Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
IE öffnet sich ständig

IE öffnet sich ständig


Log-Analyse und Auswertung: IE öffnet sich ständig

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.04.2010, 18:38   #1
Muetze_V
 
IE öffnet sich ständig - Icon34

IE öffnet sich ständig


So hi Leute,

Ich habe seit gestern das Problem das sich mein Internet Explorer ständig ohne Vorwarnung öffnet. Ich habe auch schon gegoogelt und nix gefunden (nur das bei manchen das selbe Problem auftritt aber immer ne andere Lösung da war)

Zu meinem OS ich habe Windows7 ne 64 Bit Version

Hier ma mein Logfile:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 19:26:18, on 18.04.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\LiveZilla\LiveZilla.exe
C:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe
C:\Windows\Hlenea.exe
C:\Program Files (x86)\TuneUp Utilities 2010\Shredder.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\MARCEL~1\AppData\Local\Temp\Hrd.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files (x86)\LiveZilla\LiveZilla.exe" -minimize
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW
O4 - HKCU\..\Run: [YVIBBBHA8C] C:\Users\MARCEL~1\AppData\Local\Temp\Hrd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9127 bytes


Wäre cool wenn mir jemand helfen kann.

MfG Muetze_V

Alt 18.04.2010, 18:41   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE öffnet sich ständig - Standard

IE öffnet sich ständig


Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 18.04.2010, 20:47   #3
Muetze_V
 
IE öffnet sich ständig - Standard

IE öffnet sich ständig


Danke für die schnelle Hilfe hier die log datei von malwarebytes:

Malwarebytes' Anti-Malware 1.45
Malwarebytes

Datenbank Version: 4005

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.04.2010 21:36:35
mbam-log-2010-04-18 (21-36-35).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|R:\|)
Durchsuchte Objekte: 416160
Laufzeit: 1 Stunde(n), 21 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 10

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
D:\WINDOWS\system32\oobe\AntiWPA_Crypt.dll (Hacktool) -> No action taken.
F:\Downloads\Austausch\Sonstiges\criptload\ocr\filer.net\ocr_by_spider_b\Version4.exe (Trojan.Downloader) -> No action taken.
F:\Downloads\Austausch\Sonstiges\criptload\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> No action taken.
F:\Downloads\Austausch\Sonstiges\criptload\ocr\rapidshare.com\asmCaptcha\test.exe (Malware.Packer) -> No action taken.
R:\Programme\Tune up\Tuneup 2010\keygen.exe (Trojan.Agent.CK) -> No action taken.
R:\Spiele\Game Keys\Keys.exe (Trojan.Orsam) -> No action taken.
C:\Users\Marcel Huth\AppData\Local\Temp\Hrd.exe (Trojan.FakeAlert) -> No action taken.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

Und hier von OTL:

OTL logfile created on: 18.04.2010 21:43:26 - Run 2
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\Marcel Huth\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 33,23 Gb Free Space | 34,03% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 25,13 Gb Free Space | 51,47% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 96,47 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive F: | 118,16 Gb Total Space | 62,00 Gb Free Space | 52,47% Space Free | Partition Type: NTFS
Drive G: | 293,94 Gb Total Space | 251,11 Gb Free Space | 85,43% Space Free | Partition Type: NTFS
Drive H: | 79,94 Gb Total Space | 77,62 Gb Free Space | 97,10% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive R: | 465,76 Gb Total Space | 162,88 Gb Free Space | 34,97% Space Free | Partition Type: NTFS

