![]() |
Log-Analyse und Auswertung: Windows-Explorere stürzt dauerd abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
![]() | ![]() Windows-Explorere stürzt dauerd ab Mein Windows-Explorere stürzt andauerd ab. Nachdem er neugestatet wurde, stürzt er wieder ab. Mir ist aufgefalen, dass dies nur passiert, wenn ich auf dem Desktop bin. Ansonsten funktioniert der Explorer gut. Anti-Malware und Antivir haben nichts ergeben. Windows habe ich auch abgedated. Hier ein HiJack-Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:40:50, on 16.11.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\eMule\emule.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\Taskmgr.exe C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software GmbH - C:\Windows\System32\TUProgSt.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 6479 bytes Das System ist jetzt halbwegs stabil, aber es passiert trotzdem noch, dass sich mein Windows-Explorer aufhängt |
![]() | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows-Explorere stürzt dauerd ab Hallo und
__________________![]() Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
![]() | #3 |
![]() | ![]() Windows-Explorere stürzt dauerd ab Mit dem Aktuellen Malware-Scan hab ich drei Scans
ATTFilter alwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 5129 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 17.11.2010 02:09:53 mbam-log-2010-11-17 (02-09-53).txt Art des Suchlaufs: Vollstдndiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 308491 Laufzeit: 1 Stunde(n), 42 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlьssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bцsartigen Objekte gefunden) Infizierte Speichermodule: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungsschlьssel: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bцsartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bцsartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bцsartigen Objekte gefunden) Infizierte Dateien: (Keine bцsartigen Objekte gefunden) Code:
ATTFilter alwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 5129 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 17.11.2010 02:09:53 mbam-log-2010-11-17 (02-09-53).txt Art des Suchlaufs: Vollstдndiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 308491 Laufzeit: 1 Stunde(n), 42 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlьssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bцsartigen Objekte gefunden) Infizierte Speichermodule: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungsschlьssel: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bцsartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bцsartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bцsartigen Objekte gefunden) Infizierte Dateien: (Keine bцsartigen Objekte gefunden) Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4705 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 29.10.2010 10:03:48 mbam-log-2010-10-29 (10-03-48).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 142027 Laufzeit: 7 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlьssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bцsartigen Objekte gefunden) Infizierte Speichermodule: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungsschlьssel: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bцsartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bцsartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bцsartigen Objekte gefunden) Infizierte Dateien: (Keine bцsartigen Objekte gefunden) Und hier die beiden OTL-Scans: Code:
ATTFilter OTL Extras logfile created on: 17.11.2010 08:00:01 - Run 3 OTL by OldTimer - Version Folder = C:\Users\*****\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 221,17 Gb Total Space | 58,14 Gb Free Space | 26,29% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 30,17 Gb Free Space | 12,95% Space Free | Partition Type: NTFS Drive F: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive O: | 1397,26 Gb Total Space | 595,41 Gb Free Space | 42,61% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03EE9235-A150-4C48-A164-D96B2F99AFB7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{066D68DE-63AF-43A9-9012-9FEF7D48F5E3}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher | "{0A703FF0-EFBB-4968-A2C9-C493CBE64386}" = lport=6952 | protocol=6 | dir=in | name=league of legends launcher | "{0C95C3C9-0CFB-4159-A246-C8688714ED7A}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher | "{140689CA-D425-4CE6-967B-058BA9C1CF53}" = lport=6995 | protocol=6 | dir=in | name=league of legends launcher | "{1497D9C3-3E35-4C3C-9EDC-BE7B7DC3854D}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{190466B0-5961-4BAC-BB81-7EB15C82B4CE}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher | "{1A67A59B-E3ED-4473-885D-BBDBF7120E2A}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | "{1BBD4526-1E38-472E-9A0A-712C5279E99C}" = lport=6912 | protocol=17 | dir=in | name=league of legends launcher | "{1CC74DCB-51A2-444A-9E5B-FE4FAC925AC2}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher | "{20F9B4B5-7759-4A5B-BA2F-B527650A64CC}" = lport=6889 | protocol=6 | dir=in | name=league of legends launcher | "{22FE3D0A-B97C-4066-A25E-15F06353160D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{2448302D-E526-409C-B8BE-BD3525E5113E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | "{25B61A8C-5486-40B1-921E-378312EB772E}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher | "{2C4C0A7A-5AB8-4962-81DC-73F30F0E98CD}" = lport=6984 | protocol=17 | dir=in | name=league of legends launcher | "{2D4031D5-BE66-4D98-9339-C7A96B8268B4}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher | "{35E21838-828B-4A7B-9CBB-ABE4E5FC3761}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher | "{37774D1E-BE44-4D62-924A-EE6837E7BFEC}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher | "{37781EB3-3E4F-4296-8A50-CF18116F64CD}" = lport=6912 | protocol=6 | dir=in | name=league of legends launcher | "{383F5155-AD32-4D86-8D32-5E281297EDCF}" = lport=6994 | protocol=6 | dir=in | name=league of legends launcher | "{3BAB500F-D27C-46E7-9DDE-D409471CBE0C}" = lport=6997 | protocol=6 | dir=in | name=league of legends launcher | "{3BC42903-9C7A-49FA-90EF-82A837185643}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher | "{41EFC53D-ECDE-44AD-8184-F650D3C8AC0D}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby | "{432F34CA-8AF7-4E92-9692-BF35A74F0231}" = lport=8372 | protocol=17 | dir=in | name=league of legends launcher | "{43CBCD70-C9A7-49B2-A48B-7C0982D6DCA1}" = lport=6891 | protocol=17 | dir=in | name=league of legends launcher | "{440A30D1-50B5-4221-9E89-83EF773A6A29}" = lport=6891 | protocol=6 | dir=in | name=league of legends launcher | "{46AE9F39-3632-4E03-9C41-125059FDF954}" = lport=6991 | protocol=17 | dir=in | name=league of legends launcher | "{4C6A5397-29EF-4C6B-AFDD-B2D39177EDFB}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher | "{4EB3712A-6AF0-45BD-80E7-AF24F9A6B3F6}" = lport=6977 | protocol=17 | dir=in | name=league of legends launcher | "{61C11934-9246-4A90-A661-9D450E550D54}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{629FD325-4BAD-4146-A33B-77D4C2B0894E}" = lport=6903 | protocol=6 | dir=in | name=league of legends launcher | "{634498EB-2F64-4FBE-9249-0736C6698BBE}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{6388FD9A-1579-4A80-9C12-908A192EDEBE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{64C34451-83E4-447C-A4F7-DF1B5D5D1CC7}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher | "{64DB6A62-3779-4A60-A741-84E54FBE64A7}" = lport=6994 | protocol=17 | dir=in | name=league of legends launcher | "{670E13FA-EF0E-4CCF-BD2A-BE4D95B43CB3}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | "{67689128-4BF1-451A-BE43-4803F7D8C543}" = lport=6903 | protocol=17 | dir=in | name=league of legends launcher | "{67B3C7CA-7A3A-44C2-86F7-8D6CBBEBE459}" = lport=6965 | protocol=17 | dir=in | name=league of legends launcher | "{69FF6524-D405-419C-AEAD-69C0358E9A09}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher | "{6B0CD4EB-94F8-4FC5-94CE-5AAC78DDCBAF}" = lport=6991 | protocol=6 | dir=in | name=league of legends launcher | "{6E79D311-3E3C-4EAF-AD69-DB3EA343FB20}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{6F7E3855-003D-4DB2-920C-21AC1EFE52C8}" = lport=6952 | protocol=17 | dir=in | name=league of legends launcher | "{7010BC55-C976-429B-8720-46A5D205C49B}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher | "{70BDAFDB-BDD7-4220-B0DB-FF96F70A8728}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher | "{72B4E501-7A25-4723-956D-03D7856B8713}" = lport=6932 | protocol=17 | dir=in | name=league of legends launcher | "{78E77159-0415-4E46-A363-7413CA375D7F}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client | "{79FE29E1-74D3-4DB0-BE56-97C325EEC35D}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher | "{7D653BBD-BDC0-4CBB-AF60-2D4B00FE9618}" = lport=6948 | protocol=6 | dir=in | name=league of legends launcher | "{82325836-2C71-47CF-B2C3-453AC886A82C}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher | "{85B6533F-47C2-4D30-8115-88CEDDFFCEAB}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher | "{88741878-86B7-4089-ABBC-84598FEB83A3}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher | "{89761A80-23C9-4F77-87C5-2CD1F39D70BA}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{8C0B1A97-626A-4128-8AE6-EF0D49359D4E}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client | "{8F5F86CE-F746-414C-94AE-05B9F497486D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{90AB24DB-AA5D-43E5-8076-09C3B1DD3E0B}" = lport=6966 | protocol=17 | dir=in | name=league of legends launcher | "{98F06DDC-81B7-4D1D-9752-4F908867DFA7}" = lport=6932 | protocol=6 | dir=in | name=league of legends launcher | "{9BF3B182-F4F3-4342-9F5D-9DAB6358338F}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher | "{9DE16A41-901F-4DFF-953B-2F1114798904}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A0CB2EC8-742D-448F-84C9-8E30E9FCED5E}" = lport=6984 | protocol=6 | dir=in | name=league of legends launcher | "{A1ADB777-0581-4E24-A8BD-4D85C0D4D94B}" = lport=6995 | protocol=17 | dir=in | name=league of legends launcher | "{A24C12D6-16A3-4687-9525-D886B855B4AC}" = lport=6893 | protocol=17 | dir=in | name=league of legends launcher | "{A3226539-857A-47DC-AFC6-6599224D9B81}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher | "{A5DAD4AB-C8EA-43CD-9F2C-6314A4D23F12}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher | "{ABED8504-24C2-4671-9876-1CFF0AB4ED17}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher | "{AE2748A2-BC31-4EC0-BE71-4E263F1784DB}" = lport=6889 | protocol=17 | dir=in | name=league of legends launcher | "{AE94D441-BDD6-43E2-8D6C-4FB13EC117F8}" = lport=6898 | protocol=17 | dir=in | name=league of legends launcher | "{B25CFF3C-7D7F-479B-B75C-FAD4A06B7099}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher | "{B319DE6A-02CA-4167-BECA-592842D323C9}" = lport=6926 | protocol=17 | dir=in | name=league of legends launcher | "{BB3E3E37-2CFD-4BB0-A798-D200A731D037}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BE3B86A2-F85B-409A-AA46-F568AE7B6339}" = lport=6893 | protocol=6 | dir=in | name=league of legends launcher | "{BFD56D33-A2C2-4924-ADEB-5BB9C5C90EA5}" = lport=6965 | protocol=6 | dir=in | name=league of legends launcher | "{C2C87750-8095-4B86-9D7B-90D1E5244151}" = lport=6926 | protocol=6 | dir=in | name=league of legends launcher | "{C68E58A0-A46C-4DAD-8721-C3F3342A0C7A}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | "{C999072E-82AE-4DF0-9BC8-EAC267F34E67}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{CC0FA939-B454-482E-B818-F7A35C8FFAA7}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{CC2C1915-8E8C-44D7-BF79-C28295C52A53}" = lport=8372 | protocol=6 | dir=in | name=league of legends launcher | "{D0EC3F2D-3E9F-4C65-AD8C-02909FA7E456}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{D1B504F8-0CD7-431E-9401-A274913C17C9}" = lport=6948 | protocol=17 | dir=in | name=league of legends launcher | "{D31B0531-28F6-4BCA-957B-B555AC63EAB6}" = lport=6977 | protocol=6 | dir=in | name=league of legends launcher | "{D43F9610-B6D3-43D6-99A5-6CA950530A3A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{DB39D2EE-B31C-47CD-B9A9-1E948EFC15AA}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby | "{DC96DD37-5A62-4EF3-A1F3-CD722F733930}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DCBD80DA-041B-43AB-A9F6-2F5C25026511}" = lport=2869 | protocol=6 | dir=in | app=system | "{DE52A8E6-6757-4B30-A8BA-B96A8DD9F37C}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher | "{E46CD9B4-47E8-4104-8B5A-1F74A5AE50E4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{E48E2B8F-9F38-4331-B30C-19A5F78CC624}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher | "{E8D68D16-4752-4C1E-B23D-A11A252E3740}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher | "{EE11BDF5-8034-4076-8F7E-A99A0E8C611A}" = lport=6997 | protocol=17 | dir=in | name=league of legends launcher | "{EEC63557-7470-4DC5-AD58-39C0058573CD}" = lport=6898 | protocol=6 | dir=in | name=league of legends launcher | "{F731FD1A-0BAE-4766-9370-99CA32A4216F}" = lport=6966 | protocol=6 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07F62CEE-6AEF-4F79-A718-34CE011DDB29}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe | "{0ED3BE40-6948-492F-BB71-B20472E97C87}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{1379B3FF-4C5A-498C-873B-43565A590422}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | "{1414D924-A300-4BB8-B2AC-DD3EEBAFA2E3}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base16561\sc2.exe | "{17E2A48C-3958-4C35-8F9B-BFE2B0DE41C9}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe | "{2550D536-1344-48DA-9506-C810EE4CEE09}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{28B3E006-97EA-48F2-B7BD-9E1F31351DB4}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe | "{2C6D3B2F-71A9-4E9D-B600-6497C30256CE}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base16561\sc2.exe | "{36681CAF-140D-4A33-B48A-F0F239CF1263}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{372E5534-7339-4982-B844-19E689910AE1}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe | "{38928C89-A4BD-4EB3-8B91-A628A0B03CE8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{3ECDE124-D1AC-443F-B74F-26CBC994D6AC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{40CAADE1-BCC8-4D41-959D-47B12BB11F41}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{4B54512D-01CB-4668-BC5A-DCD5EFC68BE5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{4BB43F2B-DFE8-4FEC-B2CC-A0A701AF84E0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{4C923F51-D18D-4990-8764-881554747138}" = protocol=17 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe | "{5A5FB2BA-88A1-4A6A-BFF7-FA20839DC33B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{7AD3582C-E708-47A4-B048-8850BB9395E2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{813262D8-E91A-4446-80AA-4F8163723AD7}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base15405\sc2.exe | "{8878BC13-C04C-4565-9257-2274421C968A}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8A8D9666-F3D2-4574-88D7-CA5C2DE06487}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{97D38BD9-818E-410D-A21B-073E417AD70B}" = protocol=17 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe | "{9893DA45-6328-4687-83F7-D187EE8E4F44}" = protocol=17 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe | "{9965532F-5337-49C8-8252-5A432723051B}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daorigins.exe | "{9D7C6265-0D5C-4E06-B1DA-7675D325B543}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A107F0B3-ECA6-43CA-B9BE-833B8A009B98}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A13DE1C4-2BF7-4CEF-A2B8-DCFCA8736CE0}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | "{A4A37CD0-6017-4BC2-8F2B-7B0016D76701}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe | "{AA2C167B-072E-4AAB-A092-3054A757F93D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{B3A088FC-2A71-4824-B6C1-4B5EAE6B203F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{B5F1BD3E-7295-48B0-9872-22649D58BA5F}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe | "{B67E0E20-6533-4634-9C9A-AB514847AFB6}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe | "{B710CCBC-64D5-4D34-89DC-AF7551F9A475}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe | "{B7BCFE36-D43A-4820-8543-BE332B9F3151}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{BB118629-82A3-45FC-B32B-285F8877A1B8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{BC278DF2-42BB-4E3E-9862-9AD64748148F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{C3D9D5FE-15D7-4A4B-904D-EE3784921E23}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base15405\sc2.exe | "{C7340AB6-5E19-4C92-895E-8410BD607DD2}" = dir=in | app=d:\spiele\command and conquere\retailexe\1.8\cnc3game.dat | "{CC890FC2-263B-4799-BCCD-8F41A2F92938}" = protocol=6 | dir=in | app=d:\spiele\dragon age\bin_ship\daupdatersvc.service.exe | "{CE545EE2-38AD-4FFB-9781-0FD795CB5341}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe | "{CEC4059A-802C-4D6F-B56A-A4868D799940}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CF361CC8-E4E8-4E3B-BE96-E003AF482698}" = protocol=6 | dir=in | app=d:\spiele\dragon age\daoriginslauncher.exe | "{D080B646-1E48-4279-9E54-733C392DF89F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D3FE7C61-C54E-43DE-A040-B2E17E319363}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | "{DD65BED9-9C07-4D1F-8275-7807A443C258}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{EFA26686-299F-44EA-94D8-30223483E885}" = protocol=6 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe | "{F21B3CF8-F97A-402C-BA7F-CC3D39204D6E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "TCP Query User{0BE1FAE7-0C91-4B6D-AF0D-E2D7DE34B1BB}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{16FCE762-C13B-4155-8514-B439E7D667C8}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe | "TCP Query User{51B7DED7-678E-42CA-88B9-B9A7BEEA9857}D:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\spiele\warcraft iii\war3.exe | "TCP Query User{68FA9294-1778-451F-98F8-1B2EC1AA17EE}C:\spiele\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft\starcraft.exe | "TCP Query User{76AC685F-E5B7-4AF0-B772-8A24AA5B3D7F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{7BC59B46-D2CD-4E04-9108-1736C4249688}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{7C4FF448-A5B9-4218-919F-D283FEE022F2}D:\spiele\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\spiele\warcraft iii\war3.exe | "TCP Query