![]() |
Plagegeister aller Art und deren Bekämpfung: Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
| ![]() Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich... Hi, nachdem ich mich hier ein wenig im Forum umgesehen habe, scheint es so, als wäre ich nicht der einzige, der Probleme in diese Richtung hat. Wie der Titel schon sagt öffnet sich auch bei mir seit Kurzem iexplorer.exe selbstständig, gelegentlich öffnen sich Internet Explorer-Fenster mit deutscher Werbung, der Wave-Sound stellt sich im Realtek HD Audio Output selbstständig auf Null und Spiele minimieren sich in unregelmäßigen, kurzen Abständen selbst, was das Nervigste von alle dem ist. Nachdem ich gestern mein F-Seure, Spybot S&D, Malwarebytes' Anti-Malware und CCleaner drüberlaufen habe lassen (alle fanden ein bis zwei Sachen) schien das Problem behoben, weshalb ich die Logs der gestrigen Durchgänge leider nichtmehr habe. Doch als ich den PC vorhin startete waren all diese Probleme wieder da, weshalb ich mich jetzt verzweifelt an euch wende! Hier sind Logs von Hijackthis, Malwarebytes und OTL. Ich hoffe, ihr könnt mir helfen, dieses dauernde Minimieren ist wirklich unglaublich nervig. Hijackthis: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:30:41, on 11.07.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\cFosSpeed\spd.exe F:\Tobit ClipInc\Server\ClipInc-Server.exe C:\Programme\F-Secure Internet Security\Common\FSM32.EXE C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE C:\Programme\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Screenshot\Screenshot.exe C:\Programme\OO Software\Defrag\oodtray.exe C:\Programme\F-Secure Internet Security\Common\FSHDLL32.EXE C:\Programme\OO Software\Defrag\oodag.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Programme\NETGEAR\WG111T Konfigurationsprogramm\wlan111t.exe C:\Programme\Rainmeter\Rainmeter.exe C:\Programme\Stardock\ObjectDock\ObjectDock.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\TUProgSt.exe C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\Programme\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wuauclt.exe C:\programme\mozilla firefox\firefox.exe C:\Dokumente und Einstellungen\****\Desktop\Programme\Security\Hijackthis\HiJackThis.exe C:\Programme\Skype\Toolbars\Shared\SkypeNames.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ****//www.google.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [AutoRun] C:\Programme\Screenshot\Screenshot.exe O4 - HKLM\..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ? O4 - Global Startup: Rainmeter (2).lnk = C:\Programme\Rainmeter\Rainmeter.exe O8 - Extra context menu item: &Download All by FlashGet - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - ****://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Programme\Stardock\Fences\FencesMenu.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Programme\cFosSpeed\spd.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - F:\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\ORSP Client\fsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Unknown owner - C:\Programme\iPod\bin\iPodService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\Programme\OO Software\Defrag\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 8240 bytes Code:
ATTFilter OTL logfile created on: 11.07.2010 15:37:06 - Run 1 OTL by OldTimer - Version Folder = C:\Dokumente und Einstellungen\Alex\Desktop\Programme\Security\OTL Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298.08 Gb Total Space | 45.09 Gb Free Space | 15.13% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 43.96 Gb Total Space | 34.92 Gb Free Space | 79.44% Space Free | Partition Type: NTFS Drive G: | 142.35 Gb Total Space | 32.34 Gb Free Space | 22.72% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ALEX1 Current User Name: Alex Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Alex\Desktop\Programme\Security\OTL\OTL.exe (OldTimer Tools) PRC - C:\Programme\F-Secure Internet Security\Anti-Virus\fssm32.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\ORSP Client\fsorsp.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\Anti-Virus\fsav32.exe (F-Secure Corporation) PRC - C:\Programme\Rainmeter\Rainmeter.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH) PRC - C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH) PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software) PRC - C:\Programme\F-Secure Internet Security\Common\FSM32.EXE (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\Common\FSHDLL32.EXE (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\FWES\program\fsdfwd.