Computer Name: IXODITA
Current User Name: Marcel Huth
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Marcel Huth\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Marcel Huth\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Xfire\xfire_toucan_42127.dll (Xfire Inc.)
MOD - C:\Windows\SysWOW64\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Logitech\SetPoint\x86\GameHook.dll (Logitech, Inc.)
MOD - C:\Program Files\Logitech\SetPoint\x86\lgscroll.dll (Logitech, Inc.)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (L8042mou) -- C:\Windows\SysNative\drivers\L8042mou.Sys (Logitech, Inc.)
DRV:64bit: - (LMouKE) -- C:\Windows\SysNative\drivers\LMouKE.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\SysNative\drivers\s116bus.sys (MCCI Corporation)
DRV - (CSC) -- C:\Windows\CSC [2010.03.14 20:28:00 | 000,000,000 | ---D | M]
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 B3 AB DC 89 D7 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://anonymouse.ws/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.05 11:07:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.05 11:07:47 | 000,000,000 | ---D | M]

[2010.03.14 20:46:13 | 000,000,000 | ---D | M] -- C:\Users\Marcel Huth\AppData\Roaming\mozilla\Extensions
[2010.04.18 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Marcel Huth\AppData\Roaming\mozilla\Firefox\Profiles\iiingmxr.default\extensions
[2010.04.18 02:50:09 | 000,000,000 | ---D | M] -- C:\Users\Marcel Huth\AppData\Roaming\mozilla\Firefox\Profiles\iiingmxr.default\extensions\radiobar@toolbar
[2010.03.14 20:46:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EPSON Stylus DX4800 Series] C:\Windows\SysNative\spool\DRIVERS\x64\3\E_FATIADE.EXE (SEIKO EPSON CORPORATION)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LiveZilla] C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Marcel Huth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.17 15:16:24 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3d096fcf-2f97-11df-955e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3d096fcf-2f97-11df-955e-806e6f6e6963}\Shell\AutoRun\command - "" = I:\LGInstaller.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.04.18 20:16:46 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Marcel Huth\Desktop\OTL.exe
[2010.04.18 20:13:44 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\AppData\Roaming\Malwarebytes
[2010.04.18 20:13:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.18 20:12:58 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.18 20:12:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.18 20:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.18 19:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrendMicro
[2010.04.18 03:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Abacus
[2010.04.18 01:00:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wings of POWER II
[2010.04.17 23:04:54 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\Documents\Flight Simulator X Files
[2010.04.17 22:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.04.17 22:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010.04.17 18:13:20 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\AppData\Local\FT_Software
[2010.04.17 18:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Florian Thurnwald
[2010.04.15 17:02:36 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\Documents\German Truck Simulator
[2010.04.14 15:05:27 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\Documents\TmForever
[2010.04.14 15:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TmForever
[2010.04.14 12:18:33 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.14 12:18:33 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 12:18:32 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.14 12:18:32 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.14 12:18:32 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.14 12:18:28 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 12:18:28 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 12:18:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 12:18:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.13 01:22:25 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\AppData\Roaming\dvdcss
[2010.04.10 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZModeler 2.2.2
[2010.04.10 01:29:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.08 20:57:17 | 002,271,152 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.Unicode.v12.1.1.ocx
[2010.04.08 20:57:17 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2010.04.08 20:57:17 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2010.04.08 20:57:17 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswinsck.ocx
[2010.04.08 20:57:15 | 001,779,632 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.v12.1.1.ocx
[2010.04.08 20:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoD RconTool
[2010.04.08 18:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{AE01F120-F4D3-4BE7-B93B-5D4404416C1E}
[2010.04.08 18:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveZilla
[2010.04.05 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\AppData\Local\TechSmith
[2010.04.05 11:20:14 | 000,000,000 | ---D | C] -- C:\Users\Marcel Huth\Documents\Camtasia Studio

