|
Log-Analyse und Auswertung: IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.08.2010, 22:18 | #1 |
| IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Hallo erst mal Ich hab das gefühl das etwas meine Internet explorer oder Firefox blockiert. es braucht bis zu 10sek, bis eine saite geladen wurde. Habe auch Bittdefender laufen lassen keine virus meldung, und Spybot mal die maleware gelöscht. ich selber komme nicht mehr weiter da ich zimlich ein anfänger bin. nur was mir aufgefallen ist im Log. das unten viele file missing steht. könnt ihr bitte mein Logfile ansehen, HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:46:10, on 28.08.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Users\danijel\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\QuickHelp2\QuickHelp.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2010\antispam32\bdimguiaux.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\*****\Desktop\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://w*w.google.ch/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] "C:\Program Files (x86)\QuickHelp2\QuickHelp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\danijel\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: NETGEAR WN111v2 Setup-Assistent.lnk = C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - h**p://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - h**p://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - h**p://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_1/ActiveX/IfolorUploader_chkr.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - hxxp://w*w3.snapfish.ch/SnapfishActivia.cab O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - h**ps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - h**p://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - h**p://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - h**p://93.87.16.22/activex/AMC.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - h**p://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. h**://wWw.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15780 bytes |
29.08.2010, 20:57 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,Zitat:
__________________ |
30.08.2010, 12:41 | #3 |
| IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Alles was mir spybot empfohlen hatt, denkst du ich hab da zuviel gelöscht.!
__________________ |
30.08.2010, 14:32 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Du musst schon schreiben was gelöscht wurde
__________________ Logfiles bitte immer in CODE-Tags posten |
30.08.2010, 17:02 | #5 |
| IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, ok. jetzt hab ich hir mal den ersten bericht von Spybot: Fixes. --- Report generated: 2010-03-20 19:44 --- Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Einstellungen (Registrierungsdatenbank-Änderung, fixed) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Einstellungen (Registrierungsdatenbank-Änderung, fixed) HKEY_USERS\S-1-5-21-3596129879-3677713911-3696476438-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe MediaPlex: Verfolgender Cookie (Internet Explorer: ***(Cookie, fixed) Statcounter: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed) Adviva: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed) HitBox: Verfolgender Cookie (Internet Explorer: *****) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed) FastClick: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed) BurstMedia: Verfolgender Cookie (Internet Explorer: *****) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Internet Explorer:***) (Cookie, fixed) WebTrends live: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) DoubleClick: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) BlueStreak: Verfolgender Cookie (Internet Explorer:***) (Cookie, fixed) Right Media: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) BurstMedia: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed) Right Media: Verfolgender Cookie (Firefox: ***l (default)) (Cookie, fixed) Right Media: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed) BlueStreak: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed) DoubleClick: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Firefox: ****(efault)) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed) Statcounter: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed) WebTrends live: Verfolgender Cookie (Firefox:***l (default)) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) DoubleClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) HitsLink: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Adviva: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) BlueStreak: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Adviva: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed) --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0.8) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SDWinSec.exe (1.0.