| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet Explorer öffnet sich von selber mit WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.07.2010, 22:48
| #1 |
 |  Internet Explorer öffnet sich von selber mit Werbung Hallo erstmal^^ Und zwar habe ich folgendes Problem, dass sich der Internet Explorer (den ich eigentlich gar nicht benutze) sich mit Werbung öffnet. Ich habe schon mal google gefragt und in Erfahrung gebracht, dass es sich hierbei wahrscheinlich um einen Trojaner handelt. Hier ist die Logfile HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:45:00, on 08.07.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE D:\Program Files\SetPoint\SetPointP\SetPoint.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe D:\Program Files\Skype\Phone\Skype.exe D:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\conime.exe C:\Users\***\AppData\Local\Temp\loader.exe C:\Users\***\AppData\Local\Temp\smss.exe D:\program files\Mozilla Firefox\firefox.exe D:\program files\Mozilla Firefox\plugin-container.exe C:\Users\***\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Photoshop\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Photoshop\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll O4 - HKLM\..\Run: [EvtMgr6] D:\Program Files\SetPoint\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: Stardock ObjectDock.lnk = D:\Program Files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\Icq\ICQ7.1\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\Icq\ICQ7.1\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: O&O Defrag - O&O Software GmbH - D:\Program Files\OO Software\Defrag\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 6471 bytes Ich hoffe Ihr könnt mir helfen, ich bedanke mich schon einmal im Vorraus  |
|
09.07.2010, 11:49
| #2 |
| /// Malware-holic   | Internet Explorer öffnet sich von selber mit Werbung nutzt du kein antivirus programm?
__________________download malwarebytes: Malwarebytes instalieren, registerkarte aktualisierung, programm updaten. dann schalte alle laufenden programme ab, trenne die internetverbindung, in dem du wlan abschaltest, bzw das netzwerkkabel ziehst. öffne malwarebytes, registerkarte scanner, komplett scan, nicht am pc arbeiten, funde löschen, log nach aktivirung des internets posten. ootl: Systemscan mit OTL download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt poste beide. |
|
09.07.2010, 15:13
| #3 |
| | Internet Explorer öffnet sich von selber mit Werbung Hallo Markus
__________________Erstmal ein Danke für deine schnelle Antwort. Ich benutze Norton Antivirus. Ich wurde auch vor der Datei gewarnt, aber bin das Risiko eingegangen - mit diesem Ergebnis  Ich habe gestern noch einen kompletten Suchlauf mit Norton gemacht und 2 Objekte gefunden und entfernt. Seit dem hat sich der IE nicht mehr geöffnet, aber das heißt ja nicht, das der Trojaner weg ist... Hier ist die Malware Datei Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4295 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 09.07.2010 15:38:07 mbam-log-2010-07-09 (15-38-07).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 317996 Laufzeit: 1 Stunde(n), 8 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
09.07.2010, 15:15
| #4 |
| | Internet Explorer öffnet sich von selber mit Werbung Hier ist der OTL.Txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 09.07.2010 15:49:26 - Run 1 OTL by OldTimer - Version 3.2.8.1 Folder = C:\Users\***\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 10,16 Gb Free Space | 29,71% Space Free | Partition Type: NTFS Drive D: | 197,73 Gb Total Space | 161,50 Gb Free Space | 81,68% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ***-PC Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.) PRC - D:\Program Files\SetPoint\SetPointP\SetPoint.exe (Logitech, Inc.) PRC - D:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - D:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) ========== Modules (SafeList) ========== MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\asoehook.dll (Symantec Corporation) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation) MOD - C:\Programme\Norton Internet Security\Engine\17.7.0.12\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - D:\Program Files\Stardock\ObjectDock\DockShellHook.dll () ========== Win32 Services (SafeList) ========== SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (TuneUp.Defrag) -- D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (Hamachi2Svc) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation) SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (O&O Defrag) -- D:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV - (Microsoft Office Groove Audit Service) -- D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) ========== Driver Services (SafeList) ========== DRV - (XDva289) -- C:\Windows\System32\XDva289.sys File not found DRV - (Tosrfusb) -- C:\Windows\System32\DRIVERS\tosrfusb.sys File not found DRV - (TosRfSnd) -- C:\Windows\System32\drivers\tosrfsnd.sys File not found DRV - (tosrfnds) -- C:\Windows\System32\DRIVERS\tosrfnds.sys File not found DRV - (Tosrfhid) -- C:\Windows\System32\DRIVERS\Tosrfhid.sys File not found DRV - (Tosrfcom) -- C:\Windows\System32\Drivers\tosrfcom.sys File not found DRV - (tosrfbnp) -- C:\Windows\System32\Drivers\tosrfbnp.sys File not found DRV - (tosrfbd) -- C:\Windows\System32\DRIVERS\tosrfbd.sys File not found DRV - (tosporte) -- C:\Windows\System32\DRIVERS\tosporte.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100708.049\NAVEX15.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100708.049\NAVENG.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20100708.004\IDSvix86.