User{B0A71885-3E7B-41D1-8F71-1294B5D5AE6D}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{B0E6FB1C-F230-4F3E-8CF1-1D6FFA83AD99}D:\spiele\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base16939\sc2.exe | "TCP Query User{C563C1C0-A7D8-4F73-9BC7-53A67AAE0F26}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe | "TCP Query User{E1242A39-59FC-4A63-BCA7-CD5041731657}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{F204888F-6643-44C7-824A-990D2EE9EF58}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{236BEEB4-6086-4F4C-8704-57A77BB026BE}D:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\spiele\warcraft iii\war3.exe | "UDP Query User{241D85B1-D2AB-46F0-9E3A-959221CF9926}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe | "UDP Query User{40491C1C-6392-454D-BE3E-C5620F74D2E4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{45EF7D8F-2AD0-40C2-BAEE-DB59D37501EF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{7A286520-51BF-46C4-9DF4-FE4F696E270F}D:\spiele\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\spiele\warcraft iii\war3.exe | "UDP Query User{98E2F8E0-FFDC-408F-98C6-87A23E534C04}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{B387DD6D-1448-4B0F-8B58-F67D08610AAE}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{B793F513-67CB-4680-8760-EA2025BE539A}D:\spiele\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base16939\sc2.exe | "UDP Query User{BE7DB92B-FBA0-4B8A-A796-F70CE8F9D301}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{D4AFBC30-D21F-46F4-B7C7-DB64F0F1A2D7}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{EA16B840-770F-4ED5-8BE3-997FD7B2D170}C:\spiele\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft\starcraft.exe | "UDP Query User{F296A832-2C0B-4F55-985A-6FE8C57CDC4D}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{200F584F-848D-4B6B-B1A1-C74D735F18A4}" = InstallRTC "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety "{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62B002C5-1AB3-11D8-8092-00E018B21FC0}" = USB Mass Storage Toolbox "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = pdf24 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10 "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007 "{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2) "{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007 "{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10 "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0 "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B136F351-BF1E-4948-9557-FA6524302ACA}" = SPSS 14.0 für Windows "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Sitecom Europe "{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Premium "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D48EAA77-E526-41EB-894C-BD6A17EABD95}" = TMPGEnc 3.0 XPress "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF4EA1D8-E44E-41BA-B4C4-B4BEFDFCF2AC}" = DaViDeo 4 professional "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FD54066C-59C6-475B-B8A0-A0D26969D8E2}" = Pinnacle PCTV MCE "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AVI & MPEG Splitter_is1" = AVI & MPEG Splitter 1.48 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Canon Setup Utility 2.0" = Canon Setup Utility 2.0 "CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200 "CCleaner" = CCleaner "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX-Setup "DVD Shrink_is1" = DVD Shrink 3.2 "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox "eMule" = eMule "ENTERPRISE" = Microsoft Office Enterprise 2007 "FileHippo.com" = FileHippo.com Update Checker "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9 "HijackThis" = HijackThis 2.0.2 "HyperCam 2" = HyperCam 2 "InstallShield_{EF4EA1D8-E44E-41BA-B4C4-B4BEFDFCF2AC}" = DaViDeo 4 professional "IsoBuster_is1" = IsoBuster 2.8 "League of Legends_is1" = League of Legends "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "MAGIX Foto Clinic 5.5 D" = MAGIX Foto Clinic 5.5 (D) "MAGIX Fotos auf CD & DVD 5.5 e-version D" = MAGIX Fotos auf CD & DVD 5.5 e-version (D) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MediaNavigation.CDLabelPrint" = CD-LabelPrint "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 4.0b7 (x86 de)" = Mozilla Firefox 4.0b7 (x86 de) "Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0 "ratDVD" = ratDVD 0.78.1444 "RealPlayer 12.0" = RealPlayer "Secunia PSI" = Secunia PSI "SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer "Starcraft" = Starcraft "StarCraft II" = StarCraft II "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Uninstall_is1" = Uninstall "Unlocker" = Unlocker 1.9.0 "VISPRO" = Microsoft Office Visio Professional 2007 "VLC media player" = VLC media player 0.9.8a "VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter "Warcraft III" = Warcraft III "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "X10Hardware" = X10 Hardware(TM) "XviD" = XviD MPEG-4 Codec "Xvid_is1" = Xvid 1.1.3 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Warcraft III" = Warcraft III: All Products "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 16.11.2010 06:01:50 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul QuickTime.qts_unloaded, Version, Zeitstempel 0x4c87d299, Ausnahmecode 0xc0000005, Fehleroffset 0x5e3ebb69, Prozess-ID 0x1748, Anwendungsstartzeit 01cb85748972ec00. Error - 16.11.2010 06:02:10 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul unknown, Version, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x5f30bb69, Prozess-ID 0x15c4, Anwendungsstartzeit 01cb85754ba4cdfc. Error - 16.11.2010 06:02:26 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version, Zeitstempel 0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x29c, Anwendungsstartzeit 01cb8575570c6263. Error - 16.11.2010 06:02:41 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version, Zeitstempel 0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x8e0, Anwendungsstartzeit 01cb8575602f4545. Error - 16.11.2010 06:02:57 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version, Zeitstempel 0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x13e0, Anwendungsstartzeit 01cb857569a0d5c1. Error - 16.11.2010 06:03:13 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul rpcontrols1.dll_unloaded, Version, Zeitstempel 0x4c078b43, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0x168c, Anwendungsstartzeit 