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe (F-Secure Corporation) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - F:\Tobit ClipInc\Server\ClipInc-Server.exe () PRC - C:\Programme\Screenshot\screenshot.exe (Till Koppers) PRC - C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe () PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Programme\Stardock\ObjectDock\ObjectDock.exe (Stardock) PRC - C:\Programme\NETGEAR\WG111T Konfigurationsprogramm\wlan111t.exe (NETGEAR) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Alex\Desktop\Programme\Security\OTL\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\Programme\Stardock\ObjectDock\DockShellHook.dll () ========== Win32 Services (SafeList) ========== SRV - (iPod Service) -- C:\Programme\iPod\bin\iPodService.exe File not found SRV - (FSORSPClient) -- C:\Programme\F-Secure Internet Security\ORSP Client\fsorsp.exe (F-Secure Corporation) SRV - (DAUpdaterSvc) -- G:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (O&O Defrag) -- C:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software) SRV - (FSMA) -- C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE (F-Secure Corporation) SRV - (FSDFWD) -- C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe (F-Secure Corporation) SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe (F-Secure Corporation) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (ClipInc001) -- F:\Tobit ClipInc\Server\ClipInc-Server.exe () SRV - (cFosSpeedS) -- C:\Programme\cFosSpeed\spd.exe (cFos Software GmbH) SRV - (TryAndDecideService) -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe () SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found DRV - (F-Secure Gatekeeper) -- C:\Programme\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys () DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (fsbts) -- C:\WINDOWS\system32\Drivers\fsbts.sys () DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (F-Secure HIPS) -- C:\Programme\F-Secure Internet Security\HIPS\drivers\fshs.sys (F-Secure Corporation) DRV - (FSFW) -- C:\WINDOWS\System32\drivers\fsdfw.sys (F-Secure Corporation) DRV - (F-Secure Filter) -- C:\Programme\F-Secure Internet Security\Anti-Virus\win2k\fsfilter.sys () DRV - (F-Secure Recognizer) -- C:\Programme\F-Secure Internet Security\Anti-Virus\win2k\fsrec.sys () DRV - (cFosSpeed) -- C:\WINDOWS\system32\drivers\cfosspeed.sys (cFos Software GmbH) DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (pspdisp) -- C:\WINDOWS\system32\drivers\pspdisp.sys (JJS) DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys (****://libusb-win32.sourceforge.net) DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis) DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis) DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis) DRV - (tdrpman) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis) DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (adfs) -- C:\WINDOWS\System32\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (iaStor) -- C:\WINDOWS\System32\drivers\iaStor.cat () DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\atl01_xp.sys (Attansic Technology corporation.) DRV - (AR5523) -- C:\WINDOWS\system32\drivers\wg11tnd5.sys (NETGEAR, Inc.) DRV - (ATHFMWDL) -- C:\WINDOWS\system32\drivers\Athfmwdl.sys (Windows (R) 2000 DDK provider) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA)) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ****://www.google.de/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultEngine: "Yahoo" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-cneta&type=biennesoft_10647340" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-cneta&type=biennesoft_10647340" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "****://www.bundesliga.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.1 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}: FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.7 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}: FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com: FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}: FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}: FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}: FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.4 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}: FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.64 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}: FF - prefs.js..keyword.URL: "****://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-cneta&p=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.05.02 20:35:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.03.15 20:30:51 | 000,000,000 | ---D | M] [2008.09.20 19:47:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Extensions [2010.07.11 14:44:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions [2010.06.17 12:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010.07.09 15:05:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010.07.09 15:05:10 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009.10.15 20:01:15 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.02.25 01:15:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.06.29 21:02:44 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2010.07.09 15:05:15 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.05.11 22:08:24 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.06.02 21:31:08 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.06.07 10:42:40 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2010.04.16 22:06:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2010.04.15 22:18:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.05.01 17:53:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.04.12 21:15:07 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.06.22 11:26:26 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2008.10.07 18:12:07 | 000,000,000 | ---D | M] (Mouse Gestures Redox) -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0} [2009.03.08 