|
Log-Analyse und Auswertung: Win Vista Weißer BildschirmWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.02.2014, 22:40 | #1 |
| Win Vista Weißer Bildschirm Hey Leute, ich habe seit gestern ein kleines Problem. Wenn ich meinen PC starte, habe ich einen weißen Bildschirm und kann nichts machen. Inzwischen habe ich mich hier im Forum umgesehen und habe herausgefunden, dass ich wahrscheinlich irgendeinen Trojaner habe. Ich verstehe zwar einiges von Computern, aber das hier übersteigt mein Wissen. Zur Info: ich habe OTL bereits durchlaufen lassen, kann aber leider kein Fix erstellen bin dafür zu doof.... anbei findet ihr die Dateien. Wäre super wenn Ihr schnell ein fix für mich findet ! Danke schonmal im vorraus! |
26.02.2014, 08:02 | #2 |
/// the machine /// TB-Ausbilder | Win Vista Weißer Bildschirm Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
26.02.2014, 08:25 | #3 |
| Win Vista Weißer Bildschirm Tut mir leid! Wusste ich nicht...
__________________also hier nochmal die logs. OTL: Code:
ATTFilter OTL logfile created on: 25.02.2014 21:26:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = h:\ Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,63% Memory free 6,75 Gb Paging File | 6,44 Gb Available in Paging File | 95,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 44,02 Gb Free Space | 18,90% Space Free | Partition Type: NTFS Drive E: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 232,88 Gb Total Space | 96,07 Gb Free Space | 41,25% Space Free | Partition Type: NTFS Drive H: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109958&tt=3412_3&babsrc=HP_ss&mntrId=dc7be9530000000000000c0c0c0c0c01 IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=3412_3&babsrc=SP_ss&mntrId=dc7be9530000000000000c0c0c0c0c01 IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledAddons: %7B2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0%7D:1.2.7.0 FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.1 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.10 FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - prefs.js..network.proxy.autoconfig_url: "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gRmluZFByb3h5Rm9yVVJMKHVybCwgaG9zdCkgewogIGlmICgoaG9zdCA9PSAnd3d3LnlvdXR1YmUuY29tJyAmJiB1cmwuaW5kZXhPZigneW91dHViZS5jb20vd2F0Y2g/dj1fT2d1alAxMDlCVSZweHRyeT0xJykgIT0gLTEpIHx8IChob3N0LmluZGV4T2YoJ2MueW91dHViZS5jb20nKSAhPSAtMSAmJiB1cmwuaW5kZXhPZignYy55b3V0dWJlLmNvbS92aWRlb3BsYXliYWNrJykgIT0gLTEgJiYgdXJsLmluZGV4T2YoJ2djcj11cycpICE9IC0xKSkKICAgIHJldHVybiAnUFJPWFkgMjA5LjIzOS4xMjAuOTc6MzEzMSc7CiAgcmV0dXJuICdESVJFQ1QnOwp9" FF - prefs.js..network.proxy.ftp: "190.248.39.52" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "190.248.39.52" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "190.248.39.52" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "190.248.39.52" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.11.04 17:23:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.29 05:10:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.06.16 16:36:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.26 13:11:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.29 05:10:38 | 000,000,000 | ---D | M] [2011.08.26 12:34:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions [2013.08.07 20:53:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions [2013.08.07 20:53:40 | 000,000,000 | ---D | M] (HDvid Codec 3) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\hdvc3@hdvidcodec.com [2013.06.29 14:45:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\ich@maltegoetz.de [2013.07.13 11:32:15 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\plugin@getwebcake.com [2013.06.30 09:44:04 | 000,233,016 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\hdvc3@hdvidcodec.com.xpi [2013.02.10 23:33:01 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\stealthyextension@gmail.com.xpi [2013.07.17 19:01:57 | 000,620,351 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\toolbar@web.de.xpi [2012.08.26 11:43:29 | 000,009,253 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi [2013.07.22 06:32:24 | 000,818,491 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.07.12 23:29:10 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.07.17 19:02:01 | 000,001,050 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\11-suche.xml [2013.07.13 11:30:37 | 000,006,549 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\babylon.xml [2013.07.13 11:31:25 | 000,001,294 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\delta.xml [2013.07.17 19:02:01 | 000,002,418 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\englische-ergebnisse.xml [2013.07.17 19:02:01 | 000,010,701 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\gmx-suche.xml [2013.07.17 19:02:01 | 000,002,432 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\lastminute.xml [2013.07.17 19:02:00 | 000,005,682 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\webde-suche.xml [2013.05.24 01:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.24 01:29:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.05.24 01:29:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.07.03 18:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.07.03 12:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions [2013.07.03 12:16:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.07.03 12:16:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\browser\extensions [2013.07.03 12:16:33 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.08.26 11:34:37 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll CHR - Extension: HDvid Codec 3 = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo\3.1_0\ CHR - Extension: AdBlock = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\ CHR - Extension: Google Wallet = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: YouTube Unblocker = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.5.5_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [ProfilerU] C:\Programme\SmartTechnology\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [SaiMfd] C:\Programme\SmartTechnology\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [EADM] F:\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Spotify] C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Spotify Web Helper] C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.51.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7D9614B-C42C-4F26-B642-AFBC40C36BD8}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F008D0E7-F6F4-4A15-AAB5-309FF8248FBF}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll) - c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation) O20 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000 Winlogon: Shell - (C:\Users\Alex\AppData\Roaming\cache.dat) - C:\Users\Alex\AppData\Roaming\cache.dat () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\TSpkg.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.08.05 18:02:19 | 000,398,600 | R--- | M] (Electronic Arts Inc.) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008.08.05 17:23:19 | 000,000,043 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2008.08.05 17:52:02 | 000,000,000 | R--D | M] - E:\autorun -- [ UDF ] O33 - MountPoints2\{103e3454-e926-11e2-8c0f-0c0c0c0c0c01}\Shell - "" = AutoRun O33 - MountPoints2\{103e3454-e926-11e2-8c0f-0c0c0c0c0c01}\Shell\AutoRun\command - "" = H:\AcerCloudSetup.exe O33 - MountPoints2\{462bdc1d-cfd1-11e0-a729-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{462bdc1d-cfd1-11e0-a729-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.08.05 18:02:19 | 000,398,600 | R--- | M] (Electronic Arts Inc.) O33 - MountPoints2\{f3082b60-63c0-11e3-8b92-e20067deb017}\Shell - "" = AutoRun O33 - MountPoints2\{f3082b60-63c0-11e3-8b92-e20067deb017}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 7 Days ========== [2014.02.24 03:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 7 Days ========== [2014.02.25 21:06:52 | 000,669,960 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2014.02.25 21:06:52 | 000,631,026 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014.02.25 21:06:52 | 000,143,304 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2014.02.25 21:06:52 | 000,117,652 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014.02.25 20:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.02.25 20:47:06 | 000,000,004 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\cache.ini [2014.02.25 20:46:56 | 000,014,668 | ---- | M] () -- C:\Users\Alex\AppData\Local\d3d9caps.dat [2014.02.25 20:42:34 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014.02.25 20:42:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2014.02.25 20:42:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2014.02.24 21:03:07 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2014.02.24 16:40:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014.02.23 18:15:53 | 000,001,778 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2014.02.23 18:15:53 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2014.02.20 20:22:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.02.24 16:20:30 | 000,000,004 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\cache.ini [2014.02.20 20:22:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2014.01.11 23:59:28 | 000,000,024 | ---- | C] () -- C:\Users\Alex\jagexappletviewer.preferences [2013.12.24 12:57:24 | 000,000,043 | ---- | C] () -- C:\Users\Alex\jagex_cl_runescape_LIVE.dat [2013.12.24 12:57:24 | 