01cb85757325790d. Error - 16.11.2010 06:03:34 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.exe, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul unknown, Version, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x626dbb69, Prozess-ID 0xae4, Anwendungsstartzeit 01cb85757c991cc9. Error - 16.11.2010 06:05:52 | Computer Name = ***** | Source = VMCService | ID = 0 Description = conflictManagerTypeValue Error - 16.11.2010 06:10:45 | Computer Name = ***** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul unknown, Version, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x6363bb69, Prozess-ID 0x428, Anwendungsstartzeit 01cb8575d5acf957. Error - 16.11.2010 15:42:17 | Computer Name = ***** | Source = VMCService | ID = 0 Description = conflictManagerTypeValue [ Media Center Events ] Error - 07.03.2008 14:31:04 | Computer Name = ***** | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 13.03.2008 23:26:30 | Computer Name = ***** | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 30.03.2008 21:10:38 | Computer Name = ***** | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 21.04.2008 13:16:22 | Computer Name = ***** | Source = Media Center Guide | ID = 0 Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide Error - 09.02.2009 10:54:01 | Computer Name = ***** | Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton Error - 09.02.2009 10:54:02 | Computer Name = ***** | Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton Error - 21.04.2009 10:42:06 | Computer Name = Chris-PC | Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton Error - 21.04.2009 10:42:06 | Computer Name = *****| Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton Error - 28.06.2009 06:51:36 | Computer Name = ***** | Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton Error - 28.06.2009 06:51:36 | Computer Name = ***** | Source = Media Center Guide | ID = 13 Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten. Uberprufen Sie die Internetverbindungseinstellungen. Wenn die Verbindung uber einen Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgema? konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton [ System Events ] Error - 15.11.2010 10:51:10 | Computer Name = ***** | Source = Print | ID = 6161 Description = Das Dokument Der Einfluss des Kindergartens.pdf im Besitz von Chris konnte nicht auf dem Drucker Canon iP4200 gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT EMF 1.008. Gro?e der Spooldatei in Bytes: 45393740. Anzahl der gedruckten Bytes: 17205204. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\CHRIS-PC. Vom Druckprozessor zuruckgegebener Win32-Fehlercode: 1. Unzulassige Funktion. Error - 15.11.2010 10:56:12 | Computer Name = ***** | Source = Print | ID = 6161 Description = Das Dokument Der Einfluss des Kindergartens.pdf im Besitz von Chris konnte nicht auf dem Drucker Canon iP4200 gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: NT EMF 1.008. Gro?e der Spooldatei in Bytes: 46376780. Anzahl der gedruckten Bytes: 10167136. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\CHRIS-PC. Vom Druckprozessor zuruckgegebener Win32-Fehlercode: 1. Unzulassige Funktion. Error - 15.11.2010 19:25:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7011 Description = Error - 15.11.2010 19:26:29 | Computer Name = ***** | Source = Service Control Manager | ID = 7011 Description = Error - 15.11.2010 19:26:59 | Computer Name = ***** | Source = Service Control Manager | ID = 7011 Description = Error - 15.11.2010 19:27:29 | Computer Name = ***** | Source = Service Control Manager | ID = 7011 Description = Error - 15.11.2010 20:21:17 | Computer Name = ***** | Source = DCOM | ID = 10010 Description = Error - 15.11.2010 22:19:43 | Computer Name = ***** | Source = DCOM | ID = 10010 Description = Error - 16.11.2010 05:05:31 | Computer Name = ***** | Source = DCOM | ID = 10010 Description = Error - 16.11.2010 06:03:43 | Computer Name = ***** | Source = DCOM | ID = 10010 Description = [ TuneUp Events ] Error - 02.11.2010 08:11:36 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-02 13:11:36', '\device\harddiskvolume2\program files\sid meier's civilization v\launcher.exe','3776',0) Error - 02.11.2010 08:11:57 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-02 13:11:57', '\device\harddiskvolume2\program files\sid meier's civilization v\civilizationv.exe','2968',0) Error - 03.11.2010 18:22:39 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-03 23:22:39', '\device\harddiskvolume2\program files\sid meier's civilization v\launcher.exe','5400',0) Error - 03.11.2010 18:22:44 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-03 23:22:44', '\device\harddiskvolume2\program files\sid meier's civilization v\civilizationv.exe','3060',0) Error - 04.11.2010 07:15:56 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 12:15:56', '\device\harddiskvolume2\program files\sid meier's civilization v\launcher.exe','5184',0) Error - 04.11.2010 07:17:06 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 12:17:06', '\device\harddiskvolume2\program files\sid meier's civilization v\civilizationv.exe','3804',0) Error - 04.11.2010 10:18:49 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 15:18:49', '\device\harddiskvolume2\program files\sid meier's civilization v\launcher.exe','504',0) Error - 04.11.2010 10:18:54 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-04 15:18:54', '\device\harddiskvolume2\program files\sid meier's civilization v\civilizationv.exe','472',0) Error - 15.11.2010 20:33:28 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-16 01:33:28', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbam.exe','3252',0) Error - 16.11.2010 19:26:42 | Computer Name = ***** | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-17 00:26:42', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbam.exe','284',0) < End of report > Code:
ATTFilter OTL logfile created on: 17.11.2010 08:00:01 - Run 3 OTL by OldTimer - Version Folder = C:\Users\*****\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 221,17 Gb Total Space | 58,14 Gb Free Space | 26,29% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 30,17 Gb Free Space | 12,95% Space Free | Partition Type: NTFS Drive F: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive O: | 1397,26 Gb Total Space | 595,41 Gb Free Space | 42,61% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Chris\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox 4.0 Beta 6\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Unlocker\UnlockerAssistant.exe () PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Programme\eMule\emule.exe (hxxp://www.emule-project.net) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software GmbH) PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) ========== Modules (SafeList) ========== MOD - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe File not found SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software GmbH) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH) SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation) SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation) SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (ddxgb) -- C:\Users\Chris\AppData\Local\Temp\ddxgb.sys File not found DRV - (catchme) -- C:\ComboFix\catchme.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. ) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH) DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (xfilt) -- C:\Windows\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc) DRV - (videX32) -- C:\Windows\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (Tosrfbd) -- C:\Windows\System32\drivers\TosRfbd.sys (TOSHIBA CORPORATION) DRV - (Tosrfhid) -- C:\Windows\System32\drivers\TosRfhid.sys (TOSHIBA Corporation.) DRV - (TosRfSnd) Bluetooth Audio Device (WDM) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation) DRV - (tosporte) -- C:\Windows\System32\drivers\Tosporte.sys (TOSHIBA Corporation) DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.) DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation) DRV - (Tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation) DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://www.arcor.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.spiegel.de" FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}: FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com: FF - prefs.js..extensions.enabledItems: toolbar@ask.com: FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}: FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}: FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010.11.11 17:17:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins [2010.09.26 23:01:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.29 00:27:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.10.07 12:26:26 | 000,000,000 | ---D | M] [2010.09.24 15:19:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions [2010.09.24 15:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.10.29 08:56:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions [2010.06.29 09:59:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.10.27 22:39:15 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.02.18 13:15:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.10.29 08:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.14 23:35:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.07.29 14:35:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.10.16 23:32:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.10.08 12:19:37 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.10.10 12:25:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\DefaultManager@Microsoft [2010.02.04 01:24:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0hkidv9q.default\extensions\moveplayer@movenetworks.com [2009.11.06 09:36:00 | 000,002,171 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\bing.xml [2010.07.29 14:45:54 | 000,000,873 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\conduit.xml [2010.11.13 13:01:26 | 000,001,056 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\0hkidv9q.default\searchplugins\icqplugin.xml [2010.09.22 12:59:15 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2007.06.03 21:19:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.06.30 23:16:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} O1 HOSTS File: ([2010.09.23 21:46:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: localhost O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe (hxxp://www.emule-project.net) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.11.01 04:47:57 | 000,000,000 | R--D | M] - F:\AutoRun -- [ UDF ] O32 - AutoRun File - [2005.11.01 04:09:50 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - F:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2005.11.01 04:43:36 | 000,000,160 | R--- | M] () - F:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - F:\AutoRunGUI.dll -- [ UDF ] O32 - AutoRun File - [2010.01.21 03:47:35 | 000,000,000 | RH-D | M] - O:\autorun -- [ NTFS ] O32 - Unable to obtain root file information for disk O:\ O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.16 10:37:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\QuickStoresToolbar [2010.11.16 10:37:20 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker [2010.11.16 01:40:21 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro [2010.11.04 10:42:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Blumio [2010.10.29 08:55:40 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2 [2010.10.26 22:55:19 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.10.26 22:55:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.10.26 22:55:16 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.10.24 11:28:10 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.24 11:28:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.24 11:28:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2008.12.27 16:31:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.17 08:00:00 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2010.11.17 07:06:56 | 000,206,537 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.11.17 07:06:55 | 000,206,537 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.11.17 06:42:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.17 06:42:31 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.16 20:42:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.16 