========== Files - Modified Within 14 Days ==========

[2010.04.18 21:44:51 | 000,018,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.18 21:44:51 | 000,018,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.18 21:42:46 | 002,359,296 | -HS- | M] () -- C:\Users\Marcel Huth\NTUSER.DAT
[2010.04.18 21:39:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.18 21:39:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.18 21:39:38 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.18 21:38:10 | 004,399,241 | -H-- | M] () -- C:\Users\Marcel Huth\AppData\Local\IconCache.db
[2010.04.18 21:04:55 | 000,313,723 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\lang genug.jpg
[2010.04.18 21:02:07 | 000,077,122 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\schlagring.jpg
[2010.04.18 20:27:55 | 000,034,980 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\schlagring-g1.jpg
[2010.04.18 20:23:02 | 000,225,439 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\radmuterkapen.jpg
[2010.04.18 20:16:50 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Marcel Huth\Desktop\OTL.exe
[2010.04.18 20:13:03 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.18 19:26:00 | 000,003,001 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\HiJackThis.lnk
[2010.04.18 19:03:58 | 000,298,266 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\l.jpg
[2010.04.18 19:03:14 | 000,586,147 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\gts_00079.png
[2010.04.18 18:41:58 | 000,077,573 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\Muetze.jpg
[2010.04.18 17:53:20 | 001,038,334 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\Unbenannt.bmp
[2010.04.18 16:28:30 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.18 16:28:30 | 000,644,978 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.04.18 16:28:30 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.18 16:28:30 | 000,126,866 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.04.18 16:28:30 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.18 16:24:16 | 000,425,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.18 05:03:21 | 000,163,328 | ---- | M] () -- C:\Windows\Hlenea.exe
[2010.04.18 01:04:21 | 000,112,024 | ---- | M] () -- C:\Users\Marcel Huth\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.17 18:11:06 | 000,002,560 | ---- | M] () -- C:\Users\Public\Desktop\FT Tourengenerator.net 4.3 DDA Fahrer-Version starten.lnk
[2010.04.15 23:34:38 | 000,215,160 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.15 23:34:38 | 000,215,160 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.15 19:08:22 | 275,407,948 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\lkw Dennis.rar
[2010.04.15 17:23:37 | 022,810,574 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\LKW Dennis.z3d
[2010.04.15 16:39:24 | 000,033,970 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\CoD4-MP_Rank55_1-3.zip
[2010.04.14 15:59:01 | 000,786,486 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\mochican.bmp
[2010.04.14 12:35:40 | 000,012,862 | ---- | M] () -- C:\Windows\EPISMG00.SWB
[2010.04.12 20:29:46 | 013,359,969 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\denniss.rar
[2010.04.10 19:21:33 | 006,069,085 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\Build_964.rar
[2010.04.08 20:57:19 | 000,001,947 | ---- | M] () -- C:\Users\Marcel Huth\Desktop\CoD RconTool.lnk
[2010.04.05 11:23:16 | 000,003,584 | ---- | M] () -- C:\Users\Marcel Huth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2010.04.18 21:04:48 | 000,313,723 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\lang genug.jpg
