A2C2-40E0-8BB4-7E480B6F1F9E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{AC6C0621-99B2-46EF-98CA-4E2DB3E17675}" = lport=2869 | protocol=6 | dir=in | app=system | "{D21452D4-55C8-458B-BA75-3C556E7D0A6A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FD685B88-001C-4983-B2AF-F6EBA1CF5CDF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{001E35F4-049B-4948-A1DE-2D5DC77CD160}" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | "{01C7675C-EF82-4F06-9048-102E0940017A}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | "{0672FF66-4AA5-44E7-B701-F9917F96D430}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe | "{077AE5F5-E8B7-43FE-A582-819941F1499D}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{07A75384-D5BD-4E06-BCEA-13E24C6CFC59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{0B82E29A-9CAB-453B-A76E-49B01DB260DE}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2011\pes2011.exe | "{0D08A6FA-A00A-4C3E-81E3-815B5A1A4CFF}" = dir=in | app=c:\program files\itunes\itunes.exe | "{16C3185D-4454-4376-8270-F066275E6121}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | "{20A42999-51A3-44A1-A2B9-90F4B139F94C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | "{21E09215-2745-4A28-A51D-A214D438026F}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{239CE37F-04CA-49F6-92D3-E777E45D29C8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | "{25DD0F1B-6635-4EF2-BFE9-7ADF06019C83}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{26636BEB-3704-4CE6-9381-23C4FDB99212}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{3B0CE6C3-99E3-4ED6-B45E-E5B9A5439333}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe | "{419FA8AC-A743-4907-89D8-FB65AFE26CF0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{501B02F3-A233-4BBF-BFE0-7F88E197FC67}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{50D59853-F2BF-4FC8-BB9A-295AA32D67F0}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{58FD4D09-2F0F-4210-BD2D-52EBEA7F41FE}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | "{5944479C-4AAC-4E70-AE26-A5FF5C256A19}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{5A2B3044-E093-4D41-986F-86B34D79E92A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{5E3B5CF7-57D2-4AE3-95F0-BED1F701B8E6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{63F0AF3E-9AED-414D-8017-8BD53FF13BAB}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | "{6F6438A2-0CCA-4C47-81EC-F4F8E1EF1F4F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{7052427A-9B8F-4AF4-A247-E6AF960FFE28}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{72F38450-29D9-4F34-AE4B-7E2F5DE0AC62}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2011\pes2011.exe | "{77056730-AEBB-416E-9AF2-3BE36A37A29B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{793E5BF4-6AEE-4410-AD1F-17B538CDA6CE}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{7DEF1371-F425-4A8F-8398-D86E67A6F089}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2011\pes2011.exe | "{7E0AD7C6-3473-43F0-BABC-33E8F182C87E}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "{81F277F1-953C-4241-BBCD-444EB0792945}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{82868E4B-D8C4-41A8-ADD6-F5A00B3B5406}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | "{8552CB4A-EFCC-4D3C-B06F-CDA16FF78741}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | "{87A09FF1-435E-4694-88A5-BC9205702DFC}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "{884C2DA5-A6AA-4A35-8DBD-42A6B24C94AE}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "{8CDE39B6-8E7C-44E0-9358-4D3AF5A18EA4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow- | "{8D9F9C80-8723-401A-A14A-29E2168E854E}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | "{98D8E1E5-33C7-4091-9A9E-BAD224AA9C1C}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | "{9A707782-C8DF-4FC9-A9B7-671C952AC9EF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | "{9CE4729B-2A61-483C-B967-91FC5B03507A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{9EB37FDF-807E-4F69-9DDF-AE50FEF602F7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A145ADBE-EB18-4BF3-A8CF-D43247607F08}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | "{AEFE36D6-7A81-477A-AA34-D67E663B8206}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | "{B1A9A377-7A51-4ED2-8B5F-E8B2C859F879}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | "{B21886C1-0698-46FC-9A1F-D7241874C5C3}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "{B2C0BBA1-F5A9-4A76-81A4-835B2FB8C93B}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2011\pes2011.exe | "{B30AEAB0-4CBE-4516-A39D-F333387DA175}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{B3576126-9EB8-4736-B277-F5C749DA47D1}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe | "{B7071792-6DBC-4922-A27B-7BAF2E54AFAD}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{B9828B19-ED4C-4683-8AA7-CC6DFFC9943E}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires online\spartan.exe | "{B9D5B5EE-DEDF-4E7E-8C0F-2D2BBD55B00D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{BAA1BB0E-96E8-4C45-980C-AF566A9947EA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{BC03D6EE-37BF-4FC7-B481-381924D530EE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | "{BCA987E0-A376-4A62-B7FE-45F85CC017B9}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow- | "{BFE97BF7-2112-4F8C-A2F1-884DDCC81C4C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{C041E5CB-ED31-4917-BF00-8D9643C4A343}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{C41C58AB-07C3-4AE2-BD49-FBFC4BF88ECB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C428A8B5-4892-4D43-8793-839A6285FC85}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | "{C77DB4FC-1E62-43DE-AFA3-88AA77EF9394}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe | "{D038CFE2-B906-4136-B8FD-540847E1B061}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires online\spartan.exe | "{D0B3008C-34E9-4AF0-BFFC-6E9257573FCF}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe | "{D213C73D-A89B-4731-B2E1-DE82C14F2DA5}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | "{D22DD960-5345-4571-A6FF-1E28D4E65D4D}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{D2622BA5-02D5-4AFF-B1F0-882174851546}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe | "{D2D21DBE-323F-41B7-92B8-F178C8C77D32}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{D46CCB93-820A-494D-A58B-90F63C1CB01F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | "{D5CFD57C-4394-476A-B4B8-F7A5A9F21850}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe | "{D8DD13B0-7287-496A-891D-74AB62A1C96A}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{D9C00069-737C-435E-9C1D-2E677C57A4D3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{D9F412A8-6716-45C8-80CF-30D347E54B4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{E50F60A9-F6E2-42FA-A671-CE12D335F25F}" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | "{EDA850A9-EC12-4C3E-940F-FA215FAC8373}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{F01DA1C8-EBFA-44EB-84AF-6F2F7A37EE46}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F115B5C5-FDDF-4564-9E6B-217665026F0D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{FBE21499-390D-4612-949D-DA5E839B8F69}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe | "{FDFAC112-8906-4356-BE75-AD409C18350E}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | "TCP Query User{0CC22A31-52D2-4DD7-9F18-60DA027D2C09}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{0D0452C6-B5CE-4745-B67A-66A6A6199E4C}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "TCP Query User{1954CCC2-5B55-48B2-916F-771EE6015887}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{3105A65A-5DBD-4806-A7C8-6726A99E1CE0}C:\Program Files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{3E8F0ED9-C7B4-4AA8-BA77-D7D7B526D2AE}C:\program files\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | "TCP Query User{415C1364-52FD-47ED-8956-715D7BF9F8FD}C:\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\blablabla\launcher.exe" = protocol=6 | dir=in | app=c:\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\blablabla\launcher.exe | "TCP Query User{42551814-1818-48D9-9067-763DD8C0D43B}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe | "TCP Query User{49738064-3534-488A-8EBE-1934CB690DC4}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "TCP Query User{5722A065-7F13-44D9-B731-0654EFDB893E}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{615BC6BB-EF43-46D4-881F-915D003AD4F2}C:\users\max\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{71B16E8F-8F25-4092-9C8A-2A50A6E1CE5B}C:\program files\microsoft games\age of empires iii\age3y.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "TCP Query User{AC71309C-6442-423F-A207-E4C6EA9163B0}C:\users\anna\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\anna\desktop\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{AF0234FD-31B8-4F00-8D48-134E100CE20B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{B2D79B6A-B006-46F5-9AF0-8E414B4DE5BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{BE0A0D26-B341-427B-94EC-78312996B4C6}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{C3425780-91BC-4423-88B9-032AF0E05750}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{DF6D31C2-0EB1-4C7F-BE1D-60AB7329284C}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "TCP Query User{EE1BBD82-7D48-4F57-B210-957734F8C56C}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{EEB4F64C-D5CF-4348-A7FE-E6D98647F1C3}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{1065E5B4-3C88-49F3-8112-D9A179E0B3BE}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{14312463-80AB-4A7E-8F5C-7397799AF84F}C:\users\max\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{300E86B5-4F7E-44C2-8C62-0CA227E57294}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe | "UDP Query User{34E3AA17-5526-41F7-B970-5148D510212C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{456553E7-6931-4CC7-AB58-22286184AD6E}C:\Program Files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{56C70AD1-2D20-4219-A49B-A62F193768DE}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "UDP Query User{61808204-6A37-48D9-9DD2-479AC4F1BCFB}C:\program files\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | "UDP Query User{801083FC-9023-4DF1-9A4D-5B2D859A89DE}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "UDP Query User{972559C1-FEC4-469D-995B-14B80DF2BED7}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "UDP Query User{9901C02A-671F-433B-B973-72B03427BA71}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{9CC54991-476F-4E19-B5D3-84B3D7CFD0B8}C:\users\anna\desktop\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\anna\desktop\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{9E7CA860-ED47-4D8D-9D74-6916B6E72583}C:\program files\microsoft games\age of empires iii\age3y.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe | "UDP Query User{A0C1C5EB-DFE6-4585-ADF7-FC32A126296F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{A796FDA0-629C-44D6-A2E6-C339C6E1300B}C:\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\blablabla\launcher.exe" = protocol=17 | dir=in | app=c:\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\neuer ordner\blablabla\launcher.exe | "UDP Query User{AFF1D829-1214-41FC-8FF2-2B7A57ADDACC}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{B43BDEEC-C2BF-4C18-8642-F1B91A3D02B0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{DF1C30DD-268E-4FDC-A9D6-E0338B16AD91}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{ED7E7BFD-0471-4E13-B030-17BC0A909373}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{F76F3389-E9E7-4930-A731-A4D78B0755E5}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002B1E90-3241-4D45-8831-E89020F8E7E6}" = EndNote X2 "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar) "{010C0B4A-DC93-4BB4-893B-BDDE95355A3E}" = Freeware PDF Unlocker "{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{02D0DF6E-BE8D-66B0-3C3F-ED0F395DF765}" = CCC Help Finnish "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{05A677ED-F6EB-C225-0852-C8EDA143F637}" = Catalyst Control Center Core Implementation "{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas "{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding "{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011 "{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{1339C679-8EBD-A264-F51B-8AFF9E5178AB}" = Catalyst Control Center Localization Chinese Standard "{1395B38D-5889-19E5-D02E-BD1A02BF373B}" = CCC Help Spanish "{13D5F9B6-D70A-DCCA-A00D-E43839CDFA83}" = CCC Help Chinese Standard "{1410D707-A9C3-2E70-9476-2427EC18134F}" = CCC Help Turkish "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1D423B7C-A57F-DC76-DBED-43DCE9BAFA0E}" = ccc-utility "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar) "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29 "{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar) "{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition "{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{33D38429-A417-2939-F2ED-68B02C60524B}" = CCC Help Italian "{348982C0-1053-041B-90E9-27E52C5CBAC4}" = Catalyst Control Center Localization Chinese Traditional "{34BCB3AF-9DF8-4D1F-7F79-49C57ED73730}" = AMD Catalyst Install Manager "{3683198D-D48D-8F78-D544-E0CEEDA9A5AD}" = Catalyst Control Center Localization Norwegian "{39874C29-6A64-A5E4-15E8-48CAB1630758}" = Catalyst Control Center Graphics Full New "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{442CB906-7844-E2F5-A2EB-90D44C0BF2DF}" = Catalyst Control Center Localization All "{46AFD359-AAE9-2843-B7CE-10FB46C76E99}" = CCC Help German "{497CDC20-F32E-B732-D5A7-C508832901B1}" = Catalyst Control Center Localization Italian "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{4E8B4C51-20A4-A946-F2FD-361E1E64CBFE}" = Catalyst Control Center Localization Dutch "{54B1E5A3-1B29-4582-A226-172A1FC7BA6C}" = Windows Live Family Safety "{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{66E07661-1C3B-EBB3-DDD7-CA2D9CF728E5}" = CCC Help Chinese Standard "{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate "{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East "{67192DDF-D12C-7C14-0891-1999A8322D9A}" = ccc-core-static "{67D30650-3501-66ED-265A-20870A20A689}" = CCC Help English "{693C5CAC-E43C-4A5F-0793-DB1A91576F00}" = Catalyst Control Center Localization Swedish "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6BA2D1B0-0892-AF53-1542-767C1B1B558F}" = CCC Help German "{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module "{706136D4-648C-92B9-FF9E-BDAC45C977CB}" = CCC Help Norwegian "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7322467B-FAD1-5529-C4EF-7EA4BC17C0A2}" = CCC Help Korean "{732784F2-BBB3-AF93-F0F8-2B28D93F023E}" = Catalyst Control Center Localization Finnish "{73877A89-A11E-43D6-9A15-A77FF0F48C8F}" = AMD GPU Clock Tool "{74E4B282-F25A-53A1-BBA5-7A3EFB90FAF4}" = CCC Help Japanese "{75554025-5756-D2A8-E12A-3996A174E1AF}" = Catalyst Control Center Localization German "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel "{7842F022-6597-76DA-4DE4-DA3FBD82ECF2}" = Skins "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7A4CE9D2-DC5E-4B5B-0ED2-A2F66E76DD52}" = CCC Help Russian "{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic "{7BE855E5-8130-A624-1C47-D5EB13FA6DF2}" = Catalyst Control Center Graphics Previews Vista "{7D712AFE-2D7C-13B8-DEB7-BA8A28FED665}" = Catalyst Control Center Localization Danish "{7E00AAF2-89F3-F7FC-A8F2-8C651449671E}" = CCC Help English "{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer "{828816F4-629A-233E-DB02-A6F8BD004643}" = Catalyst Control Center Localization Portuguese "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger "{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A03FE64-0C8B-4E8F-B488-F36BA40A8640}" = Shogun - Total War - Gold Edition "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8AC115AA-27D2-4024-6E7D-D9FCD93D0487}" = CCC Help Portuguese "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90601456-1F28-AD6C-C1CE-740526D3BC27}" = Catalyst Control Center Localization French "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials "{91EDBF6E-2260-646A-4D80-CB0802132736}" = Catalyst Control Center Localization All "{931AED36-CF8A-F34F-8C13-5C19010DF6C6}" = CCC Help French "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{975F5675-8FC8-04A8-92CD-4653BD12282F}" = CCC Help French "{97900633-AADE-35DC-A424-21380BFC5431}" = Catalyst Control Center Graphics Previews Common "{98C948A6-5498-9DEE-BA4C-74B0A96CB521}" = CCC Help Danish "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9E75789D-E176-A72B-DE9E-D2AE63FE601B}" = Catalyst Control Center Graphics Previews Common "{9F711CB6-8E76-63DA-6ABA-C21B7C839CA5}" = CCC Help Russian "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A0E52598-872B-9E9A-181F-1A80C6AA4493}" = CCC Help Italian "{A10F7877-4276-416C-9F22-CB56C0CB2700}" = Medieval - Total War - Gold Edition "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A7969E95-7E39-A1AC-2D6F-85531D8A371D}" = CCC Help Japanese "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9C78107-7CBC-B05B-083B-562FA9C1EA0B}" = CCC Help Portuguese "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{B533F23C-5851-2ECB-50AA-BD74BCDD3B57}" = HydraVision "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB883D70-5B1D-9430-E626-7F495925590D}" = Catalyst Control Center Localization Spanish "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BFA7A60F-D018-AF0D-47E9-A13D0219E86A}" = CCC Help Thai "{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War "{C3C35CB3-82B6-F36F-B39A-B2AFAA74F7D2}" = CCC Help Norwegian "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C47C2F4D-4419-D823-C272-325FD9B92415}" = CCC Help Czech "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{C49E407D-A6A0-6F9A-767D-67387EF5523F}" = CCC Help Finnish "{C68C6E34-A103-F7BC-8682-C1C4190BAC1F}" = CCC Help Greek "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CBF91610-C661-3464-8831-DA8AE2589DB9}" = Catalyst Control Center Localization Japanese "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia "{D0251102-442C-6FE0-4FDC-2ACF2AD2A2A5}" = CCC Help English "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D2A90CAF-AF34-C526-D4C7-AE4FF4547B66}" = CCC Help Polish "{D2DB5404-378B-2821-513E-A8F230A0E948}" = ccc-utility "{D4C7DAB9-6623-4D86-9B9A-C9F8903BA4D2}" = MediaImpression 2.0 for PENTAX "{D5D92C28-42FB-5E24-DBFA-07232A50D670}" = CCC Help Dutch "{D9DD6E03-ACE1-2503-205E-4FA74267CDC6}" = CCC Help Spanish "{DB549485-9D94-E7AE-2FE7-DCB33A54FBD7}" = Catalyst Control Center Localization Russian "{DE200E10-45BD-E11E-EC8E-1DAD80EF8EA9}" = Catalyst Control Center Graphics Full Existing "{DEF19AE8-B330-CF2A-AEAA-1E23BBBC7B00}" = CCC Help Chinese Traditional "{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi "{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding "{E26EA12B-1E2E-4BF3-8669-8312D0CD92CA}" = Cisco AnyConnect Secure Mobility Client "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E5BE4931-F31C-2BA0-F06E-4FEC56725673}" = CCC Help Swedish "{E5C76964-F17B-7FCB-958F-1C067A2D217C}" = CCC Help Swedish "{E65E1E8B-28C9-4C6F-B750-1722F653588E}" = ATLAS.ti "{E7E76AEC-266C-C1A0-E39B-21AB97402CA1}" = CCC Help Chinese Traditional "{E7F12C4C-9932-A039-4FAC-CAD1672EB633}" = CCC Help Hungarian "{EBE9A607-31AB-696D-5220-5098B61AA9B2}" = CCC Help