15:11:27 | 000,299,226 | ---- | M] () -- C:\Users\Chris\Desktop\151-148-1-PB.pdf [2010.11.16 15:03:33 | 000,170,882 | ---- | M] () -- C:\Users\Chris\Desktop\hoffmann_schule.pdf [2010.11.16 14:48:19 | 001,061,188 | ---- | M] () -- C:\Users\Chris\Desktop\iv06_akibilanz4a.pdf [2010.11.16 14:28:15 | 000,302,080 | ---- | M] () -- C:\Users\Chris\Desktop\rainer_geissler_-_die_metamorphose_der_katholischen_arbeitertochter_zum_migrantensohn.doc [2010.11.16 13:57:20 | 000,180,224 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.16 01:40:21 | 000,001,880 | ---- | M] () -- C:\Users\Chris\Desktop\HijackThis.lnk [2010.11.16 01:09:24 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010.11.16 00:25:04 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010.11.15 13:23:46 | 000,303,970 | ---- | M] () -- C:\Users\Chris\Desktop\Der Einfluss des Kindergartens.pdf [2010.11.15 12:48:11 | 000,147,019 | ---- | M] () -- C:\Users\Chris\Desktop\Integration und Ganztagsbildung.docx [2010.11.15 12:47:54 | 005,246,597 | ---- | M] () -- C:\Users\Chris\Desktop\Sprachliche Leistungen in der Einschulungsuntersuchung.pdf [2010.11.15 12:36:00 | 000,654,650 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.15 12:36:00 | 000,616,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.15 12:36:00 | 000,137,000 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.15 12:36:00 | 000,112,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.15 10:25:29 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010.11.14 18:59:41 | 002,419,661 | ---- | M] () -- C:\Users\Chris\Desktop\Deutsches_Reich1.jpg [2010.11.14 18:53:10 | 000,003,129 | ---- | M] () -- C:\Users\Chris\Documents\Mastersongs.m3u [2010.11.13 21:57:56 | 000,065,536 | ---- | M] () -- C:\Users\Chris\Desktop\fc3fd199-00f5-467f-9a66-686b84cde99e.jpg [2010.11.12 14:34:48 | 000,524,935 | ---- | M] () -- C:\Users\Chris\Desktop\05314.pdf [2010.11.12 10:46:49 | 000,071,693 | ---- | M] () -- C:\Users\Chris\Desktop\Schulen nach Form des Ganztagsangebots 2008.jpg [2010.11.11 15:44:32 | 001,646,206 | ---- | M] () -- C:\Users\Chris\Desktop\kita_regional.pdf [2010.11.09 20:45:18 | 1623,351,296 | ---- | M] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-b.avi [2010.11.09 19:39:22 | 1464,657,920 | ---- | M] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-a.avi [2010.11.09 16:31:00 | 000,201,840 | ---- | M] () -- C:\Users\Chris\Desktop\steuer09_anlage_kap.pdf [2010.11.08 19:52:57 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.11.08 19:52:57 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.11.04 11:19:23 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.11.04 11:15:39 | 000,319,982 | ---- | M] () -- C:\Users\Chris\Desktop\GTS_2008.pdf [2010.10.24 11:26:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.24 11:26:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.24 11:26:52 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.10.24 11:26:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Chris\Desktop\*.tmp files -> C:\Users\Chris\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.16 15:11:26 | 000,299,226 | ---- | C] () -- C:\Users\Chris\Desktop\151-148-1-PB.pdf [2010.11.16 15:03:33 | 000,170,882 | ---- | C] () -- C:\Users\Chris\Desktop\hoffmann_schule.pdf [2010.11.16 14:48:19 | 001,061,188 | ---- | C] () -- C:\Users\Chris\Desktop\iv06_akibilanz4a.pdf [2010.11.16 14:28:14 | 000,302,080 | ---- | C] () -- C:\Users\Chris\Desktop\rainer_geissler_-_die_metamorphose_der_katholischen_arbeitertochter_zum_migrantensohn.doc [2010.11.16 01:40:21 | 000,001,880 | ---- | C] () -- C:\Users\Chris\Desktop\HijackThis.lnk [2010.11.15 12:47:54 | 005,246,597 | ---- | C] () -- C:\Users\Chris\Desktop\Sprachliche Leistungen in der Einschulungsuntersuchung.pdf [2010.11.15 12:27:34 | 000,303,970 | ---- | C] () -- C:\Users\Chris\Desktop\Der Einfluss des Kindergartens.pdf [2010.11.15 10:25:29 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010.11.14 18:59:39 | 002,419,661 | ---- | C] () -- C:\Users\Chris\Desktop\Deutsches_Reich1.jpg [2010.11.14 18:53:10 | 000,003,129 | ---- | C] () -- C:\Users\Chris\Documents\Mastersongs.m3u [2010.11.14 15:30:50 | 1623,351,296 | ---- | C] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-b.avi [2010.11.14 15:28:02 | 1464,657,920 | ---- | C] () -- C:\Users\Chris\Desktop\exq-avatar.erw.kino-xvid-a.avi [2010.11.13 21:57:56 | 000,065,536 | ---- | C] () -- C:\Users\Chris\Desktop\fc3fd199-00f5-467f-9a66-686b84cde99e.jpg [2010.11.12 14:34:48 | 000,524,935 | ---- | C] () -- C:\Users\Chris\Desktop\05314.pdf [2010.11.12 10:46:48 | 000,071,693 | ---- | C] () -- C:\Users\Chris\Desktop\Schulen nach Form des Ganztagsangebots 2008.jpg [2010.11.11 15:44:32 | 001,646,206 | ---- | C] () -- C:\Users\Chris\Desktop\kita_regional.pdf [2010.11.09 16:27:23 | 000,201,840 | ---- | C] () -- C:\Users\Chris\Desktop\steuer09_anlage_kap.pdf [2010.11.04 12:14:16 | 000,147,019 | ---- | C] () -- C:\Users\Chris\Desktop\Integration und Ganztagsbildung.docx [2010.11.04 11:15:39 | 000,319,982 | ---- | C] () -- C:\Users\Chris\Desktop\GTS_2008.pdf [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.08.25 16:33:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.12.29 01:25:39 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.12.19 12:36:31 | 000,206,537 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.12.19 12:36:30 | 000,206,537 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2009.03.24 17:19:25 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2009.03.24 17:19:24 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2009.03.24 17:19:24 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2008.12.28 18:37:03 | 000,000,671 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml [2008.12.27 16:34:30 | 000,000,033 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.log [2008.12.27 16:31:19 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat [2008.12.27 16:31:19 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf [2008.08.27 01:01:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008.08.27 01:00:40 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008.08.27 01:00:40 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll [2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll [2008.08.27 