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20100619.001\BHDrvx86.sys (Symantec Corporation) DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek ) DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation) DRV - (TuneUpUtilitiesDrv) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation) DRV - (Cam5603D) -- C:\Windows\System32\drivers\BisonCam.sys (Bison Electronics. Inc. ) DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (O2MDRDR) -- C:\Windows\system32\DRIVERS\o2media.sys (O2Micro ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2378667236-3515236175-1363295056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2378667236-3515236175-1363295056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Amazon.de" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459 FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.7.0.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ [2010.06.12 14:12:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ [2010.06.10 13:33:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: D:\program files\Mozilla Firefox\components [2010.07.08 02:42:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: D:\program files\Mozilla Firefox\plugins [2010.06.27 21:20:41 | 000,000,000 | ---D | M] [2010.04.23 19:39:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.07.09 12:10:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\xocvytbq.default\extensions [2010.06.25 12:30:41 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\xocvytbq.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2010.04.23 20:21:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\xocvytbq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.05.01 18:42:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\xocvytbq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.06.01 16:09:56 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\xocvytbq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} O1 HOSTS File: ([2010.05.03 18:00:01 | 000,001,239 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Photoshop\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Photoshop\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-2378667236-3515236175-1363295056-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [EvtMgr6] D:\Program Files\SetPoint\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = D:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\Icq\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files\Icq\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img34.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img34.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{b8aa46f1-4efc-11df-8dea-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b8aa46f1-4efc-11df-8dea-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found O33 - MountPoints2\{b8aa46f1-4efc-11df-8dea-806e6f6e6963}\Shell\install\command - "" = F:\autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk - C:\Programme\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech) MsConfig - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - D:\Program Files\OpenOffice\OpenOffice.org 3\program\quickstart.exe - () MsConfig - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe_ID0ENQBO - hkey= - key= - C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: BisonHK - hkey= - key= - C:\Windows\BisonCam\BisonHK.exe () MsConfig - StartUpReg: BsMnt - hkey= - key= - C:\Windows\BisonCam\BsMnt.exe () MsConfig - StartUpReg: DriverMax - hkey= - key= - D:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions) MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig - StartUpReg: ICQ - hkey= - key= - D:\Program Files\Icq\ICQ7.1\ICQ.exe (ICQ, LLC.) MsConfig - StartUpReg: OODefragTray - hkey= - key= - D:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH) MsConfig - StartUpReg: Pando Media Booster - hkey= - key= - C:\Programme\Pando Networks\Media Booster\PMB.exe () MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= - File not found MsConfig - State: "startup" - 2 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 60 Days ========== [2010.07.09 14:27:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2010.07.09 14:27:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.09 14:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.09 14:27:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.08 17:21:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.07.06 22:12:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\CrashDumps [2010.07.03 22:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue [2010.07.03 22:00:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Uniblue [2010.07.03 21:59:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\DEU [2010.07.03 21:59:10 | 000,936,472 | R--- | C] (Intel(R) Corporation) -- C:\Windows\System32\imsmudlg.exe [2010.07.03 21:59:10 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll [2010.07.03 21:59:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang [2010.07.03 21:59:10 | 000,000,000 | ---D | C] -- C:\Programme\Intel [2010.06.26 17:33:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Toshiba [2010.06.26 17:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA [2010.06.26 17:26:01 | 000,000,000 | ---D | C] -- C:\Users\***\{9c3ddbc2-6c59-4692-814b-0f24a0b8e84f} [2010.06.18 17:00:27 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll [2010.06.17 21:15:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.06.17 20:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.06.17 18:43:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google [2010.06.17 18:43:42 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.06.15 19:44:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LogMeIn Hamachi [2010.06.13 