21:17:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\vw52wsvb.default\extensions\moveplayer@movenetworks.com [2010.07.11 14:34:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.06.02 16:58:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.03.15 20:30:43 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.15 20:30:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.15 20:30:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.15 20:30:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.15 20:30:43 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.07.11 06:15:03 | 000,412,660 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O1 - Hosts: adobeereg.com O1 - Hosts: www.adobeereg.com O1 - Hosts: activate.adobe.com O1 - Hosts: activate-sea.adobe.com O1 - Hosts: activate-sjc0.adobe.com O1 - Hosts: wwis-dubc1-vip60.adobe.com O1 - Hosts: O1 - Hosts: im.adtech.de O1 - Hosts: adserver.adtech.de O1 - Hosts: adtech.de O1 - Hosts: ar.atwola.com O1 - Hosts: atwola.com O1 - Hosts: adserver.71i.de O1 - Hosts: adicqserver.71i.de O1 - Hosts: 71i.de O1 - Hosts: static3.cdn.ubi.com O1 - Hosts: ubisoft-orbit.s3.amazonaws.com O1 - Hosts: onlineconfigservice.ubi.com O1 - Hosts: orbitservice.ubi.com O1 - Hosts: ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: www.007guard.com O1 - Hosts: 007guard.com O1 - Hosts: 008i.com O1 - Hosts: www.008k.com O1 - Hosts: 14255 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4 - HKLM..\Run: [AutoRun] C:\Programme\Screenshot\screenshot.exe (Till Koppers) O4 - HKLM..\Run: [F-Secure Manager] C:\Programme\F-Secure Internet Security\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] C:\Programme\F-Secure Internet Security\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\Alex\Startmenü\Programme\Autostart\Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe (Stardock) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NETGEAR WG111T Smart Wizard.lnk = C:\Programme\NETGEAR\WG111T Konfigurationsprogramm\wlan111t.exe (NETGEAR) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Rainmeter (2).lnk = C:\Programme\Rainmeter\Rainmeter.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Download All by FlashGet - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm () O8 - Extra context menu item: &Download by FlashGet - C:\Programme\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm () O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Programme\F-Secure Internet Security\FSPS\program\FSLSP.DLL (F-Secure Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h****://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} ****://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ****//java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} ****://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} ****://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Programme\Stardock\Fences\FencesMenu.dll (Stardock) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.11 15:26:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\****\Recent [2010.07.11 05:53:55 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2010.07.11 05:53:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy [2010.07.11 05:36:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Malwarebytes [2010.07.11 05:36:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.07.11 05:36:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.07.11 05:36:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.07.11 05:36:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.07.11 05:36:01 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.07.11 03:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia [2010.07.11 03:04:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2010.07.09 20:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Eigene Dateien\BFBC2 [2010.06.26 11:48:07 | 000,000,000 | ---D | C] -- C:\Programme\Sniper Ghost Warrior [2010.06.25 22:43:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Alex\Desktop\4F [2010.06.17 23:03:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Eigene Dateien\Wizards of the Coast [2010.06.17 23:03:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\SKIDROW [2010.06.17 23:02:03 | 000,000,000 | ---D | C] -- C:\Programme\Wizards of the Coast LLC [2010.06.17 22:16:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DirectX [2010.06.17 22:16:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Eigene Dateien\Wildlife Park 2 [2010.06.17 22:16:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Wildlife Park 2 [2010.06.17 18:17:36 | 000,000,000 | ---D | C] -- C:\Programme\Deep Silver [2010.06.14 12:13:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\PCSuite [2010.06.14 12:11:45 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [2010.06.14 12:11:36 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution [2010.06.12 01:14:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\uninstall [29 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.07.11 15:27:00 | 000,002,784 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Eigene Dateien\cc_20100711_152656.reg [2010.07.11 15:25:55 | 027,000,832 | -H-- | M] () -- C:\Dokumente und Einstellungen\Alex\NTUSER.DAT [2010.07.11 15:25:27 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.07.11 15:00:03 