|
Alles rund um Windows: Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar!Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
03.01.2011, 08:21 | #1 |
| Problem: Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Also wie schon im Titel beschrieben öffnet sich ca. alle 30min - 1std. 30min mein WMP von alleine. Und wenn ich es minimire / ein anderes Fenster (z.b. internetbrowser) öfffne oder anklicke, drängt sich WMP wieder in den vordergrund (ca. jede sekunde). So ich hoffe ich hab das Problem genug beschrieben damit ihr vielleicht ein paar Ideen entwickeln um mir zu helfen, denn es stört sehr wenn ich mitten im Spiel oder sonstiges den PC neustarten darf. Hoffentlich kein Virus oder Trojaner oder sonstiges. HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:27:46, on 03.01.2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.exe C:\Program Files\Vimicro\VMUVC\VMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Razer\Lycosa\razerhid.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\***\Program Files\DNA\btdna.exe C:\Program Files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\***\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\Razer\Lycosa\razertra.exe C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Public\World of Warcraft\WoW.exe C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\***\Downloads\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll R3 - URLSearchHook: Softonic Deutsch FF Toolbar - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Softonic Deutsch FF Toolbar - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Softonic Deutsch FF Toolbar - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.EXE" /APPLY O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro\VMUVC\VMonitor.exe" VMUVC O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ACQTMOUSE] "C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe" O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Niklas\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Program Files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Niklas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing) (HKCU) O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- End of file - 13901 bytes |
03.01.2011, 14:03 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Anleitung / Hilfe Hallo und
__________________Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
03.01.2011, 15:52 | #3 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Details Ok, also:
__________________Malwarebytes: Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 03.01.2011 15:38:25 mbam-log-2011-01-03 (15-38-25).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 188344 Laufzeit: 18 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) OTL: OTL EXTRAS Logfile: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.01.2011 15:42:04 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 576,15 Gb Total Space | 333,62 Gb Free Space | 57,90% Space Free | Partition Type: NTFS Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,83% Space Free | Partition Type: FAT32 Drive E: | 3,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: *** | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Users\Niklas\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableSR" = 0 "DisableConfig" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1902AF56-FDE8-42A2-AF55-668CFA68E392}" = lport=2869 | protocol=6 | dir=in | app=system | "{55B8A150-E2F1-4128-BEC2-F7250F8691F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{650A22A3-50F2-4CBB-9CBA-30EFE92C6535}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{6E8E4FEC-F08B-4938-B919-7082335C2B2A}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{A8E6BAA3-88C9-4B77-BBF8-3BD14E9B58D7}" = lport=7000 | protocol=6 | dir=in | name=blizzard downloader: 7000 | "{B69518B2-B901-4016-A57F-7D163CA76980}" = lport=2869 | protocol=6 | dir=in | app=system | "{D3D624AA-D789-4443-9CD6-72CF3A47A2C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{006D75D8-62AB-4D47-908C-54EE193F79E0}" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\wow-3.2.0-dede-downloader.exe | "{02A29263-CC8D-4C86-AB3A-EF7A301CEF89}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{047BE389-206C-4957-AF71-CF407136F7D4}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | "{063CB075-69EF-4074-ADC4-6F312CE64E36}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{101FBAB7-BE4F-4870-8A8C-D6AA8C4AB406}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{137B1AAD-6D6A-45C2-8F41-F6BAAA09EE60}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "{159A38E1-C247-4477-A3C6-BEB218ABD97C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{1A303F31-98A8-406C-A0AA-89F96E264BE5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{21986F32-605D-413B-B86F-09B7C356FCEF}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{2FEBC07A-1531-42E0-AA07-C7301BFD50F3}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{370ABAA2-B9CE-41DD-BD3B-191C25175A9B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9506-to-3.0.9.9551-dede-downloader.exe | "{37C99D49-430D-401E-BF54-14418907FD77}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | "{3B916733-268E-4A25-9E6E-9D0D64DE1173}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{3D22AAED-53B1-4076-B674-FC4CDAF40FA7}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{3F99F2D1-09F3-4536-B774-238CA1726490}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{413054E2-A51E-4BC5-A81A-78D966A0B468}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | "{44DA55D9-B665-4EEE-9ECD-86B427C135CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{45A1A464-1A10-45AA-B6F7-B80B2A8AC587}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{50540D7D-1FBB-4D01-A467-9E715CCBA32C}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe | "{53440A0D-D6B7-4CDB-9DF4-A9CEDB90EA28}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "{57352F3B-DA81-4793-B009-6D75332A127E}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{5B1C536F-BFC6-4AC3-B478-8ADA41C2B2F4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | "{5C321270-9D2C-40B4-A09D-38189DEA38E4}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | "{5EB9B68D-2548-4121-91C1-9CE36E8048E4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{682BB3DB-722A-4127-BF24-4FF9200A7ED2}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{68FDCE46-00A5-431A-B65D-0E10C51C4082}" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\wow-3.2.0-dede-downloader.exe | "{6BF37AEF-3A65-488B-87B3-5484CFAB53C4}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe | "{6C909073-9BA6-48C9-A190-69CA7F55F889}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | "{6E3EBA59-D755-4485-850F-3D831FBEEA4C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{72110A29-0FEA-4CFB-A986-CF4A12279838}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | "{7308639F-336D-4033-86EF-26B088AC6B74}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{76C50C5F-2C13-49DE-B80E-AAEFB9783A91}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe | "{77AD39C7-0851-4C6B-9B73-D7E5B6E31ECA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{77D8F104-8659-478E-A12A-82AD9CD78374}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{782F1C6F-12F6-4DDE-B2F4-D24A06DC7967}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{7BBFD48A-699D-4748-81C8-A9230492D874}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9506-to-3.0.9.9551-dede-downloader.exe | "{7BCCFDD5-B418-45CD-A9A5-CBC729100543}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{7BD1AB52-FB5D-47FD-ABB2-E5689CA156F1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe | "{7D46E159-2861-4095-98B6-871A8F9827FE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{84024FED-9B65-42C7-9F71-2193274FBE35}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{8799BB65-4A59-484B-93AB-DB831BF5F4B7}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | "{8CA59B9D-CB24-431F-BAF7-60E13B01A6F3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | "{922ABF1F-19C3-40AA-BDC4-89E5B013CBB5}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{922F4879-79DD-41CC-81E6-1760B03C8B5B}" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.patch.exe | "{98CAFABB-3544-415D-AAE6-DF1A12C3AD32}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe | "{99DB78AB-FD12-4153-92DB-30D71F92B328}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | "{9D873E8A-668A-484C-B638-83E9F897BE39}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "{9E0253C3-07AF-4F7D-819A-102E0F88ED44}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{9F4B5752-A672-468C-B323-EAC2F7656324}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{A07A9793-A873-498D-AF06-34EAC0F56249}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{A1663863-9F89-4D62-B138-7D26357551CD}" = protocol=17 | dir=in | app=c:\program files\salfeld\kisi\kisiset.exe | "{A4682FED-36C6-4466-A48B-494F841A9C77}" = protocol=6 | dir=in | app=c:\program files\salfeld\kisi\kisiset.exe | "{A9FD361F-0133-4134-9AF9-807FB565DA97}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{AB94D42F-F754-495D-AAEE-21C7574A2893}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{B13CF11D-0E2C-4B8F-A600-D39FA47A3B46}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{B15E67E4-18D6-4DB1-844C-1115FBD4EC54}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{BB5B95CF-6851-4845-9D8E-8662F4D918E1}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe | "{BDBC7F3B-18DE-4599-80E9-4283F52D8FC3}" = protocol=6 | dir=out | app=system | "{C087D784-D635-47D3-94D6-52DE0CD721F3}" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.patch.exe | "{C157E5E4-6C8E-46E2-B08D-D2F72BC103CF}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | "{C5AEE85F-3C8A-4176-9FAE-2C5C37343C50}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe | "{C8923C25-1B73-4115-99D6-F633A841C4CF}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{CE9261DA-37CC-4EA7-8087-9A571674BCB3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{D371706E-A1D2-4141-BAA8-78DE8B939744}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{D4DB4617-82B5-460C-9C32-EC0ACC08C36F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{D7CE7218-1C01-4D31-AEE9-D18FEF81BE8B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{DC4F722E-C76D-4B53-BE9C-9BB9CC778E62}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "{EAE6130F-0975-4D45-B28E-CFE87917CCE4}" = dir=in | app=c:\program files\itunes\itunes.exe | "{EC516C45-FE5E-4FF2-8615-AC780BAD8A78}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{F2869AD7-168D-4B82-8ED7-FE15C4CB81A1}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe | "{F4DF1F86-DC7C-4B2A-9789-4FB3F1F97831}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{F6CC2CB8-8208-4D4B-9432-FF2A035DB258}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{FA4F8296-B3D8-400F-9EE2-857C140B9886}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe | "TCP Query User{01A2935D-3653-4DB0-B103-DED8B2F58F48}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe | "TCP Query User{01EC64D0-E802-462D-AC21-38F83F547A30}C:\users\public\world of warcraft - kopie\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft - kopie\launcher.exe | "TCP Query User{066988C8-7829-4E52-8FB5-A831B8D2B7AE}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe | "TCP Query User{0B62135C-0642-43B3-8576-69A1A100B434}C:\users\***\appdata\local\temp\blizzard launcher temporary - 0d26ce58\launcher.exe" = protocol=6 | dir=in | app=c:\users\niklas\appdata\local\temp\blizzard launcher temporary - 0d26ce58\launcher.exe | "TCP Query User{0B7E8DBF-5743-4A88-85A6-1E049C86CCE1}C:\users\public\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | "TCP Query User{0F7B6696-0AA6-4B57-890D-213CFDF48887}C:\users\public\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "TCP Query User{13CA9748-F4CE-4776-A938-844712C5544A}C:\alien arena 2008\crx.exe" = protocol=6 | dir=in | app=c:\alien arena 2008\crx.exe | "TCP Query User{169C7DEE-F838-4CEF-BE38-658A2C761DD6}C:\program files\anno 1701\anno1701.exe" = protocol=6 | dir=in | app=c:\program files\anno 1701\anno1701.exe | "TCP Query User{180B0386-EEF9-43AF-AD61-3C980252AF95}C:\users\***\appdata\local\temp\blizzard launcher temporary - 17772420\launcher.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 17772420\launcher.exe | "TCP Query User{1C014C2B-9165-4001-ABA1-99BE9922A697}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\mangos\mangosd.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\mangos\mangosd.exe | "TCP Query User{1C3FAA8D-4217-4B15-885D-8D2C9AA55BCC}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "TCP Query User{1CF25357-7DD5-45F1-ADA1-C1DB44217CD3}C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe | "TCP Query User{22A35D9D-3706-48FD-B8B5-D06001D69125}C:\windows\system32\nvsvc32.exe" = protocol=6 | dir=in | app=c:\windows\system32\nvsvc32.exe | "TCP Query User{3AF20C52-5EBE-46FA-A6AB-999C92D59AD3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{4C97C0CE-45D4-4858-9F17-930631068047}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\apache\bin\apache.exe | "TCP Query User{4E36C319-E6BE-40D2-89AC-8D76DC301827}C:\users\public\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "TCP Query User{4E9D1C99-4995-4EDC-81D0-C610CDDC350E}C:\users\***\appdata\local\temp\blizzard launcher temporary - 154246a8\launcher.