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2010-03-20 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-11-04 advcheck.dll (1.6.5.20) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2010-02-17 Includes\Adware.sbi (*) 2010-03-16 Includes\AdwareC.sbi (*) 2010-01-25 Includes\Cookies.sbi (*) 2009-11-03 Includes\Dialer.sbi (*) 2010-03-16 Includes\DialerC.sbi (*) 2010-01-25 Includes\HeavyDuty.sbi (*) 2009-05-26 Includes\Hijackers.sbi (*) 2010-03-16 Includes\HijackersC.sbi (*) 2010-01-20 Includes\Keyloggers.sbi (*) 2010-03-16 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2010-03-02 Includes\Malware.sbi (*) 2010-03-17 Includes\MalwareC.sbi (*) 2009-03-25 Includes\PUPS.sbi (*) 2010-03-16 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2009-01-13 Includes\Security.sbi (*) 2010-03-16 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2010-03-02 Includes\Spyware.sbi (*) 2010-03-16 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2010-03-03 Includes\Trojans.sbi (*) 2010-03-16 Includes\TrojansC-02.sbi (*) 2010-03-16 Includes\TrojansC-03.sbi (*) 2010-03-16 Includes\TrojansC-04.sbi (*) 2010-03-17 Includes\TrojansC-05.sbi (*) 2010-03-16 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll |
30.08.2010, 17:04 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Das waren doch fast nur Cookies, völlig harmlos! Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ --> IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, |
30.08.2010, 20:25 | #7 |
| IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4509 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18943 30.08.2010 20:09:00 mbam-log-2010-08-30 (20-09-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 388595 Laufzeit: 1 Stunde(n), 31 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) und OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.08.2010 20:50:51 - Run 2 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\******\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 64.00% Memory free 16.00 Gb Paging File | 13.00 Gb Available in Paging File | 81.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 580.53 Gb Total Space | 320.62 Gb Free Space | 55.23% Space Free | Partition Type: NTFS Drive D: | 15.64 Gb Total Space | 2.14 Gb Free Space | 13.65% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: *****-PC Current User Name: ****** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\**\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\***\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\BitDefender\BitDefender 2010\Antispam32\bdimguiaux.exe (BitDefender S.R.L.) PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\QuickHelp2\QuickHelp.exe (Motive Communications, Inc.) PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) ========== Modules (SafeList) ========== MOD - C:\Users\danijel\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.) SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.) SRV:64bit: - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. hxxp://www.bitdefender.com) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (scan) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (jswpsapi) -- C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe (Atheros Communications, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found DRV:64bit: - (BdfNdisf) -- C:\Windows\SysNative\DRIVERS\BdfNdisf6.sys (BitDefender LLC) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender) DRV:64bit: - (BDFM) -- C:\Windows\SysNative\DRIVERS\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.) DRV:64bit: - (WN111v2) -- C:\Windows\SysNative\DRIVERS\WN111v2x.sys (Atheros Communications, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation) DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys (Atheros Communications, Inc.) DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\Drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof () DRV - (BDVEDISK) -- C:\Programme\BitDefender\BitDefender 2010\bdvedisk.sys (BitDefender) DRV - (bdftdif) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.) DRV - (PCD5SRVC{8AAF211B-043E02A9-05040000}) -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms (PC-Doctor, Inc.) DRV - (MREMP50) -- C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (MRESP50) -- C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS (Printing Communications Assoc., Inc. (PCAUSA)) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.bluewin.ch" FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.0.1 FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.2.3 FF - prefs.js..network.proxy.ftp: ":" FF - prefs.js..network.proxy.gopher: ":" FF - prefs.js..network.proxy.http: ":" FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: ":" FF - prefs.js..network.proxy.ssl: ":" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.08.06 21:06:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.28 22:11:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.28 22:11:40 | 000,000,000 | ---D | M] [2009.03.18 22:39:10 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Extensions [2010.08.30 17:55:11 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions [2010.08.12 20:40:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.26 21:37:20 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2010.08.12 20:23:27 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2009.06.01 09:50:37 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\DTToolbar@toolbarnet.com [2009.06.01 09:50:32 | 000,002,399 | ---- | M] () -- C:\Users\danijel\AppData\Roaming\Mozilla\FireFox\Profiles\2yg65t76.default\searchplugins\daemon-search.xml [2010.08.30 17:55:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009.04.16 21:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} [2009.04.16 21:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{8545daff-ad1e-493f-a37e-eed1ac79682b} [2008.11.11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe File not found O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft) O4 - HKLM..