20:38:18 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Xfire [2010.06.13 20:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010.06.11 13:28:06 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\symtdiv.sys [2010.06.11 13:28:06 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\symds.sys [2010.06.11 13:28:06 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\symefa.sys [2010.06.11 13:28:05 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\srtsp.sys [2010.06.11 13:28:05 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\ironx86.sys [2010.06.11 13:28:05 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\srtspx.sys [2010.06.11 13:28:04 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1107000.00C\cchpx86.sys [2010.06.11 13:27:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS\1107000.00C [2010.06.10 13:33:19 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2010.06.10 13:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Symantec Shared [2010.06.10 13:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Symantec [2010.06.10 13:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS [2010.06.10 13:31:50 | 000,000,000 | ---D | C] -- C:\Programme\Norton Internet Security [2010.06.10 13:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010.06.10 13:15:26 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller [2010.06.10 13:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010.06.08 14:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.06.06 11:53:05 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2010.06.01 16:56:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Deployment [2010.06.01 16:56:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps [2010.05.30 21:50:17 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\iMacros [2010.05.29 08:46:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\O&O [2010.05.12 16:35:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Bump Technologies, Inc [2010.05.12 16:35:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Bump Technologies, Inc [2010.05.12 16:22:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\LolClient ========== Files - Modified Within 60 Days ========== [2010.07.09 15:50:13 | 001,485,492 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1107000.00C\Cat.DB [2010.07.09 15:48:02 | 001,572,864 | ---- | M] () -- C:\Users\***\NTUSER.DAT [2010.07.09 14:27:45 | 000,000,620 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.09 13:59:18 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.09 13:59:18 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.09 12:05:33 | 001,427,212 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.07.09 12:05:33 | 000,621,952 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.07.09 12:05:33 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.07.09 12:05:33 | 000,123,658 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.07.09 12:05:33 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.07.09 11:59:32 | 000,087,251 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.07.09 11:59:32 | 000,087,251 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.07.09 11:59:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.09 11:59:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.09 11:59:13 | 000,201,792 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2010.07.09 01:29:02 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010.07.09 01:29:02 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TM.blf [2010.07.09 01:28:34 | 003,462,914 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db [2010.07.09 00:10:11 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.06.10 13:32:59 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2010.06.10 13:32:59 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2010.06.10 13:32:59 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2010.06.06 11:53:05 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2010.05.28 02:04:46 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll [2010.05.22 14:28:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.05.14 08:32:01 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1107000.00C\isolate.ini [2010.05.10 21:12:16 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2010.05.10 16:14:02 | 001,310,720 | -HS- | M] () -- C:\Users\***\NTUSER.DAT_tureg_old [2010.05.10 16:14:01 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.05.10 16:14:01 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ========== Files Created - No Company Name ========== [2010.07.09 14:27:45 | 000,000,620 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.18 17:00:27 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010.06.12 14:00:07 | 001,485,492 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\Cat.DB [2010.06.11 13:28:06 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symefa.cat [2010.06.11 13:28:06 | 000,007,787 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symnetv.cat [2010.06.11 13:28:06 | 000,007,425 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symds.cat [2010.06.11 13:28:06 | 000,007,368 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symnet.cat [2010.06.11 13:28:06 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symefa.inf [2010.06.11 13:28:06 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symds.inf [2010.06.11 13:28:06 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symnetv.inf [2010.06.11 13:28:06 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\symnet.inf [2010.06.11 13:28:05 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\srtspx.cat [2010.06.11 13:28:05 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\srtsp.cat [2010.06.11 13:28:05 