000,000,024 | ---- | C] () -- C:\Users\Alex\random.dat [2013.11.20 22:26:13 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll [2013.10.07 19:09:11 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2013.10.07 19:09:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2013.09.24 18:46:20 | 000,267,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.09.24 12:48:52 | 000,114,688 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\cache.dat [2013.09.18 21:00:30 | 000,023,424 | ---- | C] () -- C:\Windows\System32\drivers\GameKB.sys [2013.08.07 20:55:12 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2013.07.14 12:50:41 | 000,045,457 | ---- | C] () -- C:\Users\Alex\Heiderplan.png [2013.07.05 04:29:25 | 000,000,552 | ---- | C] () -- C:\Users\Alex\AppData\Local\d3d8caps.dat [2013.06.29 19:06:15 | 000,213,940 | ---- | C] () -- C:\Users\Alex\ole-udyr-chief.PNG [2013.06.29 18:57:59 | 000,101,103 | ---- | C] () -- C:\Users\Alex\zdyr-alex-build.PNG [2013.06.21 19:02:47 | 000,103,901 | ---- | C] () -- C:\Users\Alex\2013-06-21 19.24.05.jpg [2013.01.03 17:37:32 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013.01.03 17:37:32 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013.01.01 17:56:42 | 000,000,080 | RHS- | C] () -- C:\Windows\System32\AF932C7F2C.dll [2012.09.14 20:52:45 | 000,000,810 | ---- | C] () -- C:\Windows\Rtcw.INI [2012.09.13 22:53:32 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2012.09.13 18:47:00 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012.08.23 19:50:53 | 000,001,515 | ---- | C] () -- C:\Users\Alex\AppData\Local\recently-used.xbel [2012.05.29 04:55:35 | 000,187,558 | ---- | C] () -- C:\Windows\hpoins36.dat [2012.05.29 04:55:35 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat [2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012.05.14 07:50:42 | 000,020,480 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.04.04 21:35:56 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012.04.04 21:35:56 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.08.26 11:59:44 | 000,014,668 | ---- | C] () -- C:\Users\Alex\AppData\Local\d3d9caps.dat ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2011.08.26 14:48:54 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.19 08:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:07BF512B < End of report > Code:
ATTFilter OTL Extras logfile created on: 25.02.2014 21:26:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = h:\ Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,63% Memory free 6,75 Gb Paging File | 6,44 Gb Available in Paging File | 95,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 44,02 Gb Free Space | 18,90% Space Free | Partition Type: NTFS Drive E: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 232,88 Gb Total Space | 96,07 Gb Free Space | 41,25% Space Free | Partition Type: NTFS Drive H: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{A95D6742-25A5-4165-9015-363F2FED4AE5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04063013-4F15-4DF7-9F51-7C45A8E12B21}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{07745652-47AA-4536-8876-A5BFF503EADC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe | "{08ED52C2-55D1-450D-B126-E47A9F1B8F0C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{09AD0D57-2A82-45DF-827A-38BC0555261A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{10FBD308-8077-4EE0-9F88-90C053AED5EC}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{114D284C-DCD8-43EE-9940-F97DBBB44B18}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | "{14CB5D24-8CE5-46F4-B159-B44C72B23431}" = dir=in | app=c:\program files\htc\htc sync manager\htcsyncmanager.exe | "{1B5BEF0D-76B1-46B1-A144-3DE5B74CE38B}" = protocol=17 | dir=in | app=f:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe | "{1DD97C9C-4BA7-4329-9658-2128D033B9FB}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{1E798C64-3D6C-4195-BA38-CC15C86DA4A3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | "{1FEF1021-540C-4187-9FBA-29D9C9C4FBA9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe | "{21497095-DE72-4D21-9EB3-FC891C9E390C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{21E269C1-B04E-4BC9-92BA-47BFFD4EBA40}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{222DD143-47F7-4916-8E5F-E68CEAE92D16}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{23228921-5386-41C5-AABE-F82B84450A36}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | "{29C78D70-71F8-461E-89D2-7077E9D205B1}" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | "{2A6DE98B-6F66-48A1-9DEB-4508AC706801}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{2C38727B-6C55-4F7F-B778-D9C175CDFF5A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{32FA1EC2-CC60-4CB3-A7A2-5AA150704FBB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{3FFC533D-2E98-457B-BC95-0DC79D98FC05}" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | "{47FC3605-604B-4CA1-A1F7-62FB42B45A6B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | "{4ECCD0FF-025E-4054-A3A1-7C1357A2E642}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe | "{527679CF-52EB-4B61-B3D2-66072D4219E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | "{5A752187-CF52-44F5-94DB-C491B2EF0C7A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{5CB39B1B-6A51-46E5-B82B-EFE0B36D492E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe | "{63ABE96A-2B2E-43B9-B54A-F5B083A3B378}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | "{6888707D-29CB-4A07-B400-FE08FB066056}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{6A2D4B8B-FBEA-4DDE-B668-511EFB2158E9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{6CA153A6-6592-4EC8-B80E-8F5410E333B8}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | "{6CE77A07-0491-45B8-A9B9-AEA3ED881FB5}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | "{75FCAE6B-9DA7-4C4E-B4D2-1C4BBD913562}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | "{785D9F03-A130-4B42-B11A-AF778AE538B3}" = protocol=17 | dir=in | app=f:\spiele\universe at war\uawea.exe | "{7CBB98F9-249F-417A-8E40-A68E8897F945}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{7FED70F6-C76E-48F8-8D23-81E260AB392D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{81ABE893-A3F4-4E3B-9B12-098DCAABFBA5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{8327265D-EBB6-4375-AF03-ECCC0413F01A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | "{86A98AB2-4C5D-4C10-AC51-4A49A10AA8A2}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | "{8B4B43C6-1A74-4138-8395-8C4AAE5C6E87}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | "{916293D9-88A2-4BCB-81D0-38CB18181C34}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{9326F91E-79A3-4128-82B6-004F0D3E57BF}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | "{9FF0ACE6-3723-4F82-B352-D2F9D0339405}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9FF82AE5-D4EC-4C66-8207-B0648E7A3DFF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | "{A08CED25-0457-409F-9FB2-986E13E00B9F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | "{A6D8645E-9517-4A10-832A-CD1D2F30229E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe | "{A8CDEAF4-EB09-4445-8CFE-B4F6970C0596}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{AF6C0976-C5AD-401E-9506-A3A45CC478F0}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | "{B1EF431A-4E24-455A-9B6E-C9F13FC8A015}" = protocol=6 | dir=in | app=f:\spiele\universe at war\uawea.exe | "{B358C100-95EC-485C-9B17-98098FEA11BF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{B82514D6-69B0-4CD0-9520-08BFBAA42A64}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe | "{B9AC24FD-B783-43EC-AD87-464A499BF3DA}" = dir=in | app=c:\program files\itunes\itunes.exe | "{BA22C00B-E1C4-46DF-8DB6-B6D1FFC89A2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{BB76B189-3087-438F-B2C9-EFAB644C962C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BC3E64A6-F0DC-48CA-902D-AB20D9883A6A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{C0ED13F6-741F-4F5F-970C-7709540578B2}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{C212961E-0A80-46AE-968C-B15276A5FF4B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{C562B5D8-0F4D-4356-822D-4ACCBABDAAC4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | "{CDAAA636-8FBC-4F0F-8FA9-BA29D0935D36}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | "{CDBD974D-DA10-44FE-831A-026AFC4231BB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | "{D0158745-F657-4F9C-B2BF-0EA277DE4A31}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{D01A1D51-D1F1-4E1F-BC42-BD5FD1E315EC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{D26C5154-52DC-4764-810B-442FB5F4BCAA}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | "{D3B21FEB-0908-4F33-B55E-CB953B48678A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | "{D4C21760-2F30-4A33-BA4A-C3F8F186CB27}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{D69AD45E-95EA-474D-AD73-9838823F8AE9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{D8B36198-6968-44A8-A722-68ABDF183DAA}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{E60C8723-082A-4590-A0D9-515BF2B41ADA}" = protocol=6 | dir=in | app=f:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe | "{E780DC0B-2841-424B-99DE-C9ABC6F7C68F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{EE1CD8DF-8693-47FA-8B4F-08690353BD08}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{F31212ED-040B-45A8-AA40-D73DCD7164F2}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{FC8F68CB-D787-416A-9AF0-B741DDE2D277}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{FCB172F2-487C-4CAD-9158-4ABA8435870F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{FDCEEDEE-C275-485D-9E51-8A9C4989E3E7}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{FF3C8982-0CBA-47B6-8C32-4B8F3A40FE17}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{FFF476B2-1ACE-4E63-B32B-70A8BF57D94C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "TCP Query User{3E2CD3AC-4C19-497C-80F1-DBD9A30D10F5}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | "UDP Query User{CB69DFA9-4788-4A01-B70E-B47A0326A244}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{06D616BB-D397-6BCF-DEAD-DBEAD9AA69C1}" = CCC Help Russian "{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard "{17DC6852-9048-393B-1A89-203B36675653}" = CCC Help German "{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min "{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 "{1EC58056-481C-B7C8-A105-5C77BF3EAA16}" = CCC Help Swedish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1" = Pulover's Macro Creator Version 4.1.1 "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33 "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51 "{28D30BC0-EE51-8C94-80B3-04BE1A26B088}" = CCC Help Turkish "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{29546C4F-DB1C-0033-8DB4-65CED0CE571B}" = ccc-utility "{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd "{2F46EDE0-BA53-0AC8-45D4-B0C674BBDCB7}" = AMD VISION Engine Control Center "{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status "{368E4EF8-E840-40EE-A224-50B8D1DC2B12}" = HTC Sync Manager "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{44E46185-638A-4F84-C902-74ACF30932A7}" = CCC Help Spanish "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB43DE0-CF91-C9D5-3F6C-A869CC44D742}" = CCC Help Czech "{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5 "{528E82EA-A194-4A9D-371E-59BACC7D7DE4}" = CCC Help Dutch "{538FB3F5-22D6-A671-4396-1426582E332A}" = Catalyst Control Center Localization All "{53920718-25F0-CBA8-D694-BDC793C2B219}" = CCC Help Chinese Traditional "{540C5568-983A-B7BC-3005-C42736DA00AB}" = CCC Help English "{56206A74-F8C4-7705-DE77-315A0ADCB41F}" = CCC Help Japanese "{57E0E3A9-F4EF-1540-CADA-EB5E33B3B922}" = CCC Help Korean "{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter "{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3 "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6E65E954-8C25-797C-5382-B9B83F262105}" = Catalyst Control Center InstallProxy "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold "{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77091BC5-B357-166C-CFDF-2AC2C72ED29E}" = CCC Help Italian "{781B7F3D-8107-4049-80C0-16FF46420184}" = XSplit Broadcaster "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{902DBBC3-CCF2-E030-CDBA-55F4024C7813}" = CCC Help Finnish "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D104AC8-D050-9D64-8E8E-04CF56C98A43}" = CCC Help Portuguese "{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™ "{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600 "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5F6F320-2542-333D-AC13-4B66078257C5}" = CCC Help French "{A7315BB6-3CA7-F270-D1CD-BC6A6BEFDB55}" = AMD Fuel "{A7E3C9FE-A5CE-B00A-49F8-64BC03B6ABF8}" = Catalyst Control Center Graphics Previews Common "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA5AD5C2-2C06-F079-493F-5497B6070A31}" = CCC Help Polish "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE "{B52E8E66-2ADD-879C-D86B-4330BAE08A1C}" = AMD Catalyst Install Manager "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C3592426-531E-4110-911D-BFECE2CE284C}" = osu! "{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00 "{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion "{C6B51FD8-942C-45FE-9704-19B687372691}" = Auto Clicker - Image Recognizer "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE4FAE68-434C-BA43-8B9A-DA215B220479}" = CCC Help Thai "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault "{D4737341-1524-6784-8AC1-F79DC79B96CB}" = CCC Help Chinese Standard "{D910F446-B7A0-F472-1B89-A9085F4AFFBD}" = CCC Help Norwegian "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{E288EA43-3A9B-BEAB-8147-11BE15709D42}" = CCC Help Hungarian "{E2A067AA-D675-5AB0-E1B5-3E701ED8DE5C}" = CCC Help Danish "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E344FE06-DB6C-452A-86B6-37440C7C05F3}" = Smart Technology Programming Software 7.0.24.8 "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 "{EBBE64F6-7E23-5857-891F-045560AECC7F}" = Application Profiles "{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0 "{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}" = Sins