\Run: [QuickHelp2_McciTrayApp] C:\Program Files (x86)\QuickHelp2\QuickHelp.exe (Motive Communications, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [CubeDesktop] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_1/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control) O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www3.snapfish.ch/SnapfishActivia.cab (Snapfish Activia) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://93.87.16.22/activex/AMC.cab (AxisMediaControlEmb Class) O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2477ba61-4e80-11de-8aad-00248c20f873}\Shell - "" = AutoRun O33 - MountPoints2\{2477ba61-4e80-11de-8aad-00248c20f873}\Shell\AutoRun\command - "" = J:\SETUP.EXE -- File not found O33 - MountPoints2\{b2c771dc-0292-11df-8e9b-00248c20f873}\Shell\AutoRun\command - "" = L:\Menu.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.30 18:27:54 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Roaming\Malwarebytes [2010.08.30 18:27:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.08.30 18:27:44 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.08.30 18:27:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.08.30 18:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.30 18:23:10 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\danijel\Desktop\OTL.exe [2010.08.29 18:34:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\telnet.exe [2010.08.28 22:46:01 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\HiJackThis [2010.08.28 18:07:37 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\19E+13E Don@ - E2 - 14.08.2010 [2010.08.27 22:07:01 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\2K Games [2010.08.27 21:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games [2010.08.22 16:31:21 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Zoo [2010.08.15 19:36:04 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Eminem Recovery (Deluxe Edition) [2010.08.12 20:18:12 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\fast_video_download__with_searchmenu_-3.2.3-fx [2010.08.11 21:33:29 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Iphone videos [2010.08.11 21:28:44 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\HandBrake [2010.08.11 21:28:40 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Roaming\HandBrake [2010.08.11 21:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Handbrake [2010.08.11 20:16:35 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\Geckofx [2010.08.11 17:37:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.08.11 17:37:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.08.11 17:37:15 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.08.11 17:37:14 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.08.11 17:37:08 | 002,335,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2010.08.11 17:37:06 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2010.08.11 17:37:06 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2010.08.11 17:37:06 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.08.11 17:37:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.08.11 17:37:06 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.08.11 17:37:06 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2010.08.11 17:37:06 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.08.11 17:37:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2010.08.11 17:37:06 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2010.08.11 17:37:05 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2010.08.11 17:37:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.08.11 17:37:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.08.11 17:37:05 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2010.08.11 17:37:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2010.08.11 17:37:05 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2010.08.11 17:37:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2010.08.11 17:37:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2010.08.11 17:37:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2010.08.11 17:37:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2010.08.11 17:37:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2010.08.11 17:37:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.08.11 17:37:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.08.07 12:55:17 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.08.07 12:55:14 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.08.07 12:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes ========== Files - Modified Within 30 Days ========== [2010.08.30 20:50:25 | 004,456,448 | -HS- | M] () -- C:\Users\danijel\ntuser.dat [2010.08.30 20:16:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.30 20:16:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.30 20:14:00 