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\srtspx.inf [2010.06.11 13:28:05 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\srtsp.inf [2010.06.11 13:28:04 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\iron.cat [2010.06.11 13:28:04 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\cchpx86.cat [2010.06.11 13:28:04 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\cchpx86.inf [2010.06.11 13:28:04 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\iron.inf [2010.06.11 13:27:52 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1107000.00C\isolate.ini [2010.06.10 13:33:19 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2010.06.10 13:33:19 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2010.05.28 02:04:46 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.05.22 14:28:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.05.10 16:14:50 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2010.05.10 16:14:49 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010.05.10 16:14:49 | 000,065,536 | -HS- | C] () -- C:\Users\Malte\NTUSER.DAT{e69569cf-5c3d-11df-b178-806e6f6e6963}.TM.blf [2010.05.10 16:13:57 | 000,000,000 | -H-- | C] () -- C:\Users\***\NTUSER.DAT_tureg_new.LOG2 [2010.05.10 16:13:57 | 000,000,000 | -H-- | C] () -- C:\Users\***\NTUSER.DAT_tureg_new.LOG1 [2010.04.24 23:53:19 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.04.24 20:43:49 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.04.24 20:43:48 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.04.24 20:08:07 | 000,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini [2010.04.24 09:39:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== LOP Check ========== [2010.05.12 16:35:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bump Technologies, Inc [2010.05.03 19:59:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.06.24 01:18:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2010.04.24 10:26:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JAM Software [2010.04.23 20:53:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech [2010.05.12 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2010.04.24 12:44:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010.06.17 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.05.02 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2010.04.23 22:27:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2010.04.23 19:53:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2010.04.24 20:53:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft [2010.07.03 22:00:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Uniblue [2010.07.09 01:28:51 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.05.20 19:20:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe [2010.05.12 16:35:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bump Technologies, Inc [2010.05.03 19:59:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.07.08 01:16:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss [2010.06.24 01:18:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2010.04.23 19:36:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities [2010.04.24 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield [2010.04.24 10:26:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JAM Software [2010.04.23 20:53:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech [2010.04.23 20:51:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Logishrd [2010.04.23 20:55:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Logitech [2010.05.12 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2010.04.24 12:44:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 [2010.04.23 20:50:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia [2010.07.09 14:27:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs [2010.06.17 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.06.26 13:46:41 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft [2010.04.23 19:39:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla [2010.05.02 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2010.04.23 22:27:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2010.07.09 14:29:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype [2010.04.23 19:53:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2010.04.24 20:53:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft [2010.07.03 22:00:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Uniblue [2010.07.09 01:25:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc [2010.06.13 20:38:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Xfire < %APPDATA%\*.exe /s > [2010.04.24 11:32:28 | 000,038,784 | ---- | M] () -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2010.04.23 20:04:09 | 007,424,000 | R--- | M] (OpenOffice.org) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{192A107E-C6B9-41B9-BDBF-38E3AA226054}\soffice.exe [2010.04.23 20:53:25 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007.04.25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) MD5=5DF93509037399B53D3ECAA8A67B6C58 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\iaStor.sys [2007.04.25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) MD5=5DF93509037399B53D3ECAA8A67B6C58 -- C:\Windows\System32\drivers\iaStor.sys [2007.04.25 12:17:36 | 000,277,784 | ---- | M] (Intel Corporation) MD5=5DF93509037399B53D3ECAA8A67B6C58 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_b92fa6ec\iaStor.sys [2007.04.25 12:18:12 | 000,537,368 | ---- | M] (Intel Corporation) MD5=6E9BEDAEFA5A3F86CECF40F4963F3021 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys < MD5 for: IASTORV.SYS > [2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USERINIT.EXE > [2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2008.01.18 21:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.18 21:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.01.18 23:35:12 | 000,156,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msls31.dll [2009.04.10 23:28:24 | 000,286,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rasapi32.dll [2008.01.18 23:36:16 | 000,071,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rasman.dll [2009.04.10 23:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009.04.10 23:28:26 | 000,036,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rtutils.dll [2006.11.02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SensApi.dll [2009.04.10 23:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll [2008.01.18 23:36:38 | 000,376,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\sxs.dll [2006.11.02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\tapi32.dll < End of report > |
|
09.07.2010, 15:16
| #5 |
| | Internet Explorer öffnet sich von selber mit Werbung und hier ist der Extras.Txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.07.2010 15:49:26 - Run 1
OTL by OldTimer - Version 3.2.8.1 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 10,16 Gb Free Space | 29,71% Space Free | Partition Type: NTFS
Drive D: | 197,73 Gb Total Space | 161,50 Gb Free Space | 81,68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2378667236-3515236175-1363295056-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\program files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2378667236-3515236175-1363295056-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080D07BE-0FFE-40EC-85FD-DE8F5D38FE99}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{0A31C586-D1D7-47FA-A53F-1424A79BA3AA}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher |
"{2BBAB9AE-E202-45E9-9D3B-656E149F8296}" = lport=6966 | protocol=17 | dir=in | name=league of legends launcher |
"{4052D170-D327-4357-A484-E6739CFDFE47}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher |
"{608D46B5-ECBF-4B92-8CB6-47B1459D4942}" = lport=6966 | protocol=6 | dir=in | name=league of legends launcher |
"{623B4A8E-15C9-4C36-8A8C-44D190A53B55}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{6F8C2D48-845C-4293-A7C3-EE9E8491B29E}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{750633A4-D1C4-44BC-8030-63A6EBC2CCE3}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher |
"{75460C98-4435-4B79-92F7-BA0D2C4E6E11}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher |
"{8626E038-3D21-4520-9715-255F18899516}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{8DE03C06-DE65-4A92-930E-DE8555856FDA}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher |
"{998561C6-ADAD-4A38-AEE1-BB3FB1502239}" = lport=6960 | protocol=6 | dir=in | name=league of legends launcher |
"{9FBFF40D-0979-4A20-A850-2A12F18B6F16}" = lport=6980 | protocol=17 | dir=in | name=league of legends launcher |
"{AB18CF40-D749-4324-9511-BBD143E46F21}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{ACE99024-7457-413C-9667-DF7F1C8D4E47}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{B121DA78-AE80-480E-9B1B-973F174E0C74}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{B66BD9F6-251B-4EEE-8122-0A68D0D010EA}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{BA475913-0788-41B8-9073-59BE055369D6}" = lport=6980 | protocol=6 | dir=in | name=league of legends launcher |
"{BEC8E7F3-F37A-447F-A2F4-22D86CB6C4B9}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{D49964F4-F1E1-46DC-9641-CF5722C1C7B8}" = lport=6960 | protocol=17 | dir=in | name=league of legends launcher |
"{DECF109E-A290-4BF4-9327-87719B1BD750}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{E67AAE4B-2E7E-4002-BE12-153323B09F0B}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher |
"{F2022C52-AB16-4392-880F-3E5C9DAED6F6}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{FB58D26E-4FF0-433A-87CD-08416EEBDFF2}" = lport=6004 | protocol=17 | dir=in | app=d:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03CE59E6-AA83-4387-B55C-551D76F3EBE4}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{04617500-2632-4E99-87B8-E3F5C92C32E6}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{049A5684-6741-40B4-BB51-A4053D5B47FC}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{0AF5D510-10D7-48BC-B4A8-107853884C22}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{0B5989B2-15CF-4AF9-8414-601A786F6F14}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0B7B5105-3CCF-4D20-AAC0-81D9856591F1}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{0DD85AB9-4472-482C-A501-089BA34F9E9A}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{0E090C45-93F6-4E5F-819A-C80651AB472D}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{1503CFCD-821E-4515-A545-9F5B258D35D9}" = protocol=17 | dir=in | app=d:\program files\opera\opera.exe |
"{159C35B3-24BF-4575-9DD2-8E8242744389}" = protocol=6 | dir=in | app=d:\program files\icq\icq7.1\aolload.exe |
"{15C2140C-1323-4539-B77C-3CA2D5A97938}" = protocol=17 | dir=in | app=d:\spiele\electronic arts\die schlacht um mittelerde ii\game.dat |
"{1664A055-780A-4F33-8D8D-A8952B05F1E9}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{19DDDC64-CC71-4639-8982-5D8A76A29E7D}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{1A4F14F2-1254-447E-993E-8121BD5B680B}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{1CBE52CA-C536-4E96-8F6D-1BE98DDF4023}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{1EF6234D-6AD8-4D42-BF34-F37514C9EF0C}" = protocol=6 | dir=in | app=d:\program files\icq\icq7.1\icq.exe |
"{2565C5F3-FBF2-462A-8924-E16B22562109}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{27430BA3-A4A2-4D5B-A15B-FFA034A5F3A5}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office12\groove.exe |