[2010.04.18 21:02:06 | 000,077,122 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\schlagring.jpg
[2010.04.18 20:27:54 | 000,034,980 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\schlagring-g1.jpg
[2010.04.18 20:22:59 | 000,225,439 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\radmuterkapen.jpg
[2010.04.18 20:13:03 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.18 19:26:00 | 000,003,001 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\HiJackThis.lnk
[2010.04.18 19:16:29 | 022,810,574 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\LKW Dennis.z3d
[2010.04.18 19:03:49 | 000,298,266 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\l.jpg
[2010.04.18 19:02:59 | 000,586,147 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\gts_00079.png
[2010.04.18 18:41:58 | 000,077,573 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\Muetze.jpg
[2010.04.18 17:53:20 | 001,038,334 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\Unbenannt.bmp
[2010.04.18 05:03:25 | 000,163,328 | ---- | C] () -- C:\Windows\Hlenea.exe
[2010.04.17 18:11:06 | 000,002,560 | ---- | C] () -- C:\Users\Public\Desktop\FT Tourengenerator.net 4.3 DDA Fahrer-Version starten.lnk
[2010.04.15 18:19:15 | 275,407,948 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\lkw Dennis.rar
[2010.04.15 16:39:22 | 000,033,970 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\CoD4-MP_Rank55_1-3.zip
[2010.04.14 15:57:28 | 000,786,486 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\mochican.bmp
[2010.04.14 15:55:57 | 000,167,118 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\mohawk.dff
[2010.04.14 12:34:00 | 000,012,862 | ---- | C] () -- C:\Windows\EPISMG00.SWB
[2010.04.12 20:27:36 | 013,359,969 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\denniss.rar
[2010.04.10 19:19:25 | 006,069,085 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\Build_964.rar
[2010.04.08 20:57:19 | 000,001,947 | ---- | C] () -- C:\Users\Marcel Huth\Desktop\CoD RconTool.lnk
[2010.04.05 11:23:16 | 000,003,584 | ---- | C] () -- C:\Users\Marcel Huth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 06:41:32 | 000,000,000 | ---- | C] () -- C:\Users\Marcel Huth\Sti_Trace.log
[2010.03.26 21:00:50 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.03.24 00:52:57 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.03.15 22:35:48 | 000,000,310 | ---- | C] () -- C:\Windows\game.ini
[2010.03.15 05:29:02 | 001,497,064 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.14 23:03:22 | 000,000,760 | ---- | C] () -- C:\Users\Marcel Huth\AppData\Roaming\setup_ldm.iss
[2010.03.14 22:48:09 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.03.14 20:39:48 | 002,359,296 | -HS- | C] () -- C:\Users\Marcel Huth\NTUSER.DAT
[2010.03.14 20:39:48 | 000,524,288 | -HS- | C] () -- C:\Users\Marcel Huth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.14 20:39:48 | 000,524,288 | -HS- | C] () -- C:\Users\Marcel Huth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.14 20:39:48 | 000,262,144 | -HS- | C] () -- C:\Users\Marcel Huth\ntuser.dat.LOG1
[2010.03.14 20:39:48 | 000,065,536 | -HS- | C] () -- C:\Users\Marcel Huth\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.14 20:39:48 | 000,000,020 | -HS- | C] () -- C:\Users\Marcel Huth\ntuser.ini
[2010.03.14 20:39:48 | 000,000,000 | -HS- | C] () -- C:\Users\Marcel Huth\ntuser.dat.LOG2
[2009.10.31 03:56:44 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.16 12:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.05.29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
< End of report >


