|
Alles rund um Windows: Hochfahren kommt Blackscreen mit MauszeigerWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
13.03.2013, 20:44 | #1 |
| Problem: Hochfahren kommt Blackscreen mit Mauszeiger Guten Abend, ich habe das Problem, dass ich beim Hochfahren meines Pc nach dem Windows lade Logo nicht weiter komme. Es kommt ein schwarzer Bildschirmmit meiner Maus die ich bewegen kann. Mit Systemhilfe reparieren funktioniert auch nicht. Ich kann aber in den abgesicherten Modus. Wenn jemand weiß was ich machen muss damit es wieder geht wäre es super wenn er das hier schreiben könnte. Mit freundlichen Grüßen Moritz |
14.03.2013, 16:52 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hochfahren kommt Blackscreen mit Mauszeiger Anleitung / Hilfe Hallo und
__________________Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte, geht auch im abgesicherten Modus:
__________________ |
14.03.2013, 21:24 | #3 |
| Hochfahren kommt Blackscreen mit Mauszeiger Details Code von der Otl.txt
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.03.2013 20:54:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mein Name\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,29% Memory free 4,00 Gb Paging File | 3,39 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 229,00 Gb Free Space | 76,85% Space Free | Partition Type: NTFS Computer Name: Mein Name-PC | User Name: Mein Name | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Mein Name\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=371&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2750320195224451&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.easylifeapp.com/?pid=576&r=2013/02/13&hid=3269533465&lg=EN&cc=DE IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=576&r=2013/02/13&hid=3269533465&lg=EN&cc=DE IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=371&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2750320195224451&q={searchTerms} IE - HKLM\..\SearchScopes\{BEBC3845-06ED-4394-878A-93CA36975051}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406 IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 4F 45 FA 5D E7 CD 01 [binary data] IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=576&r=2013/02/13&hid=3269533465&lg=EN&cc=DE IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://searchab.com/?aff=7&uid=1f1594ab-7123-11e2-bded-002185193a7f&q={searchTerms} IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes\{98826236-A441-400D-8F41-40F2B121B3EB}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=10c3593c-93f1-4441-9039-05717886a57b&apn_sauid=502F7C8B-9485-4249-8F08-E4483E463E80 IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=371&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2750320195224451&q={searchTerms} IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\SearchScopes\{BEBC3845-06ED-4394-878A-93CA36975051}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Privitize VPN" FF - prefs.js..browser.search.defaultenginename: "EasyLife" FF - prefs.js..browser.search.defaultenginename,S: S", "EasyLife" FF - prefs.js..browser.search.defaultthis.engineName: "EasyLife" FF - prefs.js..browser.search.defaulturl: "hxxp://search.easylifeapp.com/?pid=576&abc=ff1&r=2013/02/13&hid=3269533465&lg=EN&cc=DE&l=1&q=" FF - prefs.js..browser.search.order.1: "EasyLife" FF - prefs.js..browser.search.order.1,S: S", "EasyLife" FF - prefs.js..browser.search.selectedEngine: "EasyLife" FF - prefs.js..browser.search.selectedEngine,S: S", "EasyLife" FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15 FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=371&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=2750320195224451&o=APN10645&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "91.228.53.28" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "91.228.53.28" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "91.228.53.28" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "91.228.53.28" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "EasyLife" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "EasyLife" FF - prefs.js..browser.startup.homepage: "hxxp://search.easylifeapp.com/?pid=576&r=2013/02/13&hid=3269533465&lg=EN&cc=DE" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.easylifeapp.com/?pid=576&abc=ff1&r=2013/02/13&hid=3269533465&lg=EN&cc=DE&l=1&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mein Name\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.02.13 18:09:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013.03.13 19:33:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013.03.13 19:33:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013.03.13 19:33:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.13 21:02:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.25 20:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mein Name\AppData\Roaming\mozilla\Extensions [2013.02.25 20:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mein Name\AppData\Roaming\mozilla\Firefox\Profiles\gl3l0dnh.default\extensions [2013.02.25 20:36:20 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Mein Name\AppData\Roaming\mozilla\Firefox\Profiles\gl3l0dnh.