"{28017243-647F-4937-A29C-7AFA96671258}" = protocol=6 | dir=in | app=d:\spiele\electronic arts\aufstieg des hexenkönigs\game.dat |
"{2C45096B-B205-4B75-84AE-A23DD50C95BB}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{2E1FA254-0986-457C-88BC-9BD86838B294}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{2E87AF76-0B62-4D12-A458-1282D4B978B5}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{30D83050-5742-4932-8600-50A1768CD914}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{34DF4C83-3D8D-43AF-9F6D-2D35F9237768}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office12\groove.exe |
"{37730869-372A-4D03-9BCA-166C77111009}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{3BAA7CFE-D10C-460F-BC5A-64ADE71D9565}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{3E2C8176-2A65-42AB-8084-F79A9C74D9CF}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{3E32E25C-4CB5-4243-8E22-E5C01BC4ED10}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{3F7E512C-36C1-44FB-B6E0-0AE50C352198}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{40173D31-C6A7-4319-BFD7-404993072638}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{464FAA86-4002-47E0-A2CC-D96E01B56E71}" = protocol=17 | dir=in | app=d:\program files\icq\icq7.1\aolload.exe |
"{4BEC30B7-3212-4C63-A836-0E8F207D3E25}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{4D42C1BE-9649-4237-9D3C-4AACFF08D108}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{5114E101-B95F-4233-8D14-B39E98BF44E7}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{53BB2AEC-41B6-4798-BC14-EB5316FF36F9}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{5713F22C-D4A5-4192-B5F7-53D0CFD455F7}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{599387C3-0A33-4059-8CC1-3A0CCA2B39FB}" = protocol=17 | dir=in | app=d:\program files\icq\icq7.1\icq.exe |
"{5A6F0DB3-EFBC-423E-A985-6047640E0DA4}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5C45DC2B-D0EB-4C98-B2B4-2C23B9025F25}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{5C978DB6-B233-4A6E-8C9E-293B90B1D728}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{62CC8849-7DB5-4043-85D1-CD53E3C92FF8}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{63EDD403-1345-4136-AB72-F3D240A63FD7}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{67CB46F0-C565-453E-9FF1-80839B6FD8DC}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{68B95CF5-0191-4468-B794-7A47549C943F}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{6A64CBF6-45AB-48E8-9233-DF428D9F57CA}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{6C161E0B-8C80-4465-8216-3F2B6D06E5D5}" = protocol=6 | dir=in | app=e:\***'s externe\zu speichernde datein\league of legends\game\league of legends.exe |
"{6E286410-9A94-429C-A756-0A0CE906F8E9}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{6E395B74-E059-4782-8BC8-558707C8AC89}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{6ED5F74B-C5E3-4EFE-9F29-8B67889EFD54}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{70B80EA8-25D2-4DAC-87FF-0A271073936A}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{731996D8-62BA-45BE-A810-6299D8A9AB0D}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{7614FFEC-6CCD-460C-8EC2-CBAF3FF9E615}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{76CD8C33-FEED-413A-8477-BF70480B93F3}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{786B529B-6487-454A-88C8-4B7499A8C27D}" = protocol=17 | dir=in | app=d:\spiele\electronic arts\aufstieg des hexenkönigs\game.dat |
"{832E8699-806B-4793-A305-BFEA02118D4B}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{861C1AAE-14D3-4522-9233-96998149D24A}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{8664CD2E-E063-4040-8D30-074AB715831A}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{871DD521-E93A-4F29-B21D-0482B276EF09}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{8813EBA6-CCFD-4B2F-9222-11E120970710}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{891F6485-DBF2-4D4A-9948-D1379EEA29AE}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{899400D8-4735-43A1-B913-989C140BF525}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{8C2B1631-D8D8-4F53-ACF6-82AE1C70692D}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{8D4C8EC3-D261-42D7-9BD7-0E0CFEFF06C4}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{94212040-6784-426A-B9B3-B646C633D2B9}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{94B5FA68-7A4F-4277-B6F8-5E778BF0F129}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{952CD775-79C0-4544-BFC3-4744FE44D848}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{97458234-AE77-41D4-A448-7A6BECD2CC01}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{9CC1A6B4-BAD6-43FA-AE81-C3F40E80136E}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{9E1BD119-C77B-497A-B5EB-81F501C61CA6}" = protocol=6 | dir=in | app=d:\spiele\electronic arts\die schlacht um mittelerde ii\game.dat |
"{9E86DBBF-096A-4AA7-B9F1-4D09F2A23C1C}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office12\onenote.exe |
"{A182E18A-2D40-4C15-AD15-F8E7127CA8CD}" = protocol=17 | dir=in | app=d:\program files\icq\icq7.1\icq.exe |
"{A223246D-21A0-4C2A-B4E3-61A2F0C0A948}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{A22EAC7B-2DA8-4C6C-9A33-063BA253A282}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{A42345A6-6145-4BD2-86E4-74B62BC38A79}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{A569C10C-5150-4856-B3DF-26A363DE63CD}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{A7C00DF4-EBBF-4CC2-B610-AC8A31A9E161}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office12\onenote.exe |