und der zweite:

OTL Extras logfile created on: 18.04.2010 21:43:27 - Run 2
OTL by OldTimer - Version 3.2.1.2 Folder = C:\Users\Marcel Huth\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 33,23 Gb Free Space | 34,03% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 25,13 Gb Free Space | 51,47% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 96,47 Gb Free Space | 32,93% Space Free | Partition Type: NTFS
Drive F: | 118,16 Gb Total Space | 62,00 Gb Free Space | 52,47% Space Free | Partition Type: NTFS
Drive G: | 293,94 Gb Total Space | 251,11 Gb Free Space | 85,43% Space Free | Partition Type: NTFS
Drive H: | 79,94 Gb Total Space | 77,62 Gb Free Space | 97,10% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive R: | 465,76 Gb Total Space | 162,88 Gb Free Space | 34,97% Space Free | Partition Type: NTFS

Computer Name: IXODITA
Current User Name: Marcel Huth
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29CB3A0C-8980-45B6-95A0-B1118B776C5A}" = Fly The Airbus A380 v2 for FSX
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{45854A38-F4B0-4434-BB40-A8ED6FDDEEC9}" =
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{993960EE-CA4D-443F-8F88-E24260DD5FD2}" = LG PC Suite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF5A6EE-AF06-4DBD-9DEB-E288A2EE31A1}" = LevelR
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{acfb7c52-b925-49c8-bdc9-b31e64b50337}" = Nero 9 Trial
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD634388-6F95-400A-8E3C-C8D672D06503}" = PowerTeacher DeLuxe - DEMO
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin'
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter Professional_is1" = Any Video Converter Professional 2.7.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CoD RconTool" = CoD RconTool
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"Fahr-Simulator 2009_is1" = Fahr-Simulator 2009
"FTTournet43DDAFahrer_is1" = FT Tourengenerator.net 4.3 DDA
"German Truck Simulator" = German Truck Simulator 1.00
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LiveZilla" = LiveZilla
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PunkBusterSvc" = PunkBuster Services
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.0.5
"Wings of POWER II: B17" = Wings of POWER II: B17
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"ZModeler ver 2.2.2 (Build 964)_is1" = ZModeler ver 2.2.2 (Build 964)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.04.2010 09:28:26 | Computer Name = Ixodita | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 15.04.2010 13:38:04 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000f5653 ID des fehlerhaften Prozesses:
0xdc8 Startzeit der fehlerhaften Anwendung: 0x01cadcc261f29758 Pfad der fehlerhaften
Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Pfad des fehlerhaften
Moduls: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Berichtskennung:
a4cf9ff8-48b5-11df-af6b-001966bc88aa

Error - 15.04.2010 13:39:17 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000f5653 ID des fehlerhaften Prozesses:
0xbe0 Startzeit der fehlerhaften Anwendung: 0x01cadcc28db68278 Pfad der fehlerhaften
Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Pfad des fehlerhaften
Moduls: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Berichtskennung:
d085cf78-48b5-11df-af6b-001966bc88aa

Error - 15.04.2010 13:51:37 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000acb94 ID des fehlerhaften Prozesses:
0x11d0 Startzeit der fehlerhaften Anwendung: 0x01cadcc4025ac7c8 Pfad der fehlerhaften
Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Pfad des fehlerhaften
Moduls: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Berichtskennung:
896f3168-48b7-11df-af6b-001966bc88aa

Error - 15.04.2010 13:54:27 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000acb94 ID des fehlerhaften Prozesses:
0x73c Startzeit der fehlerhaften Anwendung: 0x01cadcc4794a7928 Pfad der fehlerhaften
Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Pfad des fehlerhaften
Moduls: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Berichtskennung:
eeb47c68-48b7-11df-af6b-001966bc88aa

Error - 15.04.2010 16:43:41 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xc0000025 Fehleroffset: 0x0000b727 ID des fehlerhaften
Prozesses: 0x1200 Startzeit der fehlerhaften Anwendung: 0x01cadcdc4d5f0870 Pfad der
fehlerhaften Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 930f0730-48cf-11df-af6b-001966bc88aa

Error - 15.04.2010 18:18:29 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xc0000025 Fehleroffset: 0x0000b727 ID des fehlerhaften
Prozesses: 0x5f8 Startzeit der fehlerhaften Anwendung: 0x01cadce984fbd42c Pfad der
fehlerhaften Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: d16b1e6c-48dc-11df-af6b-001966bc88aa

Error - 15.04.2010 18:21:31 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xc0000025 Fehleroffset: 0x0000b727 ID des fehlerhaften
Prozesses: 0x1158 Startzeit der fehlerhaften Anwendung: 0x01cadce9f83b00ac Pfad der
fehlerhaften Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 3dc4d9cc-48dd-11df-af6b-001966bc88aa

Error - 17.04.2010 15:59:17 | Computer Name = Ixodita | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Name des fehlerhaften Moduls: game.exe, Version: 1.0.0.0, Zeitstempel:
0x4b254cf5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00187e1e ID des fehlerhaften Prozesses:
0x4ec Startzeit der fehlerhaften Anwendung: 0x01cade685f4f8360 Pfad der fehlerhaften
Anwendung: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Pfad des fehlerhaften
Moduls: G:\Programme\German Truck Simulator\bin\win_x86\game.exe Berichtskennung:
b42671f0-4a5b-11df-8f50-001966bc88aa

Error - 17.04.2010 16:07:23 | Computer Name = Ixodita | Source = MsiInstaller | ID = 1013
Description =

[ System Events ]
Error - 02.04.2010 09:01:00 | Computer Name = Ixodita | Source = bowser | ID = 8003
Description =

Error - 05.04.2010 04:32:36 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 07.04.2010 08:59:22 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 08.04.2010 08:46:49 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 09.04.2010 15:29:39 | Computer Name = Ixodita | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 10.04.2010 11:48:19 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 13.04.2010 10:06:23 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 14.04.2010 06:14:17 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.