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2010.07.11 14:45:32 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.07.11 14:41:43 | 000,000,654 | ---- | M] () -- C:\WINDOWS\win.ini [2010.07.11 14:41:43 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010.07.11 14:41:43 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2010.07.11 14:31:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.07.11 14:31:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.07.11 14:31:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.07.11 14:31:11 | 000,514,228 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor [2010.07.11 06:51:47 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Alex\ntuser.ini [2010.07.11 06:15:03 | 000,412,660 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.07.11 05:48:01 | 000,525,246 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Eigene Dateien\cc_20100711_054751.reg [2010.07.09 19:17:56 | 000,138,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\PnkBstrK.sys [2010.07.09 19:17:35 | 002,434,856 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_bc2.exe [2010.06.30 23:06:45 | 000,469,342 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.06.30 23:06:45 | 000,450,854 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.06.30 23:06:45 | 000,088,526 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.06.30 23:06:45 | 000,075,024 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.06.30 23:06:43 | 001,099,070 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.06.28 17:53:26 | 022,183,378 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Desktop\BigRollInParadise_v1_00_89800.sis [2010.06.25 22:45:24 | 000,006,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.25 13:16:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [29 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.11 15:26:57 | 000,002,784 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Eigene Dateien\cc_20100711_152656.reg [2010.07.11 05:47:54 | 000,525,246 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Eigene Dateien\cc_20100711_054751.reg [2010.06.28 17:46:02 | 022,183,378 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Desktop\BigRollInParadise_v1_00_89800.sis [2010.04.29 18:29:37 | 000,000,978 | ---- | C] () -- C:\WINDOWS\disney.ini [2009.11.25 14:41:54 | 000,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys [2009.07.14 17:15:00 | 000,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009.07.08 15:55:39 | 000,554,496 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll [2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009.04.09 17:00:34 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2009.02.24 14:59:34 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009.02.24 14:41:22 | 000,000,288 | ---- | C] () -- C:\WINDOWS\vtmb.ini [2008.12.23 15:48:53 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008.12.23 15:48:52 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008.12.08 19:37:53 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008.12.02 13:04:43 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008.10.03 17:15:50 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2008.10.03 17:15:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2008.10.03 17:15:50 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2008.10.03 17:15:50 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2008.09.20 20:02:59 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008.09.20 01:49:47 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2008.09.20 01:49:47 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2008.09.20 00:48:20 | 000,014,935 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008.09.20 00:48:12 | 000,014,629 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008.09.20 00:48:12 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008.09.20 00:48:06 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008.09.20 00:10:23 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001.03.30 22:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll < End of report > Code:
ATTFilter OTL Extras logfile created on: 11.07.2010 15:37:06 - Run 1 OTL by OldTimer - Version Folder = C:\Dokumente und Einstellungen\Alex\Desktop\Programme\Security\OTL Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free 5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298.08 Gb Total Space | 45.09 Gb Free Space | 15.13% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 43.96 Gb Total Space | 34.92 Gb Free Space | 79.44% Space Free | Partition Type: NTFS Drive G: | 142.35 Gb Total Space | 32.34 Gb Free Space | 22.72% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: **** Current User Name: **** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "56712:TCP" = 56712:TCP:*:Enabled:Pando Media Booster "56712:UDP" = 56712:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "56712:TCP" = 56712:TCP:*:Enabled:Pando Media Booster "56712:UDP" = 56712:UDP:*:Enabled:Pando Media Booster "8377:TCP" = 8377:TCP:*:Enabled:League of Legends Launcher "8377:UDP" = 8377:UDP:*:Enabled:League of Legends Launcher "8378:TCP" = 8378:TCP:*:Enabled:League of Legends Launcher "8378:UDP" = 8378:UDP:*:Enabled:League of Legends Launcher "6891:TCP" = 6891:TCP:*:Enabled:League of Legends Launcher "6891:UDP" = 