"{AA5BC99E-1B61-4F27-9449-2B6DE7BBF7A7}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{AA5CCAD3-70E8-43A5-97B3-5B291CA4388A}" = protocol=17 | dir=in | app=e:\***'s externe\zu speichernde datein\league of legends\game\league of legends.exe |
"{AB0D62FD-8A04-4E01-B21F-C03D3F24AC03}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{ACC736BB-732A-47D5-8A76-FA84ADF1C711}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{ADEAAD98-C911-4C32-BFAB-C5CFED2C1D34}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{AF870007-CABE-4DA6-979D-3ED4761F8F8A}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{B3D7319B-6893-4739-ACE5-F4845D9C3638}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{B6E2B292-AE13-4D03-86FE-415D3709A00E}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{BFAE5F77-5888-4BAD-953A-6237FFF9C460}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{C030AF9A-D4A5-4417-818A-58D9FF79D830}" = protocol=17 | dir=in | app=e:\***'s externe\zu speichernde datein\league of legends\air\lolclient.exe |
"{C29154E5-910A-42E5-B1E0-33ED5336D5A5}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{C3E5E925-F30A-401C-9D23-6573D0FA31B5}" = protocol=6 | dir=in | app=d:\program files\opera\opera.exe |
"{C48C4205-23E8-423B-AA92-F3BAE7D2DBAE}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{CBA832C6-1816-40B2-9CDB-3FA8CC179406}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{CBFD363D-781C-4FAA-A8C2-C64BA96ED5E7}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{CC152A01-1632-4D57-9457-31F511361802}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{CF673ADB-302C-4BC4-8EB5-C6D8E6E1B30A}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{D0471FF8-FFD6-41A0-AF65-A3F0E65AE095}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{D0E31FD3-8C7E-47C5-8FD6-310C5B342227}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{D242812E-C016-4C5F-B83B-473A500162CC}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{DB95D731-645A-4547-93DD-64B0870EA793}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{DEC4BE28-FB4E-4948-9035-1F3523F16FBC}" = protocol=6 | dir=in | app=e:\***'s externe\zu speichernde datein\league of legends\air\lolclient.exe |
"{DF005C31-E5C6-4747-BE57-FD381536C9AF}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{E1DBAAF5-0491-48A2-B2C5-9591370B2B32}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{E28A98FC-8114-42B9-BDBB-E71AC3A54021}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{E36AC8B4-FBCD-4D9F-B4CF-B3B754B2BF18}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{E508535C-7D83-4C5C-AE04-BC8C0DFE14F4}" = protocol=17 | dir=in | app=d:\program files\icq\icq7.1\aolload.exe |
"{E5A431B3-ABE7-467E-B681-88301B829E4E}" = protocol=6 | dir=in | app=d:\program files\icq\icq7.1\aolload.exe |
"{E5B1B52E-805C-4DEB-AFA4-E1DBC4CB516F}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{E865EEB3-A6BB-42CF-9C64-D93DEC2CF958}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{E9BDD748-CD29-4E30-BB00-6BDF3C4CD5B0}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{ED761DDF-B70C-4F5E-9A49-0893FF1546E3}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{EF13E1FF-052D-4866-8DCE-36A564F4D692}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{F124E049-9BA1-47E5-886D-5C3EDF53E3D6}" = protocol=6 | dir=in | app=d:\program files\icq\icq7.1\icq.exe |
"{F130DC0B-01F5-4284-9AE6-6E9A58DE15C2}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F6E72C1C-CA7C-4F4A-8F7D-1D5FB123D40F}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{F7DC056B-0784-45C8-9B83-0801B25450D4}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{F8573406-5926-4660-98B8-2EA8EBC04548}" = dir=in | app=d:\program files\skype\phone\skype.exe |
"{F9D11F8F-2EE7-43D1-8013-F2E5997E1A0A}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{FCE05D21-1038-42D5-B9CA-3A4C1DB391D1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{174B1500-A7AC-4480-974F-A04F84792FFF}D:\spiele\activision\iw3mp.exe" = protocol=6 | dir=in | app=d:\spiele\activision\iw3mp.exe |
"UDP Query User{9095E269-2FA0-4DC9-8B73-8B334A29411D}D:\spiele\activision\iw3mp.exe" = protocol=17 | dir=in | app=d:\spiele\activision\iw3mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7C9C4474-74D6-42F4-A6D3-C9BD5C8871D3}" = Anno 1404
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AE41BE84-761C-0F5E-451B-3D145E8A8840}" = Acrobat.com
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D75814C1-5AA5-4198-BFF6-093A226D9F0D}" = O&O Defrag Professional
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Ant Renamer 2_is1" = Ant Renamer
"CCleaner" = CCleaner
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DMX5_is1" = DriverMax 5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"HijackThis" = HijackThis 2.0.2
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"NIS" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ObjectDock" = ObjectDock
"SP6" = Logitech SetPoint 6.0
"TreeSize Free_is1" = TreeSize Free V2.4
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.0.5
"Xfire" = Xfire (remove only)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.07.2010 15:16:47 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\***\Desktop\LoLHack.exe".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.07.2010 15:16:52 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\***\Desktop\LoLHack.exe".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 06.07.2010 09:41:45 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3828 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 894 Anfangszeit: 01cb1d10c123c1fc Zeitpunkt der Beendigung:
24
Error - 06.07.2010 16:12:07 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.3828, Zeitstempel
0x4c25a474, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048b02, Prozess-ID 0x638, Anwendungsstartzeit
01cb1d47571c61c4.