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.30 20:14:00 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.30 20:09:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596129879-3677713911-3696476438-1000UA.job [2010.08.30 19:14:42 | 000,000,266 | ---- | M] () -- C:\Windows\system.ini [2010.08.30 18:27:48 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.30 18:23:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\danijel\Desktop\OTL.exe [2010.08.30 18:14:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.30 18:13:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.30 18:12:36 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv [2010.08.30 18:12:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.08.30 18:12:29 | 000,524,288 | -HS- | M] () -- C:\Users\danijel\ntuser.dat{106f6a2b-344c-11df-87fb-00248c20f873}.TMContainer00000000000000000001.regtrans-ms [2010.08.30 18:12:29 | 000,065,536 | -HS- | M] () -- C:\Users\danijel\ntuser.dat{106f6a2b-344c-11df-87fb-00248c20f873}.TM.blf [2010.08.30 18:12:18 | 003,799,471 | -H-- | M] () -- C:\Users\danijel\AppData\Local\IconCache.db [2010.08.30 17:16:08 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D6320D5-8AA7-448A-9B23-710690F541BD}.job [2010.08.29 15:09:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596129879-3677713911-3696476438-1000Core.job [2010.08.28 23:19:04 | 000,000,607 | ---- | M] () -- C:\Users\danijel\Desktop\IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Trojaner-Board.url [2010.08.28 11:31:14 | 000,045,568 | ---- | M] () -- C:\Users\danijel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.08.27 22:35:57 | 000,000,346 | ---- | M] () -- C:\Users\danijel\Desktop\Problemthread Mafia II - Seite 11 - ..Usenetrevolution...url [2010.08.26 22:12:01 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.08.23 19:01:59 | 000,052,214 | ---- | M] () -- C:\Users\danijel\Desktop\Mirjanasisch (Automatisch gespeichert).docx [2010.08.22 16:35:49 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.08.21 16:45:43 | 000,001,137 | ---- | M] () -- C:\Users\danijel\Desktop\CCcam.cfg [2010.08.21 09:09:44 | 000,002,096 | ---- | M] () -- C:\Users\danijel\Desktop\Google Chrome.lnk [2010.08.18 20:09:23 | 000,000,296 | ---- | M] () -- C:\Users\danijel\Desktop\Websaite für Sportübertragungen - dreambox.info - wir verbinden Dreambox Nutzer.url [2010.08.12 21:26:58 | 000,416,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.08.11 21:28:37 | 000,000,860 | ---- | M] () -- C:\Users\danijel\Desktop\Handbrake.lnk ========== Files Created - No Company Name ========== [2010.08.30 18:27:48 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.28 23:19:04 | 000,000,607 | ---- | C] () -- C:\Users\danijel\Desktop\IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Trojaner-Board.url [2010.08.27 22:35:53 | 000,000,346 | ---- | C] () -- C:\Users\danijel\Desktop\Problemthread Mafia II - Seite 11 - ..Usenetrevolution...url [2010.08.18 20:09:23 | 000,000,296 | ---- | C] () -- C:\Users\danijel\Desktop\Websaite für Sportübertragungen - dreambox.info - wir verbinden Dreambox Nutzer.url [2010.08.11 21:28:37 | 000,000,860 | ---- | C] () -- C:\Users\danijel\Desktop\Handbrake.lnk [2010.08.07 12:55:42 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.03.26 20:51:47 | 000,000,025 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\bdfvconp.ini [2010.03.26 20:34:25 | 000,352,264 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistMSI0B37.txt [2010.03.26 20:34:25 | 000,011,486 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistUI0B37.txt [2010.03.26 20:34:13 | 000,430,476 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistMSI0B10.txt [2010.03.26 20:34:13 | 000,011,374 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistUI0B10.txt [2010.01.01 20:48:35 | 000,001,222 | ---- | C] () -- C:\Users\danijel\AppData\Local\03F67F67.il [2010.01.01 20:48:35 | 000,000,280 | ---- | C] () -- C:\Users\danijel\AppData\Local\IndexIE_03F67F67.il [2009.11.14 10:55:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.11.14 10:55:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.11.08 12:40:49 | 000,000,015 | ---- | C] () -- C:\Windows\SysWow64\asdrawim.ini [2009.10.15 22:19:45 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2009.09.22 21:07:40 | 000,004,096 | -H-- | C] () -- C:\Users\danijel\AppData\Local\keyfile3.drm [2009.06.17 21:27:46 | 000,000,000 | ---- | C] () -- C:\ProgramData\leverage.drm.log [2009.06.05 21:24:31 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi [2009.05.03 22:45:00 | 000,000,131 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\default.rss [2009.05.03 15:49:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.04.17 22:42:26 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI [2009.04.01 12:37:17 | 000,812,148 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_NET_Framework35_LangPack_MSI0C4A.txt [2009.04.01 12:37:10 | 000,036,088 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_depcheck_NETFX_EXP_35.txt [2009.04.01 12:37:07 | 000,001,604 | ---- | C] () -- C:\Users\danijel\AppData\Local\uxeventlog.txt [2009.04.01 12:37:07 | 000,000,002 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_dotnetfx35error_lp.txt [2009.04.01 12:37:05 | 000,076,490 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_dotnetfx35install_lp.txt [2009.03.30 19:35:57 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2009.03.28 00:19:34 | 000,017,043 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\UserTile.png [2009.03.25 23:45:09 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.03.23 22:31:16 | 000,045,568 | ---- | C] () -- C:\Users\danijel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.03.22 11:22:02 | 000,007,160 | ---- | C] () -- C:\Users\danijel\AppData\Local\d3d9caps.dat [2009.03.21 15:52:18 | 000,000,652 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\wklnhst.dat [2009.03.14 22:34:53 | 001,626,960 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.01.27 17:45:07 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll [2009.01.27 17:45:07 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll [2008.02.07 11:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006.10.16 07:58:14 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\aspolyzt.dll [2006.06.29 12:44:32 | 001,826,304 | ---- | C] () -- C:\Windows\SysWow64\asconv3d.dll [2006.03.23 09:24:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\as_tree2.dll [2005.07.06 11:59:58 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\asdrawli.dll [2005.07.04 14:17:30 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\ASDRAWMA.DLL [2004.08.17 16:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\AS_SORT.DLL [2003.05.22 11:31:44 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\ASDRAW32.DLL [2002.07.12 15:29:28 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AS_MDB32.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 973 bytes -> C:\Users\danijel\Desktop\1aHosting.ch - Technische Daten zum Account mdmedia.ch.eml:OECustomProperty @Alternate Data Stream - 925 bytes -> C:\Users\danijel\Desktop\[#146352] einlogen auf FTp oder control panel .eml:OECustomProperty @Alternate Data Stream - 853 bytes -> C:\Users\danijel\Desktop\Besten Dank für Ihre Bestellung.eml:OECustomProperty < End of report > Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = A1 9C 99 61 36 7B CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01F2E8F3-A961-4B81-A5F9-D21E9902BB10}" = lport=138 | protocol=17 | dir=in | app=system | "{0464CF28-525E-4A06-8CC8-5C2E1E03E170}" = rport=137 | protocol=17 | dir=out | app=system | "{0D4B4315-4F49-4F80-AB53-61818A161199}" = rport=139 | protocol=6 | dir=out | app=system | "{22A636B2-E221-4286-A943-866406F06789}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{233D42F9-BBAB-442F-B08C-426FD3D4E581}" = lport=139 | protocol=6 | dir=in | app=system | "{32488D63-1CF1-43E9-8252-2912150B5F40}" = rport=445 | protocol=6 | dir=out | app=system | "{3DE75F91-8CD6-43BE-A628-1258B5AE3215}" = lport=445 | protocol=6 | dir=in | app=system | "{45C33AED-58C9-4198-B7BD-01B71F1FFAF7}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{4FE6F474-DEE1-4869-8914-FBAD762CD535}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{509C216C-BC13-4F00-9AE0-43600B011A09}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{53359306-6D47-4CDA-A73D-579C4CB099A3}" = lport=12238 | protocol=17 | dir=in | name=bitcomet 12238 udp | "{811338A3-B8B2-4139-B749-8FF175D95735}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{85A9FE3A-45D4-4B24-A4EA-9ED3F494C367}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{8B3BC178-32CA-4A68-A21E-4584B5275C53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8B789F2B-8716-4C0D-8A8C-F1AF1C82D539}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{8E1EEBF9-E6DE-4E05-8B49-25BBC8BDA040}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8FB6C2E0-50EF-4BC0-ADF1-D3163D39638A}" = lport=2869 | protocol=6 | dir=in | app=system | "{937200F7-7C1A-4B76-BC90-45ADF7A9A3FC}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{C31E28E8-D830-4CDB-933A-65831A51F8EF}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{C64DA018-C606-49E4-8680-1EAED9182473}" = lport=12238 | protocol=6 | dir=in | name=bitcomet 12238 tcp | "{D633AB54-167E-4053-87DB-093813863ACD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D804C87B-FDE8-405C-9405-ED603CC45A15}" = rport=138 | protocol=17 | dir=out | app=system | "{DE174FDE-9F4E-4E7B-9016-8F22119E4A77}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E58F2AB6-8F80-4F75-8B2A-D565F9C6996C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{FC3E993F-EB3F-4403-8F11-EE8AB442CA9D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FC4A5A13-F3AD-48E8-84E4-30C9550661A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FE44A28F-96DD-4B8C-BD63-94661B745684}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00554A68-EF62-40F9-8324-196311B4316B}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "{1DD8DAF4-B977-4CC0-ADC0-0992EC06326E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1F266FAB-1A6C-4F48-8F81-683198899228}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1F898823-5C84-4C9C-91CA-DD6101C1A818}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{26385C7F-D9B7-43A1-843A-0FD939855856}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2B77DF79-F1CF-4E3A-A097-2FD5FDD25733}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{316D7A1D-D660-4904-B62E-CC9C41D88518}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{3377049A-1728-4139-8F4F-CB4FA1C15D31}