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 154246a8\launcher.exe | "TCP Query User{63E078DC-3932-445E-8A20-3C613473DDB0}C:\users\public\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "TCP Query User{6D5C9B57-CAB6-4ED3-B700-AF3E936F3F2F}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | "TCP Query User{838C7B99-A8CA-445B-B8AC-0B0D32BE98F8}C:\users\***\downloads\wow-language-pack-engb-downloader.exe" = protocol=6 | dir=in | app=c:\users\niklas\downloads\wow-language-pack-engb-downloader.exe | "TCP Query User{864667EC-5294-4513-A9BD-755C750921DB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "TCP Query User{892B3092-A2B3-4183-A57D-6E4008B28F53}C:\users\public\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | "TCP Query User{896C6627-6BA7-481D-9027-C8354F7D4A53}C:\program files\world of warcraft\world of warcraft\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\world of warcraft\world of warcraft\repair.exe | "TCP Query User{90A0CF27-2945-4DC4-8AA0-6DC63CA715A8}C:\users\public\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "TCP Query User{989A43F7-FA47-47A6-AF25-B4919D06A5FE}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{9D48489C-0FA2-4579-A10A-F1CF8AA8AF47}C:\users\***\appdata\local\temp\blizzard launcher temporary - 1dc41630\launcher.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 1dc41630\launcher.exe | "TCP Query User{A21D4FCF-92C1-40F7-8513-D8019BB719D6}C:\users\niklas\appdata\local\temp\blizzard launcher temporary - 18b3bb00\launcher.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 18b3bb00\launcher.exe | "TCP Query User{A370B04B-E85F-495B-B801-482ED5E4DD37}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "TCP Query User{AC10CC67-DE23-4386-A6BE-1C577EA30038}C:\users\***\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\niklas\program files\dna\btdna.exe | "TCP Query User{AD49FA3A-B03D-414C-9072-0266477FC33E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{B1C29976-DDC9-4B50-AF9A-EB25A93B9258}C:\users\public\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\blizzard downloader.exe | "TCP Query User{B7D14C92-AF9B-431B-B119-D34569D75B06}C:\users\niklas\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\niklas\program files\dna\btdna.exe | "TCP Query User{B830F853-E4CB-4D7D-8D36-259E2793CC73}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | "TCP Query User{C122DE6C-B9B2-45A7-99D0-A009D8423870}C:\users\public\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\repair.exe | "TCP Query User{C99C1E99-5CEC-499F-A0E4-28E843588E8D}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{CAB1D18C-045D-4014-B9D4-DEB4EC1115B5}C:\users\public\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "TCP Query User{CC9AC4DB-02EE-4210-95DE-A7E97F22873D}C:\program files\easy emu\novo's easy wow handler\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\easy emu\novo's easy wow handler\udrive\usr\local\mysql\bin\mysqld-opt.exe | "TCP Query User{CE9F6A68-A7E2-4AF2-AE4D-70B2B73BD4DE}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | "TCP Query User{D0B2F4E8-48DF-4B71-9F84-8874D6C99B27}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\mysql\bin\mysqld.exe | "TCP Query User{D20F6BF9-343F-49F3-B204-61531D502D55}C:\users\***\downloads\teamviewer507portable\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\teamviewer507portable\teamviewer.exe | "TCP Query User{D809E115-B4D3-4264-9E9C-236191E989DA}C:\users\public\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | "TCP Query User{D831EB7A-092D-49C1-B4EA-A5E91829313B}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "TCP Query User{E15D56BA-7070-42F7-B3F6-01C098D0F1FA}C:\users\***\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\niklas\world of warcraft\launcher.exe | "TCP Query User{F6B905EA-A65C-4037-87DC-AC8E5AC5B7CB}C:\games\ngd studios\regnum online\liveserver\roclientgame.exe" = protocol=6 | dir=in | app=c:\games\ngd studios\regnum online\liveserver\roclientgame.exe | "TCP Query User{F7338923-6FA1-45E4-B7CB-F08D451D38C4}C:\program files\easy emu\novo's easy wow handler\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\program files\easy emu\novo's easy wow handler\udrive\usr\local\apache2\bin\apache_16.exe | "UDP Query User{00A6A0E2-2629-4274-B561-3D594EAE1009}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\apache\bin\apache.exe | "UDP Query