Dutch "{EC2C71BB-42DF-6F53-FB23-F7B3B160467B}" = Catalyst Control Center Graphics Light "{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F1465B68-4D9A-D412-2528-4F84A681F15C}" = Catalyst Control Center Localization Korean "{F1E18790-4053-4031-483B-80E932CE3910}" = CCC Help Korean "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FB8BEF4C-E2B8-725E-F84A-AF6D1E4C8960}" = Catalyst Control Center Graphics Previews Common "{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg "{FE6E1AF6-6B88-44FE-8101-84AE6A52B393}" = Windows Live Movie Maker-Betaversion "{FF274AED-F709-19C8-31BA-9EB0D4FCBC53}" = ccc-utility "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FFAF4DB9-943E-97E5-051C-DC6C4E7094C0}" = CCC Help Danish "3DataManager" = 3DataManager "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Advanced Audio FX Engine" = Advanced Audio FX Engine "Ashampoo WinOptimizer 4 FREE_is1" = Ashampoo WinOptimizer 4 FREE "avast" = avast! Free Antivirus "Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client "Comical_is1" = Comical 0.8 "Creative OA001" = Integrated Webcam Driver ( "DAEMON Tools Lite" = DAEMON Tools Lite "Dell Support Center" = Dell Support Center "Dell Video Chat" = Dell Video Chat (remove only) "Dell Webcam Central" = Dell Webcam Central "Diablo III" = Diablo III "DivX Setup.divx.com" = DivX-Setup "DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei) "ENTERPRISE" = Microsoft Office Enterprise 2007 "f4" = f4 3.1.0 "Free Studio_is1" = Free Studio version 4.1 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version "GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online "Google Updater" = Google Updater "GoToAssist" = GoToAssist "HijackThis" = HijackThis 2.0.2 "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de) "Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPE" = MyPhoneExplorer "ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper "SopCast" = SopCast 3.5.0 "StreamTorrent 1.0" = StreamTorrent 1.0 "Tropico3" = Tropico 3: Absolute Power "TVUPlayer" = TVUPlayer "Ultravnc2_is1" = UltraVNC "Veetle TV" = Veetle TV 0.9.18 "VLC media player" = VLC media player 1.1.11 "vShare.tv plugin" = vShare.tv plugin 1.3 "Winkawaks 1.61" = Winkawaks 1.61 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1804970119-3248830115-2987160562-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "Dropbox" = Dropbox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 05.12.2012 18:29:41 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8586201 Error - 05.12.2012 18:29:41 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8586201 Error - 05.12.2012 18:29:43 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 05.12.2012 18:29:43 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8587933 Error - 05.12.2012 18:29:43 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8587933 Error - 07.12.2012 09:19:25 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 07.12.2012 09:19:25 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 574021 Error - 07.12.2012 09:19:25 | Computer Name = Reefer-Madness | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 574021 Error - 07.12.2012 19:34:34 | Computer Name = Reefer-Madness | Source = EventSystem | ID = 4621 Description = Error - 08.12.2012 03:27:56 | Computer Name = Reefer-Madness | Source = EventSystem | ID = 4621 Description = [ Broadcom Wireless LAN Events ] Error - 26.11.2012 02:58:39 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 07:58:39, Mon, Nov 26, 12 Error - Unable to gain access to user store Error - 26.11.2012 10:07:30 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 15:07:30, Mon, Nov 26, 12 Error - Unable to gain access to user store Error - 26.11.2012 19:22:03 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 00:22:03, Tue, Nov 27, 12 Error - User "" does not have administrative privileges on this system Error - 27.11.2012 02:41:25 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 07:41:25, Tue, Nov 27, 12 Error - Unable to gain access to user store Error - 27.11.2012 02:50:57 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 07:50:57, Tue, Nov 27, 12 Error - User "" does not have administrative privileges on this system Error - 27.11.2012 15:42:42 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 20:42:42, Tue, Nov 27, 12 Error - Unable to gain access to user store Error - 27.11.2012 18:15:20 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 23:15:20, Tue, Nov 27, 12 Error - User "" does not have administrative privileges on this system Error - 29.11.2012 13:44:07 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 18:44:07, Thu, Nov 29, 12 Error - Unable to gain access to user store Error - 02.12.2012 09:23:22 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 14:23:22, Sun, Dec 02, 12 Error - Unable to gain access to user store Error - 04.12.2012 17:51:01 | Computer