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{33FCDAC0-19E5-4613-B8EE-CF87944F98FE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{3663605A-8645-41C7-88D7-F2841890CCE4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{3EE35B05-A8CF-4229-8573-C24480319427}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{40D90DCE-F69C-4A51-A6E5-5756A6AF5979}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{40D91720-DF70-4D09-B2A4-908DB1983331}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{4164527C-88A6-4C6D-BF26-372718F4B9B8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{4ADF9C16-28FE-445C-8A28-482B8E6ADE11}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{4DD96368-EB85-4EC9-9E8E-FD0DF6A577E7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{527210C4-56B7-48C6-BB84-E2A8FA34D791}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{53C06F27-2D65-4550-BB53-4ED9FC0A15FF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe | "{56E8113D-7B3C-4F28-AB15-28279713FB91}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{58F30875-95CE-4A13-A79B-484CB8349F8A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{5A89CD26-98ED-4A29-93E0-64AC0D95AA71}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6387254A-AC09-4AC8-9708-5092B35D8343}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{6A72E79D-CB25-4688-910E-8BC123EC35BC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | "{6D5B76AF-F9B4-46A2-B3DC-5FB256B0C16B}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{6FB35625-2E60-4914-9676-455EBF967EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{72C52872-A304-49ED-A5EF-1456E859594D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{733CB5DE-C814-48CA-A8B5-12A27F22179A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{7A0D340A-404D-4C10-9026-BF7B98668901}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7DFEFFFD-D2F5-4812-A47C-3CD690FD2E74}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\heroes in the sky\his.exe | "{7F97B64B-E281-4CAE-BD7E-EBC137C30BBD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe | "{7FB55A1B-82FC-4269-B231-65154F8A3FF8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{81DAEFB0-CED4-4B4D-8EDC-3C6F237FAD10}" = protocol=17 | dir=in | app=c:\windows\temp\cablecom_installer.exe | "{83B09E3F-DDA9-4C40-9EEB-752CF20FAD84}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{853872A6-01DB-41EC-BF67-C95A096D2A42}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{866B3611-5BEE-4EFE-8D8A-B4DE0016B43E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{8916826A-EF86-484C-AFA5-3F3C41D91BFC}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\heroes in the sky\his.exe | "{8DC33A91-B7B6-4B87-9FF9-AC0504CFF058}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{90887AA8-808A-4211-9416-1DF9CA58D9F5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{919325CA-64E9-41AC-94C8-B3952E1DDA61}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{93AA0B34-2074-415C-A4E6-A643EA7DBCE1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{9E1EFFFC-00DF-439F-89AF-BE6B703F1E91}" = protocol=6 | dir=in | app=c:\windows\temp\cablecom_installer.exe | "{A0B14BFF-1B14-47B2-A427-B479B657EFA3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{A4D224A3-F266-4F45-8334-08707C91D080}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A4E19757-E49B-4395-AE29-5928C15CBCF7}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe | "{A97CBF72-EEE1-4C7B-ABAA-E55A66A6C114}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{AE82C85B-C0A2-4D8F-A8C8-1C6FF8827155}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{BFF9F1EB-E2E6-4290-89C4-AC1422A4728E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{C0FE75F3-CD27-47D5-9FBB-6479BA6E6F36}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{C17944D6-3F00-436C-82CB-B2F044714710}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{DA4663DF-FCC0-40D5-A5C5-6C568575F57F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{DB5187FA-3735-4276-B156-D818877D0D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{DD580B3C-29D9-4A77-A8D1-45E51C35CFF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{E5886BFD-372D-4466-95BE-E8D722C61256}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{EB181D22-9FDE-497F-AA17-07CD4327C177}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{EB5A02CD-805D-4F6B-B9BD-88FDFBC5D2AB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | "{EDE52EF5-E030-4F48-965C-87B7647A4E07}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F5F21D0C-E838-47D8-8D4D-FF1CA3DE00F1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FBFFD5A5-4D0E-4EF7-84C1-11F630E9CAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{FFAD39A7-B610-4611-AF65-992E65B931E4}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "TCP Query User{39929532-5EE3-479A-B4E0-1E225469867A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{D46ECFB4-9F17-4836-A40D-2475D340FA0C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes "{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{88EB92AB-ABD3-E13C-3AEE-B7518354B55A}" = ATI Catalyst Install Manager "{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A149E33D-74B9-4033-9B53-A5DE82864850}" = BitDefender Internet Security 2010 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "OfficeTrial" = Testversion