6891:UDP:*:Enabled:League of Legends Launcher "6908:TCP" = 6908:TCP:*:Enabled:League of Legends Launcher "6908:UDP" = 6908:UDP:*:Enabled:League of Legends Launcher ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.) "C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC) "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Programme\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET) "C:\Programme\EA GAMES\Battlefield 2\BF2.exe" = C:\Programme\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- () "C:\Programme\Electronic Arts\Battlefield 2142\BF2142.exe" = C:\Programme\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2 -- () "C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.) "C:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG) "C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.) "C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Programme\Java\jre1.6.0_07\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\Microsoft Games\Rise of Nations\rise.exe" = C:\Programme\Microsoft Games\Rise of Nations\rise.exe:*:Disabled:Rise of Nations -- (Big Huge Games, Inc.) "C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "F:\Tobit ClipInc\Server\ClipInc-Server.exe" = F:\Tobit ClipInc\Server\ClipInc-Server.exe:*:Enabled:ClipInc Server -- () "F:\Tobit ClipInc\Player\ClipInc-Player.exe" = F:\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc Player -- (Tobit.Software) "C:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe" = C:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Disabled:Anno4Web -- () "C:\Programme\Dawn of War 2\DOW2.exe" = C:\Programme\Dawn of War 2\DOW2.exe:*:Disabled:DOW2 -- (THQ Canada Inc.) "C:\Programme\Ascaron Entertainment\Sacred 2 - Fallen Angel\system\sacred2.exe" = C:\Programme\Ascaron Entertainment\Sacred 2 - Fallen Angel\system\sacred2.exe:*:Disabled:Sacred 2 -- (Ascaron Entertainment GmbH) "C:\Programme\Ascaron Entertainment\Sacred 2 - Fallen Angel\system\s2gs.exe" = C:\Programme\Ascaron Entertainment\Sacred 2 - Fallen Angel\system\s2gs.exe:*:Disabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH) "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation) "C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = C:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Disabled:Borderlands -- (Take-Two Interactive Software, Inc.) "C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = C:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2 -- () "C:\Programme\BinaryMark\FLV Video Downloader Trial\FLVDownloader.exe" = C:\Programme\BinaryMark\FLV Video Downloader Trial\FLVDownloader.exe:*:Enabled:FLV Video Downloader Trial -- (BinaryMark) "C:\Programme\Cyanide\GameCenter\GameCenter.exe" = C:\Programme\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- (Cyanide) "G:\Programme\Dragon Age\bin_ship\daorigins.exe" = G:\Programme\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins -Spiel -- (BioWare) "G:\Programme\Dragon Age\DAOriginsLauncher.exe" = G:\Programme\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins -Launcher -- (BioWare) "C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam 732897 -- (Valve Corporation) "G:\Programme\EA Sports\FIFA 10\FIFA10.exe" = G:\Programme\EA Sports\FIFA 10\FIFA10.exe:*:Enabled:FIFA10 -- () "C:\Programme\Valve\hl.exe" = C:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU\NGM\NGM.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Programme\Stardock Games\Demigod\bin\Demigod.exe" = C:\Programme\Stardock Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod -- (Gas Powered Games) "C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.) "C:\Programme\ICQ7.0\aolload.exe" = C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC) "C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- (****://www.emule-project.net) "C:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe" = C:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- () "G:\Ubisoft\Silent Hunter 5\sh5.exe" = G:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft) "G:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe" = G:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins -Inhaltsupdater -- (BioWare) "C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft) "G:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe" = G:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II -- () "G:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe" = G:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update -- (Ubisoft) "G:\Programme\Ubisoft\Assassin's Creed II\UPlayBrowser.exe" = G:\Programme\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay -- (Ubisoft Entertainment) "G:\Programme\Ubisoft\Assassin's Creed II\Server Emulator\server.exe" = G:\Programme\Ubisoft\Assassin's Creed II\Server Emulator\server.exe:*:Enabled:server -- () "C:\Programme\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe" = C:\Programme\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction -- () "C:\Programme\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe" = C:\Programme\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction aktualisieren -- (Ubisoft) "C:\Programme\Warhammer 40000 Dawn of War II - Chaos Rising\DOW2.exe" = C:\Programme\Warhammer 40000 Dawn of War II - Chaos Rising\DOW2.exe:*:Enabled:Dawn of War II -- (THQ Canada