Name = Reefer-Madness | Source = WLAN-Tray | ID = 0 Description = 22:51:01, Tue, Dec 04, 12 Error - User "" does not have administrative privileges on this system [ Cisco AnyConnect Secure Mobility Client Events ] Error - 08.12.2012 03:29:13 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.0264126671582\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h Line: 145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C) Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE Error - 08.12.2012 03:29:13 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.0264126671582\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h Line: 145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C) Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE Error - 08.12.2012 03:40:34 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: Directory::ReadDir File: .\Utility\Directory.cpp Line: 156 Invoked Function: ::FindNextFile Return Code: 18 (0x00000012) Description: Es sind keine weiteren Dateien vorhanden. Error - 08.12.2012 03:40:34 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.0264126671582\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h Line: 145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C) Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE Error - 08.12.2012 03:40:34 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.0264126671582\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h Line: 145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C) Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE Error - 08.12.2012 03:40:34 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: PluginLoader::QuickCreatePlugin File: c:\temp\build\thehoff\DaVinci_MR30.0264126671582\DaVinci_MR3\vpn\Common\Utility/PluginLoader.h Line: 145 Invoked Function: PluginLoader::CreateInstance Return Code: -29294580 (0xFE41000C) Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE Error - 08.12.2012 03:40:53 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp Line: 2664 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Error - 08.12.2012 03:40:53 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 2186 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Error - 08.12.2012 03:40:53 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp Line: 8419 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33161196 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE Error - 08.12.2012 03:40:53 | Computer Name = Reefer-Madness | Source = acvpnagent | ID = 67108866 Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 379 Invoked Function: CMainThread::applyHostConfigForNoVpn Return Code: -33161196 (0xFE060014) Description: ROUTEMGR_ERROR_PUBLIC_ADDRESS_UNAVAILABLE [ OSession Events ] Error - 02.02.2012 08:30:27 | Computer Name = Reefer-Madness | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8292 seconds with 4440 seconds of active time. This session ended with a crash. [ System Events ] Error - 07.12.2012 03:30:43 | Computer Name = Reefer-Madness | Source = Service Control Manager | ID = 7011 Description = Error - 07.12.2012 09:19:16 | Computer Name = Reefer-Madness | Source = BTHUSB | ID = 327697 Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error - 07.12.2012 13:16:34 | Computer Name = Reefer-Madness | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 07.12.2012 um 15:47:17 unerwartet heruntergefahren. Error - 07.12.2012 13:21:22 | Computer Name = Reefer-Madness | Source = Service Control Manager | ID = 7022 Description = Error - 07.12.2012 13:40:29 | Computer Name = Reefer-Madness | Source = iaStor | ID = 262153 Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error - 07.12.2012 13:43:29 | Computer Name = Reefer-Madness | Source = iaStor | ID = 262153 Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error - 08.12.2012 02:54:05 | Computer Name = Reefer-Madness | Source = Service Control Manager | ID = 7011 Description = Error - 08.12.2012 03:27:51 | Computer Name = Reefer-Madness | Source = DCOM | ID = 10010 Description = Error - 08.12.2012 03:30:07 | Computer Name = Reefer-Madness | Source = Service Control Manager | ID = 7011 Description = Error - 08.12.2012 03:40:22 | Computer Name = Reefer-Madness | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 08.12.2012 um 08:37:51 unerwartet heruntergefahren. < End of report > Den GMER Logfile krieg ich nicht gepostet?! Zu groß vielleicht? |
![]() | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Internet lahmt gewaltig Hallo und
__________________![]() Zitat:
__________________ |
![]() |
Themen zu Internet lahmt gewaltig |
32 bit, administrator, anti-malware, battle.net, browser, code, detected, explorer, file, grand theft auto, helper, internet, laggt, lahm, lahmt, log, log file, lösung, malwarebytes, microsoft, plug-in, problem, registry, required, seite, service pack 2, software, system, version, vista |