Error - 06.07.2010 16:57:04 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3828 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: e74 Anfangszeit: 01cb1d4784b64564 Zeitpunkt der Beendigung:
33316
Error - 07.07.2010 20:33:11 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 07.07.2010 20:42:41 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3828 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1774 Anfangszeit: 01cb1e3630641362 Zeitpunkt der Beendigung:
60000
Error - 07.07.2010 21:00:20 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 07.07.2010 21:27:01 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.3828, Zeitstempel
0x4c25a474, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048b02, Prozess-ID 0x149c, Anwendungsstartzeit
01cb1e3c8d04c962.
Error - 08.07.2010 17:42:20 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.3828, Zeitstempel
0x4c25a474, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048b02, Prozess-ID 0x1654, Anwendungsstartzeit
01cb1ee3e83402d9.
[ System Events ]
Error - 23.06.2010 19:19:38 | Computer Name = ***-PC | Source = DCOM | ID = 10010
Description =
Error - 25.06.2010 11:15:32 | Computer Name = ***-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 5.193.175.231 registriert werden. Der Computer mit IP-Adresse 5.174.81.97
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 25.06.2010 11:36:12 | Computer Name = ***-PC | Source = BROWSER | ID = 8009
Description =
Error - 25.06.2010 13:19:33 | Computer Name = ***-PC | Source = BROWSER | ID = 8019
Description =
Error - 28.06.2010 10:30:03 | Computer Name = ***-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 28.06.2010 19:33:48 | Computer Name = ***-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 02.07.2010 13:56:02 | Computer Name = ***-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 02.07.2010 um 19:54:37 unerwartet heruntergefahren.
Error - 07.07.2010 13:46:20 | Computer Name = ***-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.100 für die Netzwerkkarte mit der Netzwerkadresse
001CBFB9EF1B wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 07.07.2010 18:57:56 | Computer Name = ***-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 08.07.2010 09:08:54 | Computer Name = ***-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.110 für die Netzwerkkarte mit der Netzwerkadresse
001CBFB9EF1B wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
< End of report >
|
|
09.07.2010, 16:05
| #6 |
| /// Malware-holic | Internet Explorer öffnet sich von selber mit Werbung bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix hast du den download link für die datei noch? wenn ja, kannst du mir den bitte mal als persönliche nachicht senden, falls andere antivirus hersteller das nicht erkennen möchte ichs dann einsenden. |
|
09.07.2010, 16:38
| #7 |
| | Internet Explorer öffnet sich von selber mit Werbung So ein Mist... Nachdem ich den Rechner neugestarter habe, ließ er sich nicht mehr hochfahren... Jetzt habe ihn neu aufgesetzt Troztdem danke |
|
09.07.2010, 16:40
| #8 |
| /// Malware-holic | Internet Explorer öffnet sich von selber mit Werbung neu aufsetzen ist auch gut, so ist alles weg was malware ist. |
|
09.07.2010, 16:58
| #9 |
| | Internet Explorer öffnet sich von selber mit Werbung Das blöde ist nur, dass mein Norton jetzt auch weg ist ... 10 Euro sind weg |
|
09.07.2010, 19:43
| #10 |
| /// Malware-holic | Internet Explorer öffnet sich von selber mit Werbung ich sags ja ungern, aber für so was macht man backups, true image zb hilft :-) du kannst den norton suport anschreiben mit deinen nutzerdaten, bzw hast du vllt ein konto auf der norton homepage, da müssten die daten drinnen stehn |
|
10.07.2010, 00:42
| #11 |
| | Internet Explorer öffnet sich von selber mit Werbung Hättest Du vielleicht eine Email Adresse für den Support, den du mir geben könntest? Ich finde nämlich keine und komme nur auf die Hotline |
|
10.07.2010, 13:10
| #12 |
| /// Malware-holic | Internet Explorer öffnet sich von selber mit Werbung hier hab ich online chat und telefon suport Norton-Support - Kontakt |
|
| Themen zu Internet Explorer öffnet sich von selber mit Werbung |
| bho, browser, firefox, google, helper, hijack, hijackthis, internet, internet explorer, intrusion prevention, local\temp, monitor, mozilla, photoshop, plug-in, problem, realtek, rundll, security, senden, server, software, symantec, system, trojaner, trojaner internet explorer, vista, werbung, windows |
Linear-Darstellung