User{0C3185E4-6EE9-459C-A750-29E0CFB93BFD}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{15A8E73C-AADB-4372-8817-EBAE2E3919B6}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{193F9B70-595A-4E30-9B8C-BA10BBE92517}C:\users\public\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-dede-downloader.exe | "UDP Query User{194E0BE4-0304-4925-8046-46EA0D01AC9D}C:\users\public\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe | "UDP Query User{2757AABA-FEB7-47CD-B9D6-AAC62C0D4D6B}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "UDP Query User{2A3EA6B7-201E-481D-A61B-C04A6E2A1F11}C:\users\public\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "UDP Query User{3000E3E1-79A1-4013-BF5C-0A9801EAE536}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\mangos\mangosd.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\mangos\mangosd.exe | "UDP Query User{36D2EEF2-734F-49D1-8825-6859DFF42837}C:\users\niklas\appdata\local\temp\blizzard launcher temporary - 0d26ce58\launcher.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 0d26ce58\launcher.exe | "UDP Query User{3FD10533-D588-4078-93DF-6A9D2C1EC09F}C:\program files\easy emu\novo's easy wow handler\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\easy emu\novo's easy wow handler\udrive\usr\local\mysql\bin\mysqld-opt.exe | "UDP Query User{3FDF853A-837C-4B46-9135-8962FC899D2D}C:\users\public\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\repair.exe | "UDP Query User{46A0705B-6D32-4659-8A31-F757B398C880}C:\users\***\downloads\teamviewer507portable\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\teamviewer507portable\teamviewer.exe | "UDP Query User{492BE1C4-4A66-4BD6-BCE7-1251E97B937D}C:\users\public\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\blizzard downloader.exe | "UDP Query User{49E09078-931A-4B0D-8A02-778D65514967}C:\users\***\appdata\local\temp\blizzard launcher temporary - 1dc41630\launcher.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 1dc41630\launcher.exe | "UDP Query User{4B49CAFF-5FA1-473D-B4D1-957E87D89E53}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe | "UDP Query User{4B84F7FB-483F-461F-A6E0-2E82F1EDD1C6}C:\users\***\appdata\local\temp\blizzard launcher temporary - 18b3bb00\launcher.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 18b3bb00\launcher.exe | "UDP Query User{518ADDFF-3FD2-458E-9038-86A2767CE50C}C:\users\public\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | "UDP Query User{53C6E602-30FF-4865-9FFB-C0884D03C684}C:\windows\system32\nvsvc32.exe" = protocol=17 | dir=in | app=c:\windows\system32\nvsvc32.exe | "UDP Query User{57C5B85D-633D-4EEC-86B2-932E67AC94A0}C:\alien arena 2008\crx.exe" = protocol=17 | dir=in | app=c:\alien arena 2008\crx.exe | "UDP Query User{5CCEAAC1-5BA3-48B3-9BBF-9F3F60EAB808}C:\users\public\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "UDP Query User{5E39C44E-069D-4143-BC51-E9436D556D99}C:\users\***\appdata\local\temp\blizzard launcher temporary - 17772420\launcher.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 17772420\launcher.exe | "UDP Query User{6986D1BA-4208-46AE-843D-98180035B555}C:\program files\java\jre1.6.0_07\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_07\bin\javaw.exe | "UDP Query User{6EAF3F1A-C489-481B-8760-25108D93FC3F}C:\users\***\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\***\program files\dna\btdna.exe | "UDP Query User{75059D15-0F67-44B4-8AB4-CC7F11036299}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | "UDP Query User{83BC4044-A405-4B4C-9275-E6D0284627C7}C:\users\public\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\temp\wow-4.0.0.1807-to-4.0.0.2103-enus-tools-downloader.exe | "UDP Query User{88A7C3E9-0D6B-451D-9929-71C29CE74642}C:\users\public\world of warcraft - kopie\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft - kopie\launcher.exe | "UDP Query User{89EBF57F-CBB3-46D4-B68D-CFE9AE319C12}C:\program files\anno 1701\anno1701.exe" = protocol=17 | dir=in | app=c:\program files\anno 1701\anno1701.exe | "UDP Query User{8A24E369-DB27-45B8-A34C-544E98D8E095}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{95C4FAED-943C-40A8-B745-D55A846AD5A2}C:\users\public\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe | "UDP Query User{99669A9A-7158-4803-817C-96954A70E10B}C:\program files\world of warcraft\world of warcraft\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\world of warcraft\world of warcraft\repair.exe | "UDP Query User{A64826A3-5D77-49E2-9D9C-86910FA541A3}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{A73D3218-9076-4DD8-9A5C-DF5073267D8A}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | "UDP