01:00:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll [2008.06.23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.31 11:23:51 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2008.05.23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2008.05.15 16:46:34 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI [2008.05.15 16:46:25 | 000,000,098 | ---- | C] () -- C:\Windows\WirelessFTP.INI [2008.04.01 15:56:08 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2008.04.01 15:56:06 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2007.12.14 16:32:08 | 000,000,321 | ---- | C] () -- C:\Windows\homeDVD-Fotos5_5.INI [2007.11.30 17:08:17 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini [2007.11.22 13:53:48 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2007.11.18 11:25:48 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2 [2007.09.26 21:17:59 | 000,394,240 | ---- | C] () -- C:\Windows\System32\Smab.dll [2007.09.26 21:17:59 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2007.09.09 13:32:52 | 000,135,168 | ---- | C] () -- C:\Windows\System32\DVDEncoder.dll [2007.09.08 15:30:29 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.08.03 15:29:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\DVDKeyAuth.dll [2007.05.29 07:55:10 | 000,008,220 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate [2007.05.28 17:52:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.04.08 18:51:16 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini [2007.04.08 18:12:41 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini [2007.04.08 15:45:56 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2007.03.14 15:47:22 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2007.03.08 23:32:11 | 000,000,552 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d8caps.dat [2007.03.01 21:58:48 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS78.DLL [2007.02.28 16:44:53 | 000,001,356 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat [2007.02.27 15:05:43 | 000,000,646 | ---- | C] () -- C:\Windows\ODBC.INI [2007.02.27 03:47:14 | 000,000,632 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\wklnhst.dat [2007.02.27 03:38:15 | 000,000,402 | ---- | C] () -- C:\Windows\wininit.ini [2007.02.27 02:32:35 | 000,180,224 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.10.27 08:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2006.04.13 10:30:06 | 001,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll [2004.12.14 12:04:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004.12.14 12:02:49 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2004.12.02 14:20:18 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2004.09.22 09:09:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2004.08.30 12:26:16 | 000,389,120 | ---- | C] () -- C:\Windows\System32\xvid.dll [2004.07.20 16:04:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll [2004.01.15 13:43:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TBTMonUI.dll [2003.07.29 14:33:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\TosHidAPI.dll [2000.04.10 11:33:28 | 000,027,494 | ---- | C] () -- C:\Programme\Troubleshooting.htm [2000.04.10 11:31:42 | 000,054,272 | ---- | C] () -- C:\Programme\Troubleshooting.doc [2000.04.10 11:31:42 | 000,021,473 | ---- | C] () -- C:\Programme\Update.txt ========== Files - Unicode (All) ========== [2007.02.25 09:27:30 | 000,904,439 | ---- | C] ()(C:\Umweltbewu?tsein 2006.pdf) -- C:\Umweltbewußtsein 2006.pdf [2007.02.22 21:57:32 | 000,904,439 | ---- | M] ()(C:\Umweltbewu?tsein 2006.pdf) -- C:\Umweltbewußtsein 2006.pdf ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:9AEE100C @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:94A19129 < End of report > |
![]() | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows-Explorere stürzt dauerd ab Ältere Logs von Malwarebytes mit Funden gibt es nicht?
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #5 |
![]() | ![]() Windows-Explorere stürzt dauerd ab Ich hab ja zweimal das selbe LOG gepostet, sorry. Hier hab ich noch einen, wo er was gefunden hatte, aber das war nur einen Tag früher. Sonst habe ich keine Malware-Logs Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4705 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 16.11.2010 09:40:27 mbam-log-2010-11-16 (09-40-27).txt Art des Suchlaufs: Vollstдndiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 304862 Laufzeit: 4 Stunde(n), 9 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlьssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bцsartigen Objekte gefunden) Infizierte Speichermodule: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungsschlьssel: (Keine bцsartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bцsartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bцsartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bцsartigen Objekte gefunden) Infizierte Dateien: C:\Downloads\Microsoft Windows Key Gen 2003 Or Xp Pro Or Office-Xp Keygen\XPKey.exe (Trojan.Downloader) -> Quarantined and deleted successfully. |
![]() | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Windows-Explorere stürzt dauerd abZitat:
![]() Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr. Für Dich geht es hier weiter => Neuaufsetzen des Systems Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken. Danach nie wieder sowas anrühren!
__________________ --> Windows-Explorere stürzt dauerd ab |
![]() | #7 |
![]() | ![]() Windows-Explorere stürzt dauerd ab Aber ich habe garkein Xp, ich hab Vista und das ist eine lizensierte Version. Keien Ahnung, wo der Keygenerator herkommt. Der muss uralt sein, wurde aber nicht für meinen PC benutzt. Der muss mindestens schon 3 Jahre auf dem PC sein, da hat sich mal ein Kumpel den runtergeladen, soweit ich mich erinnere. Kann das denn auch Schaden anrichten, wenn ich das garnicht benutze? Geändert von Donald83 (17.11.2010 um 16:36 Uhr) |
![]() |
Themen zu Windows-Explorere stürzt dauerd ab |
adobe, antivir, antivir guard, avg, avira, bho, browser, converter, defender, desktop, excel, explorer absturt neustart, firefox, hijackthis, home, internet, internet explorer, logfile, mozilla, mp3, nvidia, plug-in, senden, software, symantec, system, unlock, vista, vodafone, windows-explorere |