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} [2013.02.06 21:45:13 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Mein Name\AppData\Roaming\mozilla\Firefox\Profiles\gl3l0dnh.default\extensions\battlefieldplay4free@ea.com [2013.01.24 20:27:33 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Mein Name\AppData\Roaming\mozilla\Firefox\Profiles\gl3l0dnh.default\extensions\toolbar@ask.com [2013.02.08 20:12:18 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Mein Name\AppData\Roaming\mozilla\firefox\profiles\gl3l0dnh.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.10.29 17:30:58 | 000,002,333 | ---- | M] () -- C:\Users\Mein Name\AppData\Roaming\mozilla\firefox\profiles\gl3l0dnh.default\searchplugins\askcom.xml [2013.02.13 12:49:54 | 000,000,581 | ---- | M] () -- C:\Users\Mein Name\AppData\Roaming\mozilla\firefox\profiles\gl3l0dnh.default\searchplugins\EasyLife.xml [2013.02.07 13:37:43 | 000,002,090 | ---- | M] () -- C:\Users\Mein Name\AppData\Roaming\mozilla\firefox\profiles\gl3l0dnh.default\searchplugins\Searchab.xml [2013.02.25 20:36:14 | 000,002,687 | ---- | M] () -- C:\Users\Mein Name\AppData\Roaming\mozilla\firefox\profiles\gl3l0dnh.default\searchplugins\Search_Results.xml [2013.03.13 21:02:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.25 20:36:25 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION [2013.03.13 21:02:21 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.13 21:02:19 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.13 21:02:19 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.13 21:02:19 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.13 21:02:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.25 20:36:14 | 000,002,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2013.03.13 21:02:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.13 21:02:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media Inc) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media Inc) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000..\Run: [Akamai NetSession Interface] C:\Users\Mein Name\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000..\Run: [iFunBoxConnector] C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2819407763-1906185329-4118087821-1000\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{977952F2-B199-405F-985E-F59965749DFB}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll () O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll (Bandoo Media Inc) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll (Bandoo Media Inc) O20 - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll () O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll (Bandoo Media Inc) O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll (Bandoo Media Inc) O20 - AppInit_DLLs: (c:\progra~2\easylife\sprote~1.dll) - c:\progra~2\easylife\sprote~1.dll () O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\progra~2\browse~1\sprote~1.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.13 21:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.13 20:24:24 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.12 20:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.10 20:13:15 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Malwarebytes [2013.03.10 20:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.10 20:13:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.10 20:12:53 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\Programs [2013.03.09 13:06:16 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Avira [2013.03.09 12:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.03.07 20:28:51 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\SuchtiGame 2 [2013.03.05 22:05:39 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\Punkt [2013.03.05 19:32:36 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\Wolfteam Hacks [2013.03.05 19:22:32 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\aimpoint [2013.03.02 19:10:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.02.27 20:41:43 | 003,889,424 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2013.02.27 20:41:10 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2013.02.27 20:41:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2013.02.27 20:40:23 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\Wolfteam Wallhack [2013.02.27 20:24:46 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\Aeria Games [2013.02.27 20:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games [2013.02.27 20:23:46 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames [2013.02.27 20:22:51 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2013.02.27 20:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames [2013.02.27 20:22:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games [2013.02.27 20:22:45 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Aeria Games & Entertainment [2013.02.27 18:59:28 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\Akamai [2013.02.27 18:59:27 | 000,000,000 | ---D | C] -- C:\AeriaGames [2013.02.26 19:36:10 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\Temporary Projects [2013.02.26 19:16:25 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\Plutinosoft_LLC [2013.02.26 19:16:10 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iDemo [2013.02.26 19:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iDemo [2013.02.26 19:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\My [2013.02.26 17:47:34 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\Minecraft Installation [2013.02.26 16:43:36 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\.minecraft [2013.02.26 16:43:18 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 1.2.5 - @rudhi23 [2013.02.25 22:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2013.02.25 21:30:32 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\iProgramm™ [2013.02.25 20:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert [2013.02.25 20:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Results Toolbar [2013.02.25 20:35:46 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Local\iLivid [2013.02.22 22:20:46 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\21.01.2013 2013 [2013.02.22 22:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013 [2013.02.22 22:08:13 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013.02.22 22:07:23 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2013.02.22 22:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.02.22 22:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.02.22 22:07:02 | 000,613,720 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.02.22 22:07:02 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys [2013.02.20 20:53:43 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\SynthMaker [2013.02.16 18:26:04 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Skype [2013.02.16 18:25:53 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.02.16 18:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.16 18:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.02.16 18:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.02.14 16:06:15 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Desktop\evasi0n-win-1.3 [2013.02.14 15:52:15 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\iFunbox_UserCache [2013.02.14 15:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam [2013.02.14 15:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam [2013.02.14 00:03:33 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\NCdownloader [2013.02.14 00:00:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.02.13 23:59:32 | 000,000,000 | ---D | C] -- C:\989a0a0934db0d5e84 [2013.02.13 23:58:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.13 23:58:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.13 23:58:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.13 23:58:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.13 23:58:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.13 23:58:08 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.13 23:58:08 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.13 23:58:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.13 23:58:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.13 23:58:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.13 23:58:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.13 23:58:07 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.13 23:58:06 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.13 23:58:06 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.13 23:58:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.13 18:10:05 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\DVDVideoSoftIEHelpers [2013.02.13 18:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013.02.13 18:09:46 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\DVDVideoSoft [2013.02.13 18:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013.02.13 18:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013.02.13 14:20:06 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [2013.02.13 14:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2 [2013.02.13 14:19:54 | 001,431,552 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll [2013.02.13 14:19:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins [2013.02.13 14:19:49 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Documents\Image-Line [2013.02.13 14:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [2013.02.13 14:19:39 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm [2013.02.13 14:19:39 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [2013.02.13 14:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim [2013.02.13 14:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line [2013.02.13 12:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\RightClick [2013.02.13 12:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave [2013.02.13 12:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyLife [2013.02.13 12:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013.02.13 12:32:52 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.13 12:32:52 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.13 12:32:51 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.13 12:32:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.13 12:32:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.13 12:32:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.13 12:32:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.13 12:32:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.13 12:32:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.13 12:32:38 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.13 12:30:56 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ [2013.02.13 12:30:54 | 000,000,000 | ---D | C] -- C:\Users\Mein Name\Documents\VirtualDJ [2013.02.13 12:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ [2013.02.03 17:18:27 | 000,814,592 | ---- | C] (Microsoft) -- C:\Program Files (x86)\Metin2 Bypass Creator.exe [2 C:\Users\Mein Name\AppData\Roaming\*.tmp files -> C:\Users\Mein Name\AppData\Roaming\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.14 20:46:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.14 20:46:27 | 1609,949,184 | -HS- | M] () -- C:\hiberfil.sys [2013.03.13 20:24:26 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.09 12:14:38 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.05 19:27:01 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.05 19:27:01 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.27 21:45:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.27 21:08:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.27 20:33:28 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.27 20:33:28 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.27 20:23:47 | 000,001,700 | ---- | M] () -- C:\Users\Mein Name\Desktop\WolfTeam-DE.lnk [2013.02.27 20:22:50 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk [2013.02.26 21:22:17 | 000,613,720 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.02.26 21:22:17 | 000,054,104 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.02.26 19:34:09 | 000,000,360 | ---- | M] () -- C:\Users\Mein Name\AppData\Roaming\com.plutinosoft.idemo.plist [2013.02.26 19:16:10 | 000,001,883 | ---- | M] () -- C:\Users\Mein Name\Desktop\iDemo.lnk [2013.02.26 16:43:18 | 000,002,056 | ---- | M] () -- C:\Users\Mein Name\Desktop\Minecraft.lnk [2013.02.22 23:02:54 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.02.22 22:08:15 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2013.02.19 17:41:27 | 000,154,112 | ---- | M] () -- C:\Users\Mein Name\Desktop\resucredesk.exe [2013.02.19 16:37:12 | 000,100,286 | ---- | M] () -- C:\Users\Mein Name\Desktop\Spinning Jenny.odt [2013.02.19 16:37:09 | 000,819,865 | ---- | M] () -- C:\Users\Mein Name\Desktop\Weberei.odt [2013.02.19 16:37:04 | 001,301,923 | ---- | M] () -- C:\Users\Mein Name\Desktop\Tretradkran.odt [2013.02.14 15:52:02 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\iFunbox.lnk [2013.02.14 15:44:29 | 000,295,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.13 18:09:55 | 000,001,402 | ---- | M] () -- C:\Users\Mein Name\Desktop\Free YouTube to MP3 Converter.lnk [2013.02.13 14:26:54 | 000,039,268 | ---- | M] () -- C:\Users\Mein Name\Desktop\220px-Warsztat_pion.svg.png [2013.02.13 14:20:06 | 000,001,142 | ---- | M] () -- C:\Users\Mein Name\Desktop\ASIO4ALL v2 Instruction Manual.lnk [2013.02.13 14:19:52 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 10.lnk [2013.02.13 12:30:57 | 000,001,050 | ---- | M] () -- C:\Users\Mein Name\Desktop\VirtualDJ Home FREE.lnk [2 C:\Users\Mein Name\AppData\Roaming\*.tmp files -> C:\Users\Mein Name\AppData\Roaming\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.13 20:24:26 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.12 22:18:23 | 000,139,264 | ---- | C] () -- C:\Users\Mein Name\Desktop\Winject.exe [2013.02.27 20:41:09 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2013.02.27 20:23:47 | 000,001,700 | ---- | C] () -- C:\Users\Mein Name\Desktop\WolfTeam-DE.lnk [2013.02.27 20:22:50 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk [2013.02.26 19:22:03 | 000,000,360 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\com.plutinosoft.idemo.plist [2013.02.26 19:16:10 | 000,001,883 | ---- | C] () -- C:\Users\Mein Name\Desktop\iDemo.lnk [2013.02.26 16:43:18 | 000,002,056 | ---- | C] () -- C:\Users\Mein Name\Desktop\Minecraft.lnk [2013.02.25 20:43:28 | 000,001,050 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk [2013.02.22 22:08:41 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2013.02.19 17:41:27 | 000,154,112 | ---- | C] () -- C:\Users\Mein Name\Desktop\resucredesk.exe [2013.02.19 16:37:02 | 001,301,923 | ---- | C] () -- C:\Users\Mein Name\Desktop\Tretradkran.odt [2013.02.16 18:25:53 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013.02.14 15:52:02 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\iFunbox.lnk [2013.02.13 18:09:55 | 000,001,402 | ---- | C] () -- C:\Users\Mein Name\Desktop\Free YouTube to MP3 Converter.lnk [2013.02.13 15:32:01 | 000,819,865 | ---- | C] () -- C:\Users\Mein Name\Desktop\Weberei.odt [2013.02.13 14:26:52 | 000,039,268 | ---- | C] () -- C:\Users\Mein Name\Desktop\220px-Warsztat_pion.svg.png [2013.02.13 14:20:06 | 000,001,142 | ---- | C] () -- C:\Users\Mein Name\Desktop\ASIO4ALL v2 Instruction Manual.lnk [2013.02.13 14:19:53 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 10.lnk [2013.02.13 12:30:56 | 000,001,050 | ---- | C] () -- C:\Users\Mein Name\Desktop\VirtualDJ Home FREE.lnk [2013.02.03 19:39:06 | 000,327,680 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\signons.sqlite [2013.02.03 19:39:06 | 000,163,840 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\cert8.db [2013.02.03 19:39:06 | 000,016,384 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\key3.db [2013.02.03 19:39:06 | 000,000,000 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\WindowsLive.cfg [2013.02.03 17:59:57 | 000,135,680 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\testhack.exe [2013.02.03 17:59:57 | 000,000,000 | ---- | C] () -- C:\Users\Mein Name\AppData\Roaming\chrtmp [2013.01.31 19:53:01 | 000,000,245 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013.01.06 20:32:26 | 000,007,605 | ---- | C] () -- C:\Users\Mein Name\AppData\Local\Resmon.ResmonCfg [2013.01.01 20:27:54 | 002,453,566 | ---- | C] () -- C:\Program Files\Uninstal.exe [2013.01.01 19:54:00 | 1804,039,455 | ---- | C] () -- C:\Users\Mein Name\CSS_full_v17.1_DiGiTALZonE.exe [2012.12.31 17:15:52 | 000,006,438 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.12.31 16:57:54 | 000,000,032 | ---- | C] () -- C:\Users\Mein Name\.simfy [2012.12.31 14:39:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.07.04 06:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.04 06:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.04.18 19:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > [/CODE] Code von der Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.03.2013 20:54:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mein Name\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,29% Memory free 4,00 Gb Paging File | 3,39 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 229,00 Gb Free Space | 76,85% Space Free | Partition Type: NTFS Computer Name: Mein Name-PC | User Name: Mein Name | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{11BE0EE2-39B6-45E7-91BB-F4AB4F84EDE1}" = rport=445 | protocol=6 | dir=out | app=system | "{4A032CF5-CC3A-45C4-AB26-1EE9683DD793}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7EFE3D15-5F16-451D-9B0B-ED7CD26E99E5}" = rport=137 | protocol=17 | dir=out | app=system | "{80AF5B30-1E91-430C-8DBE-83B3282A2422}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{93F8345F-2C97-4254-8D90-6D515D45F6AB}" = rport=138 | protocol=17 | dir=out | app=system | "{94A6EC9D-A628-43EE-9076-D6777F00FA67}" = rport=139 | protocol=6 | dir=out | app=system | "{94CB6177-442B-4008-AE17-014FD22143B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A21E06E2-DD37-4E6D-B36B-87BC96850821}" = lport=445 | protocol=6 | dir=in | app=system | "{B2081C9C-50D4-4316-B335-437FA01DADFA}" = lport=137 | protocol=17 | dir=in | app=system | "{C2F6D2DE-BF8C-4000-A5E6-230EF2F5F96B}" = lport=139 | protocol=6 | dir=in | app=system | "{DC32F6BA-847C-4963-A064-2CAE37C92C9D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{ED0876C3-C3E8-4537-A49B-593B7E9E6DE5}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{062647F1-1691-46DB-8982-919E431BBE2C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{07A3D819-059C-4853-A1ED-C0E1DBF8612D}" = protocol=6 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe | "{0E2B0C04-BE4C-4687-8638-825B5306A0BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1CE93C0C-44EB-4797-8446-ADADB40F9A91}" = protocol=17 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe | "{245BE4DF-9B60-4D56-BFF7-A8031E051894}" = protocol=6 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe | "{2E3D0A4D-0229-469E-90DC-E09659AE4DD6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{3909D1EF-4B23-4F50-8D7B-B10CD1D88996}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3C4732F7-5BF3-456A-AE53-BB01D4197C06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{516A508E-E1F1-4078-BFA5-56023532A2D4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{58203636-615C-4551-88CF-2A94D7138629}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{59B85664-0BA7-48BA-B315-800E5C860FD2}" = protocol=17 | dir=in | app=c:\webzen\arcticcombat\system\arcticcombat.exe | "{61CFEEE2-CDAB-49FD-858B-9CEDE1B3078B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{794B531F-01BD-4BF6-89E8-87C6C7FAC512}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B5F2726A-B5F2-4663-8FB2-6701D4B573B7}" = dir=in | app=c:\brickforce\bflauncher.exe | "{C3D30CEE-5ACD-43FE-8355-1C52C8140CA4}" = dir=in | app=c:\brickforce\brickforce.exe | "{DEA6C022-5DF8-4468-A563-133705F0EA54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{ECB7C246-666F-40C6-9011-E16FBB7AB8CF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "TCP