von Microsoft Office Home and Student 2007 "PC-Doctor for Windows" = Hardware Diagnose Tools [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime "{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In "{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal "{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help "{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode "{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent "{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3EA5D881-A648-B489-F113-3A7D99EC936F}" = Catalyst Control Center InstallProxy "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision "{44BC30A3-B5F1-4CAF-8B06-BB7D26991FDC}" = Falk Navi-Manager "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision "{5DA6A5F7-96AA-417B-AE77-9EB531236F80}" = cablecom Starten "{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner "{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2 "{704B9286-2D14-41C2-AF38-C5674465A6E3}" = cablecom Kundencenter "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help "{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help "{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help "{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8ecbef82-fdf0-4a47-803d-9aedab7cd800}" = Nero 9 Trial "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{97099A77-2CD0-4C2C-8931-7F0B73CFE0FA}" = SoftMCE Encoder "{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo "{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CCE2F68-FAFC-4826-9951-E38232406CDF}" = Falk Navi-Manager "{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap "{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS "{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor "{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch "{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax "{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help "{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker "{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime "{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1 "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCFFA267-43EE-163C-C892-799C2037BECB}" = Catalyst Control Center InstallProxy "{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live "{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed "{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light "{EB2340D4-21DF-54B3-4C52-6C4F4B19F46D}" = ccc-core-static "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget "{F1D2C6EA-3382-440C-BBEC-8A2B18CAB1DF}" = Registry Optimierer 2.0 "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights "{F868BD32-1CD0-42A8-A813-A53CEA8882CD}" = Falk Navi-Manager "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Alt.Binz" = Alt.Binz 0.25.0 "Any Video Converter_is1" = Any Video Converter 2.7.5 "AviSynth" = AviSynth 2.5 "AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.20 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2 "AVS4YOU Video ReMaker_is1" = AVS Video ReMaker 2.4 "AXIS Media Control Embedded" = AXIS Media Control Embedded "bwin Poker_is1" = bwin Poker "cablecom Kundencenter" = cablecom Kundencenter "cablecom Starten" = cablecom Starten "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox "ENTERPRISE" = Microsoft Office Enterprise 2007 "ffdshow_is1" = ffdshow [rev 2527] [2008-12-19] "FileZilla Client" = FileZilla Client 3.2.2.1 "HaaliMkx" = Haali Media Splitter "Handbrake" = Handbrake 0.9.4 "Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26268) "HijackThis" = HijackThis 2.0.2 "HP LaserJet P1000 series" = HP LaserJet P1000 series "InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "IsoBuster_is1" = IsoBuster 2.7 "Kaspersky Online Scanner" = Kaspersky Online Scanner "Mafia II_is1" = Mafia II "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Net TV Plus Player" = Net TV Plus Player 1.81 "nettvplayer2.0" = nettvplayer2.0 "Notepad++" = Notepad++ "Nvu_is1" = Nvu 1.0 "Quick Help 2.1" = Quick Help 2.1 "QuickPar" = QuickPar 0.9 "SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009) "Sweet Home 3D_is1" = Sweet Home 3D version 2.0 "TeamViewer 5" = TeamViewer 5 "The KMPlayer" = The KMPlayer (remove only) "Totalcmd" = Total Commander (Remove or Repair) "VLC media player" = VLC media player 1.0.3 "WildTangent hp Master Uninstall" = My HP Games "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > Geändert von deni9 (30.08.2010 um 20:32 Uhr) |
30.08.2010, 20:29 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, Ist unauffällig. Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________ Logfiles bitte immer in CODE-Tags posten |
30.08.2010, 20:37 | #9 |
| IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, ich wollte den beitrag editiren, aber erst nach par mal F5 drucken wurde es übernohmen. die saite braucht sehr lange zum laden. ob wohl bei mir alles mit dem adsl stimmt. |
Themen zu IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, |
0 bytes, adobe, bho, bonjour, browser, cdburnerxp, defender, desktop, explorer, firefox, google, hijack, hijackthis, internet, internet explorer, logfile, maleware, netgear, object, plug-in, rundll, safer networking, security, senden, software, symantec, syswow64, virus, virus meldung, vista, windows |