Inc.) "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "C:\Programme\SEGA\Alpha Protocol\Binaries\APGame.exe" = C:\Programme\SEGA\Alpha Protocol\Binaries\APGame.exe:*:Disabled:Alpha Protocol -- (Obsidian Entertainment, Inc.) "C:\Programme\Ubisoft\Far Cry 2\bin\FarCry2.exe" = C:\Programme\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment) "C:\Programme\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = C:\Programme\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft) "C:\Programme\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = C:\Programme\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment) "C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- () "C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- () "C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB) "C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB) "C:\Programme\Steam\steamapps\****\team fortress 2\hl2.exe" = C:\Programme\Steam\steamapps\****\team fortress 2\hl2.exe:*:Enabled:hl2 -- () "C:\Programme\Steam\steamapps\****\counter-strike source\hl2.exe" = C:\Programme\Steam\steamapps\****\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod "{02A3343C-028E-62D3-E193-AC15E8508B64}" = Catalyst Control Center Graphics Light "{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{063BD2FA-85DE-0A14-F266-7BD869F719BA}" = Catalyst Control Center Graphics Full New "{06F478B0-053F-45C7-B7F4-B81520345720}" = Ninja Blade "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{08F8FD7C-44A5-4423-B87C-EBD3D94C9F87}" = Vampire - The Masquerade Bloodlines "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.0 Build #1205 Banner Remover 0.7 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10 "{12C85315-0989-4C28-8956-33458F464DD6}" = The Chronicles of Riddick - Assault on Dark Athena "{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6 "{151FFC5F-ADE2-4CC3-AB0B-D9F8EB3FBF7A}" = Wildlife Park 2 "{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite "{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising "{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind "{1DC4E424-5D92-4C92-B1E1-4BE4318E7136}" = James Cameron's AVATAR(tm): DAS SPIEL (Demo) "{1F126EDC-DA29-4D5B-80DF-735252475FEE}" = Pro Evolution Soccer 2010 DEMO "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09 "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13 "{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010 "{2894C259-B270-EFAA-3131-491B261E894A}" = ccc-utility "{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{3266FEA9-98E9-448B-B235-DAC63D4CE781}" = Unreal Tournament 3 Demo "{349EEF84-59E0-5B35-182D-50948D7DB592}" = ccc-core-static "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A6B1116-E9C1-4480-41B5-35290C1EFD3B}" = ccc-core-preinstall "{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater "{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum "{51123D42-6B9C-4B93-900C-29F9EC5963C9}" = NETGEAR WG111T Konfigurationsprogramm "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{52B6FCEC-7146-17FC-6877-18DAE0EDF05F}" = Euro-Fahrschule 2010 "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set "{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}" = Logitech Gaming Software 5.02 "{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist "{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1" = AC2 server emulator 0.44 by Dormine "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{69352F8B-66AD-493C-9138-5FE0D300FB17}" = FIFA 09 Demo "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C89B82E-AD76-7715-43EA-C37E563E83BB}" = ATI Catalyst Install Manager "{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction "{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder "{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77C80DAB-4C40-ACD2-E645-FD3E1F05EA90}" = CCC Help English "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7 "{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = DIE SIEDLER - Das Erbe der Könige "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM) "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95C5F81D-0779-4932-BE83-32AAF814F4B9}" = League of Legends "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9FDCD01E-9926-4399-8BB9-74EEBE604C11}" = Quake Live Mozilla Plugin "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money "{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5 "{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE "{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}" = RealSpeak Solo fur Deutsch - Steffi "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™ "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C9319653-9A2C-4307-A061-44ADF41FCE7F}" = BiologyBattle "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}" = Alpha Protocol "{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4 "{D53A3D44-C983-4D21-ABF6-2AA2AB88FB28}" = Battlefield Bad Company 2 - BETA "{D75814C1-5AA5-4198-BFF6-093A226D9F0D}" = O&O Defrag Professional "{DAE507C4-7E9E-B204-531C-A9306522D7A9}" = Catalyst Control Center Graphics Full Existing "{DD58AC0F-CE28-B5EA-72C4-08CE056A77EA}" = Catalyst Control Center HydraVision Full "{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando "{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis*True*Image*Home "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 "{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization "{F0949359-3DA7-52EF-50E6-FDD6B9491E2D}" = Catalyst Control Center Graphics Previews Common "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition "{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}" = Catalyst Control Center InstallProxy "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F67CCC08-C544-A440-A47A-D60A25118CD1}" = Catalyst Control Center Core Implementation "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood "{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure "05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) "3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 "3D-Fahrschule" = 3D-Fahrschule "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 "8089B79E-5E25-4872-8AC9-058E5F5599EC_is1" = iTunes Sync 1.5.1 "8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "Alien Breed: Impact_is1" = Alien Breed: Impact "Armies of Exigo_is1" = Armies of Exigo "AtcL1" = Attansic L1 Gigabit Ethernet Driver "Audacity_is1" = Audacity 1.2.6 "BoneTown" = BoneTown "CCleaner" = CCleaner "cFosSpeed" = cFosSpeed v4.50 "Combat Arms EU" = Combat Arms EU "Demigod" = Demigod "Digitale Bibliothek 4" = Digitale Bibliothek 4 "eMule" = eMule "Exif-Viewer" = Exif-Viewer 2.40 "Fallout Mod Manager_is1" = Fallout Mod Manager 0.11.9 "Fences" = Fences "FlashGet 2.0" = FlashGet 2.0 "FLV Video Downloader Trial" = FLV Video Downloader Trial 3.0 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free FLV Converter_is1" = Free FLV Converter V 6.5 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "F-Secure Product 303" = F-Secure Anti-Virus 2010 "FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10 "GameCenter" = GameCenter "Hamachi" = Hamachi "HijackThis" = HijackThis 2.0.2 "InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM) "InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch "InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines "InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood "Magic The Gathering - Duels of the Planeswalkers_is1" = Magic The Gathering - Duels of the Planeswalkers "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mount&Blade Warband" = Mount&Blade Warband "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nokia PC Suite" = Nokia PC Suite "ObjectDock" = ObjectDock "OpenAL" = OpenAL "PunkBusterSvc" = PunkBuster Services "QIP Infium_is1" = QIP Infium 2.0.9020 RC3 "Rainlendar2" = Rainlendar2 (remove only) "Rainmeter" = Rainmeter (remove only) "RiseOfNations 1.0" = Microsoft Rise Of Nations "Screenshot_is1" = Screenshot 1.1 "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 13140" = America's Army 3 "Steam App 17700" = Insurgency "Steam App 215" = Source SDK Base "Steam App 220" = Half-Life 2 "Steam App 240" = Counter-Strike: Source "Steam App 440" = Team Fortress 2 "Steam App 500" = Left 4 Dead "SYBEX.eurofahrschule2010.DEA6744BBD64092B439DF6F6F66EE152DA36E9C6.1" = Euro-Fahrschule 2010 "The KMPlayer" = The KMPlayer (remove only) "Tobit ClipInc Server" = Tobit.Software clipinc.fx "Uninstall_is1" = Uninstall "VLC media player" = VLC media player 0.9.8a "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 "XMedia Recode" = XMedia Recode "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "InstallShield_{3266FEA9-98E9-448B-B235-DAC63D4CE781}" = Unreal Tournament 3 Demo "InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20.06.2010 07:40:39 | Computer Name = ALEX1 | Source = MsiInstaller | ID = 1013 Description = Produkt: Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see ****://support.microsoft.com/support/kb/articles/q312/5/00.asp Error - 20.06.2010 07:42:09 | Computer Name = ALEX1 | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 1 2010-06-20 13:42:09+02:00 alex1 ALEX1\Alex Message from F-Secure Anti-Virus on Malicious code found in file C:\Programme\Wizards of the Coast LLC\Magic The Gathering - Duels of the Planeswalkers\Steamclient.dll. Infection: Trojan.Generic.4202588 Error - 20.06.2010 07:43:52 | Computer Name = ALEX1 | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 2 2010-06-20 13:43:52+02:00 alex1 ALEX1\Alex Message from F-Secure Anti-Virus on Malicious code found in file C:\Programme\Wizards of the Coast LLC\Magic The Gathering - Duels of the Planeswalkers\Steamclient.dll. Infection: Trojan.Generic.4202588 Error - 20.06.2010 12:33:58 | Computer Name = ALEX1 | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 3 2010-06-20 18:33:58+02:00 alex1 ALEX1\Alex Message from F-Secure Anti-Virus on Malicious code found in file C:\Programme\Wizards of the Coast LLC\Magic The Gathering - Duels of the Planeswalkers\Steamclient.dll. Infection: Trojan.Generic.4202588 Error - 30.06.2010 09:50:41 | Computer Name = ALEX1 | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 1 2010-06-30 15:50:35+02:00 alex1 ALEX1\Alex Message from F-Secure Anti-Virus on Crash detected. \Device\HarddiskVolume1\Programme\NETGEAR\WG111T Konfigurationsprogramm\wlan111t.exe \Device\HarddiskVolume1\WINDOWS\system32\drivers\etc\hosts Error - 09.07.2010 18:47:34 | Computer Name = ALEX1 | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 1 2010-07-10 00:47:34+02:00 alex1 ALEX1\Alex Message from F-Secure Anti-Virus on Malicious code found in file C:\Dokumente und