Query User{055C8C92-DB7F-420F-B907-ABCAF97DE450}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "TCP Query User{185710D6-5932-469B-8A0A-8C7587E5AEC0}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{1880B2DF-1904-4D91-8DE3-C8463DC2FD5F}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe | "TCP Query User{41C2BFD7-009A-4AE3-8656-658BAA2F0D2F}C:\users\Mein Name\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\Mein Name\appdata\local\akamai\netsession_win.exe | "TCP Query User{480DE977-B8F6-4391-A3B2-A1FBD1F465B3}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{4F9650D9-FB2C-4E76-9DC0-D48B60D2BDD8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{79F4395F-149B-4B9C-86A0-EB46F4F54C04}C:\program files\hl2.exe" = protocol=6 | dir=in | app=c:\program files\hl2.exe | "TCP Query User{C7CA2B51-10F9-4826-BAF7-A1E6279BA12F}C:\program files (x86)\metin2\metin2client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.exe | "UDP Query User{25E2D6E4-446F-4CF7-8ED1-AC4DCC4BC387}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin | "UDP Query User{3DD2A9E5-6F92-4EAF-89C9-99927E232FED}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{3EFACFB8-3232-46D9-A489-1D4B3A8647F0}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{B9BC328F-0AB3-4AA7-B675-624AC1AEE0C2}C:\users\Mein Name\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\Mein Name\appdata\local\akamai\netsession_win.exe | "UDP Query User{C535B9FA-F609-478E-874D-54A9F247A6F3}C:\program files\hl2.exe" = protocol=17 | dir=in | app=c:\program files\hl2.exe | "UDP Query User{EA8A1576-5FA2-41A9-A4B1-EAC6B7814F1E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{FE4998CE-8A22-4FD9-8B73-9E7F7B40D00A}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe | "UDP Query User{FF49525F-DE1B-4828-909E-33B94E9517A7}C:\program files (x86)\metin2\metin2client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{018F3B17-AF23-809D-3807-25A16563416C}" = AMD Media Foundation Decoders "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers "{170EF2EC-C6AC-9418-933B-E2215E5ACE62}" = AMD Accelerated Video Transcoding "{1A2B11DC-654B-0C80-14AA-B980D07257A7}" = ccc-utility64 "{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU "{3E119B14-FC8F-41FC-95B1-F0F457CB1DAE}" = MySQL Connector/ODBC 5.2(a) "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{A2A448FD-B078-DBF9-0F3F-AC8A8A4ADDB9}" = AMD Drag and Drop Transcoding "{ACE9FB2A-31A5-4285-9510-43F1636EAB21}" = EasyLife Gadget "{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E391E2FF-927F-46A6-8466-C688A2FAF1FB}" = AMD Catalyst Install Manager "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{03E1711E-2A57-D826-142F-4D1C8CBB9CE3}" = CCC Help Korean "{05499036-169E-2DB2-CA6A-921826EDB571}" = CCC Help Hungarian "{1737B9BC-D3B4-D62A-C79F-049D1C14BAC5}" = CCC Help Finnish "{1B871D56-59B9-4459-AD75-939131F82680}" = iDemo "{1C179D24-8307-A87E-5BF2-7F847B5489FB}" = CCC Help Dutch "{1C961E37-1448-39D0-7A46-BB6BEA266C18}" = CCC Help Russian "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{24E95349-8629-47A0-EB12-9B081EFE4122}" = Catalyst Control Center Localization All "{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13 "{4048B649-4AD0-1C0F-3C0F-09478FE3E4E8}" = CCC Help Chinese Traditional "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2 "{51E47ACA-6672-7A6B-FE18-20E1EA4802E3}" = CCC Help Greek "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "{59C7AFEC-E6E0-C99E-31FD-1FCBBFF70393}" = Catalyst Control Center "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR "{5CA66729-D7A8-428B-21AC-CE78AB6BC83D}" = CCC Help Portuguese "{604B7475-6B17-D7DF-636D-E1E147349316}" = CCC Help Japanese "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{62460273-C5CA-BEAB-5AEA-360698FCB506}" = CCC Help Czech "{6D5B770B-9F4B-5D56-C270-196E91C9F0FF}" = CCC Help Danish "{6E25AE88-7018-022F-508B-80656F538535}" = CCC Help Polish "{71972D00-4596-11E2-B6EA-B8AC6F97B88E}" = Google Earth Plug-in "{778AA318-7343-B50A-09FE-96BD3FF18501}" = Catalyst Control Center InstallProxy "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7D9D35EC-57CC-492F-8EB6-751CC4BDDF83}" = MySQL Connector Net 6.6.4 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{941BF29A-8738-34FB-58AF-116758FA60AB}" = CCC Help Thai "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension "{99284958-43A1-E44A-B9CE-BB2E3D460617}" = simfy "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C1F24C5-03E3-4DAA-B935-E7C971003F0E}" = Aeria Ignite "{9C84DFF4-A98C-42d5-A09F-6985A05205B2}_is1" = Arctic Combat "{9D4D322B-0BE2-F994-701F-8E464029B11A}" = CCC Help Swedish "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9FDFB03-82ED-0DCC-6351-A562F184E9ED}" = CCC Help Italian "{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE "{B62BA521-B0BB-7215-6467-9EC0A1E61D85}" = Catalyst Control Center Graphics Previews Common "{B6D49D90-3D8B-F6D4-2009-11AE0E11EBC3}" = CCC Help English "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{BE0BEC1F-C9D6-17D5-075A-53DF0A23C282}" = CCC