Error - 15.04.2010 10:47:37 | Computer Name = Ixodita | Source = bowser | ID = 8003
Description =

Error - 16.04.2010 08:42:23 | Computer Name = Ixodita | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.


< End of report >
__________________
Alt 19.04.2010, 10:24   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE öffnet sich ständig - Standard

IE öffnet sich ständig


Zitat:
R:\Programme\Tune up\Tuneup 2010\keygen.exe
Herzlichen Glückwunsch, Du hast ein format c: gewonnen!!


Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu IE öffnet sich ständig
adobe, antivir, antivir guard, avg, avira, bho, browser, desktop, explorer, firefox, hijack, hijackthis, ie öffnet sich ständig, internet, internet explorer, local\temp, logfile, mozilla, nvidia, problem, rundll, senden, software, syswow64, teamspeak, temp, vdeck.exe, windows, öffnet


« HP Notebook schaltet sich ab | HEUR/Crypted legt PC lahm »


Ähnliche Themen: IE öffnet sich ständig


  1. Ad.adserverplus.com öffnet sich ständig
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (8)
  2. Browser öffnet sich ständig
    Log-Analyse und Auswertung - 25.06.2012 (1)
  3. I-net Exploer öffnet sich ständig
    Log-Analyse und Auswertung - 19.05.2011 (23)
  4. iexplorer öffnet sich ständig im Hintergrund
    Log-Analyse und Auswertung - 08.03.2011 (21)
  5. IE Werbung öffnet sich ständig
    Log-Analyse und Auswertung - 10.06.2010 (19)
  6. IE öffnet sich ständig
    Log-Analyse und Auswertung - 15.04.2010 (1)
  7. IE öffnet sich ständig von alleine
    Plagegeister aller Art und deren Bekämpfung - 11.02.2009 (3)
  8. PC langsam und Pop up öffnet sich ständig
    Log-Analyse und Auswertung - 13.12.2008 (1)
  9. IE öffnet sich ständig
    Plagegeister aller Art und deren Bekämpfung - 18.06.2008 (1)
  10. IE öffnet sich ständig von allein!!!
    Log-Analyse und Auswertung - 06.06.2008 (19)
  11. Browser öffnet sich mit werbung ständig!
    Log-Analyse und Auswertung - 20.02.2008 (5)
  12. iexplorer öffnet sich ständig
    Log-Analyse und Auswertung - 26.12.2007 (3)
  13. Browser öffnet sich ständig!
    Log-Analyse und Auswertung - 18.09.2006 (1)
  14. adultfinder öffnet sich ständig !
    Log-Analyse und Auswertung - 12.12.2005 (1)
  15. Trojaner??? IE öffnet sich ständig
    Log-Analyse und Auswertung - 23.04.2005 (1)
  16. Ständig öffnet sich IE - Fenster
    Plagegeister aller Art und deren Bekämpfung - 03.03.2005 (7)
  17. Hilfefenster öffnet sich ständig
    Plagegeister aller Art und deren Bekämpfung - 30.04.2004 (19)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema IE öffnet sich ständig - So hi Leute, Ich habe seit gestern das Problem das sich mein Internet Explorer ständig ohne Vorwarnung öffnet. Ich habe auch schon gegoogelt und nix gefunden (nur das bei manchen - IE öffnet sich ständig...
Archiv
Du betrachtest: IE öffnet sich ständig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131