Einstellungen\Alex\Desktop\oben rechts\Nokia\GenialSis 2.0_neu\GenialSiS.exe. Infection: Backdoor.Generic.349587 Error - 10.07.2010 23:19:31 | Computer Name = **** | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 1 2010-07-11 05:19:31+02:00 **** Message from F-Secure Anti-Virus on Manual scanning was finished - workstation was found infected! Error - 10.07.2010 23:38:36 | Computer Name = **** | Source = Message from F-Secure Anti-Virus on | ID = 103 Description = 1 2010-07-11 05:38:36+02:00 **** ****\**** Message from F-Secure Anti-Virus on Malicious code found in file C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4XYVCP6N\download[1].php. Infection: Gen:Heur.NaviPromo.3 Error - 10.07.2010 23:55:17 | Computer Name = **** | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung spybotsd.exe, Version, fehlgeschlagenes Modul spybotsd.exe, Version, Fehleradresse 0x00001941. Error - 10.07.2010 23:57:50 | Computer Name =**** | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung SpybotSD.exe, Version, Stillstandmodul hungapp, Version, Stillstandadresse 0x00000000. [ System Events ] Error - 28.06.2010 15:01:10 | Computer Name = **** | Source = Cdrom | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\CdRom0. Error - 09.07.2010 07:25:57 | Computer Name =**** | Source = W32Time | ID = 39452689 Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751) Error - 09.07.2010 07:25:57 | Computer Name = **** | Source = W32Time | ID = 39452701 Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit. Error - 09.07.2010 07:25:57 | Computer Name = **** | Source = W32Time | ID = 39452689 Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751) Error - 09.07.2010 07:25:57 | Computer Name = **** | Source = W32Time | ID = 39452701 Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit. Error - 10.07.2010 21:01:53 | Computer Name = **** | Source = Dhcp | ID = 1000 Description = Die Lease dieses Computers zu der IP-Adresse über die Netzwerkkarte mit der Netzwerkadresse 7A79059076D4 ist verloren gegangen. Error - 10.07.2010 23:21:17 | Computer Name = **** | Source = DCOM | ID = 10010 Description = Der Server "{781B925F-0BF8-4C7B-A2A8-A8B11B488A07}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. [ TuneUp Events ] Error - 01.05.2010 12:03:54 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 18:03:54', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell double agent\support\detection\detectionui_r.exe','1804',0) Error - 01.05.2010 12:03:59 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 18:03:59', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell double agent\support\eax4unified_redist_4001.exe','2072',0) Error - 02.05.2010 11:37:44 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-02 17:37:44', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe','3008',0) Error - 02.05.2010 12:03:21 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-02 18:03:21', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe','3572',0) Error - 03.05.2010 11:16:05 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-03 17:16:05', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe','2408',0) Error - 07.05.2010 09:00:50 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-07 15:00:50', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe','3900',0) Error - 07.05.2010 11:46:31 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-07 17:46:31', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell double agent\scdalauncher.exe','2384',0) Error - 07.05.2010 11:46:36 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-07 17:46:36', '\device\harddiskvolume1\programme\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe','1228',0) Error - 10.07.2010 23:36:41 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-07-11 05:36:41', '\device\harddiskvolume1\programme\malwarebytes' anti-malware\mbam.exe','1736',0) Error - 10.07.2010 23:49:01 | Computer Name = **** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-07-11 05:49:01', '\device\harddiskvolume1\programme\malwarebytes' anti-malware\mbam.exe','3492',0) < End of report > Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 w*w.malwarebytes.org Datenbank Version: 4301 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 11.07.2010 15:52:19 mbam-log-2010-07-11 (15-52-19).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 136551 Laufzeit: 4 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
![]() | #2 |
| ![]() Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich... Okay, Problem gelöst, habe jetzt einfach Windows neu aufgesetzt, war eh mal fällig.
__________________ |
![]() |
Themen zu Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich... |
0x00000001, 5 minuten, adblock, audacity, bho, bonjour, call of duty, components, continue, converter, counter-strike source, desktop, error, excel, firefox, flash player, grand theft auto, hijack, hijackthis, hkus\s-1-5-18, iexplorer.exe, internet, ip-adresse, league of legends, libusb0.sys, location, logfile, malicious code, malwarebytes' anti-malware, mozilla, mp3, msiinstaller, netgear, oldtimer, otl logfile, otl.exe, plug-in, realtek, registry, saver, searchplugins, security, server, shell32.dll, software, spiele minimieren, sptd.sys, system, trojan.generic., vlc media player, werbung, windows, windows xp, world at war |