of a Solar Empire "{F08A6ECB-A8F2-D822-24CE-307AF4AFE64F}" = CCC Help Greek "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}" = RuneScape Launcher 1.2.3 "{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "1ClickDownload" = HDVidCodec "3D Model Viewer 0.3.5.4" = 3D Model Viewer 0.3.5.4 "AceSpeeder" = AceSpeeder "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "Age of Mythology 1.0" = Age of Mythology "Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion "ArtMoney SE_is1" = ArtMoney SE v7.39.1 "CCleaner" = CCleaner "Counter-Strike 1.6" = Counter-Strike 1.6 "DAEMON Tools Lite" = DAEMON Tools Lite "Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis "ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09] "Foxit Reader_is1" = Foxit Reader "Game Booster_is1" = Game Booster 3 "GIMP-2_is1" = GIMP 2.8.0 "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "HyperCam 3" = HyperCam 3 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager "InstallShield_{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "LogMeIn Hamachi" = LogMeIn Hamachi "LOLReplay" = LOLReplay "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de) "Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0) "MozillaMaintenanceService" = Mozilla Maintenance Service "Origin" = Origin "Pack 500 track" = Pack 500 track "Recuva" = Recuva "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Shop for HP Supplies" = Shop for HP Supplies "Sins of a Solar Empire" = Sins of a Solar Empire "SMAC 2.0" = SMAC 2.0 "Spotydl_is1" = Spotydl 0.9.26.0 "StarCraft II" = StarCraft II "Steam App 220440" = DmC Devil May Cry "Steam App 221380" = Age of Empires II: HD Edition "Steam App 248630" = Kingdoms Rise "Steam App 35720" = Trine 2 "Steam App 50650" = Darksiders II "Steam App 72850" = The Elder Scrolls V: Skyrim "TeamSpeak 3 Client" = TeamSpeak 3 Client "The Elder Scrolls Online Beta_is1" = The Elder Scrolls Online Beta "TmUnitedForever_is1" = TmUnitedForever "Totalcmd" = Total Commander (Remove or Repair) "UDK-261d094a-7ad9-4306-81e5-0d12cb590323" = Unreal Development Kit: 2012-10 "UDK-a8af7147-fac0-4043-8b76-70b2384cb2e2" = Unreal Development Kit: 2012-10 "UVMapper Professional Demo_is1" = UVMapper Professional Demo 3.6c "WinRAR archiver" = WinRAR 4.01 (32-Bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12.07.2013 08:54:34 | Computer Name = Alex-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\newdev.dll". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 12.07.2013 09:24:36 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:24:38 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:24:39 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:24:39 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:24:40 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:27:58 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:27:59 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500 Description = Error - 12.07.2013 09:38:19 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11935 Description = Error - 12.07.2013 11:18:48 | Computer Name = Alex-PC | Source = .NET Runtime Optimization Service | ID = 1111 Description = [ System Events ] Error - 04.02.2014 16:04:59 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7026 Description = Error - 04.02.2014 16:07:29 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009 Description = Error - 04.02.2014 16:07:29 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7000 Description = Error - 04.02.2014 16:08:22 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009 Description = Error - 04.02.2014 16:08:22 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7000 Description = Error - 05.02.2014 13:04:29 | Computer Name = Alex-PC | Source = HTTP | ID = 15016 Description = Error - 05.02.2014 13:05:58 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7026 Description = Error - 05.02.2014 13:06:36 | Computer Name = Alex-PC | Source = DCOM | ID = 10010 Description = Error - 05.02.2014 13:07:34 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009 Description = Error - 09.02.2014 05:50:08 | Computer Name = Alex-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 05.02.2014 um 18:23:11 unerwartet heruntergefahren. < End of report > Danke für die schnelle Antwort! |
27.02.2014, 09:14 | #4 |
/// the machine /// TB-Ausbilder | Win Vista Weißer Bildschirm Ich sehe du kannst im Safe Mode arbeiten, dann machen wir das jetzt anders: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Win Vista Weißer Bildschirm |
bereits, bildschirm, compu, computer, erstelle, fix, forum, gestern, kleines, leute, nichts, schnell, schonmal, starte, super, troja, trojaner, vista, wahrscheinlich, weiße, weißer, weißer bildschirm, win, win vista, übers, zwischen |