Help Norwegian "{BFD7E2D6-B4E1-D425-166E-CF27BBD79C10}" = CCC Help Spanish "{C04ACDD0-62A7-091E-0B83-4383E7073469}" = CCC Help Turkish "{C7232E58-FD2F-5EC0-B4FD-2C5FA2DB6BB8}" = CCC Help French "{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E661CA41-4846-13AB-5137-25F13F1C5D6B}" = CCC Help Chinese Standard "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCB53C89-7998-6782-DA2B-99B49BE8AD96}" = CCC Help German "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.11.2111" = Aeria Ignite "ASIO4ALL" = ASIO4ALL "Brick-Force" = Brick-Force "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "Counter-Strike: Source v17" = Counter-Strike: Source v17 "FL Studio 10" = FL Studio 10 "Fraps" = Fraps (remove only) "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128 "iFunbox_is1" = iFunbox (v2.1.2228.731), iFunbox DevTeam "IL Download Manager" = IL Download Manager "IL Shared Libraries" = IL Shared Libraries "iLivid" = iLivid "ilividtoolbargaw" = Search-Results Toolbar "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "Little Fighter 2.5 - v2.0" = Little Fighter 2.5 - v2.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Metin2_is1" = Metin2 "Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU "Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "PE Explorer_is1" = PE Explorer 1.99 R6 "PrivitizeVPN" = PrivitizeVPN "Simfy" = simfy "SP_d33a5824" = EasyLife Search 1.74 "SP_f2a323db" = BrowseToSave 1.74 "WolfTeam-DE" = WolfTeam-DE ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2819407763-1906185329-4118087821-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater "6ea8dd66df6ee607" = PictureDrop "Akamai" = Akamai NetSession Interface "Minecraft 1.2.5 - @rudhi23" = Minecraft 1.2.5 - @rudhi23 "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 13.03.2013 13:58:57 | Computer Name = Mein Name-PC | Source = .NET Runtime | ID = 1026 Description = Error - 13.03.2013 13:59:12 | Computer Name = Mein Name-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: aeriaignite.exe, Version: 1.11.2111.0, Zeitstempel: 0x50eb7838 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0x658 Startzeit der fehlerhaften Anwendung: 0x01ce20146dc688b2 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: b5e43ce6-8c07-11e2-9986-d73cdf5d2e5e Error - 13.03.2013 13:59:30 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = Error - 13.03.2013 13:59:32 | Computer Name = Mein Name-PC | Source = Microsoft-Windows-CAPI2 | ID = 512 Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden. Details: Could not query the status of the EventSystem service. System Error: Der Computer wird heruntergefahren. . Error - 13.03.2013 15:24:41 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = Error - 13.03.2013 15:31:32 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = Error - 13.03.2013 15:40:11 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = Error - 13.03.2013 15:57:53 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = Error - 13.03.2013 16:12:51 | Computer Name = Mein Name-PC | Source = System Restore | ID = 8206 Description = Error - 13.03.2013 16:13:53 | Computer Name = Mein Name-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 14.03.2013 15:47:08 | Computer Name = Mein Name-PC | Source = DCOM | ID = 10005 Description = Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = DCOM | ID = 10005 Description = Error - 14.03.2013 15:47:12 | Computer Name = Mein Name-PC | Source = DCOM | ID = 10005 Description = Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:11 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 14.03.2013 15:47:12 | Computer Name = Mein Name-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > [/CODE] |
15.03.2013, 01:06 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: Hochfahren kommt Blackscreen mit MauszeigerZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
15.03.2013, 07:15 | #5 |
| Wie Hochfahren kommt Blackscreen mit Mauszeiger Gibt keine Ausrede . Ich Spiel das Spiel eh nie. Aber ich denke nicht das es daran liegt, weil ich habe das Spiel schon lange drauf. |
15.03.2013, 12:33 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Wo Hochfahren kommt Blackscreen mit Mauszeiger Lösung! Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ --> Hochfahren kommt Blackscreen mit Mauszeiger |
15.03.2013, 17:33 | #7 |
| Hochfahren kommt Blackscreen mit Mauszeiger Ich kann dir versichern, dass es nicht daran liegt. Ich habe das auch schon auf meinem alten pc gehabt und mein Bruder hat es auch. Alles ohne Probleme Ich kann ja mal auf bereinigen klicken. |
15.03.2013, 19:26 | #8 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hochfahren kommt Blackscreen mit MauszeigerZitat:
Hilfe gibt es noch bei Datensicherung und Neuinstallation von Windows.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Hochfahren kommt Blackscreen mit Mauszeiger |
abend, abgesicherte, abgesicherten, blackscreen, funktionier, funktioniert, guten, hochfahren, maus, mauszeiger, problem, reparieren, schwarzer, super, windows |