Query User{AE8A060B-8084-4742-95B7-423C4F19E9A5}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | "UDP Query User{BCCBF812-10BC-4752-B774-7620C787C15C}C:\program files\easy emu\novo's easy wow handler\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\program files\easy emu\novo's easy wow handler\udrive\usr\local\apache2\bin\apache_16.exe | "UDP Query User{BF488BCD-7973-4E9F-A1D8-5FDDED42C672}C:\users\***\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\***\program files\dna\btdna.exe | "UDP Query User{C8AC4FE1-BF20-4D0C-9A6D-44E31B9D8C51}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "UDP Query User{CAC349CD-A4FE-4B7E-B43C-DA6B0CD165A8}C:\users\public\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\backgrounddownloader.exe | "UDP Query User{CC4CD267-4D10-4E25-AECA-1A99DDF5A0CA}C:\games\ngd studios\regnum online\liveserver\roclientgame.exe" = protocol=17 | dir=in | app=c:\games\ngd studios\regnum online\liveserver\roclientgame.exe | "UDP Query User{D9E75BBA-1607-4169-AEA2-196408352525}C:\users\***\downloads\wow-language-pack-engb-downloader.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\wow-language-pack-engb-downloader.exe | "UDP Query User{DAB3F19C-29A1-44BA-8963-A71408BFC5E5}C:\users\***\appdata\local\temp\blizzard launcher temporary - 154246a8\launcher.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\blizzard launcher temporary - 154246a8\launcher.exe | "UDP Query User{DC43E23C-F62F-40C4-94A8-ABEEA766BC93}C:\users\public\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.exe | "UDP Query User{EA6CF917-203B-453E-A305-6F1F4D7DCDD1}C:\users\***\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\niklas\world of warcraft\launcher.exe | "UDP Query User{EFA5E425-B525-49F6-999C-E507279F8488}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "UDP Query User{F0223281-24B1-433A-A597-A84BB0E26357}C:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\bogdan's repack 3.3.0\bogdan's repack 3.3.0\server\mysql\bin\mysqld.exe | "UDP Query User{FF16DE2E-A5A9-45E7-AC4A-020474BDD6FA}C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01CEF48F-41F2-4A43-82F2-25D23D68C1D4}" = Cuttermaran 1.69a "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent "{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas "{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12 "{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU "{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A712D29-DBE3-4381-A331-AF4AE5BEB244}" = ArcSoft Software Suite "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4FA8B85C-62BF-4A54-A53F-1DDBF4643F9C}" = Gigaset USB Adapter 54 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{71A51A91-E7D3-11DB-A386-005056C00008}" = MD 85872 WEBCAM "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2 "{7FF183FB-456E-44D7-8865-4F2332CC70E9}_is1" = 777-Record-and-Cut 1.0 "{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack "{867F5501-F8EF-4542-9D68-310A238A15FF}" = SLOW-PCfighter "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C07B8BC4-AFD9-3AA4-BDF5-330A07591FDE}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C9FFC925-E27E-436E-A2DF-652324D51031}" = Nero 8 Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Allzeit Atomzeit 2.00" = Allzeit Atomzeit 2.00 "Applian FLV Player2.0.24" = Applian FLV Player "Ask & Record Toolbar4.00" = Ask & Record Toolbar 4.00 "Ask Toolbar_is1" = Ask Toolbar "avast5" = avast! Free Antivirus "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BlablaMaker" = Blabla Maker "CamStudio" = CamStudio "Euro Truck Simulator" = Euro Truck Simulator 1.3 "FormatFactory" = FormatFactory 2.10 "Fraps" = Fraps "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free Video Converter_is1" = Free Video Converter V 2.9 "Free YouTube Download_is1" = Free YouTube Download 2.9 "Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7 "Game Cam" = Game Cam 2.54.0.47 "Google Desktop" = Google Desktop "HijackThis" = HijackThis 2.0.2 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "ICQToolbar" = ICQ Toolbar "Icy Tower v1.3.1_is1" = Icy Tower v1.3.1 "InstallShield_{4FA8B85C-62BF-4A54-A53F-1DDBF4643F9C}" = Gigaset USB Adapter 54 "IrfanView" = IrfanView (remove only) "klvideoconvert_is1" = K-Lite Video Conversion Pack 1.8.5 "LetsTrade" = LetsTrade Komponenten "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Security Essentials" = Microsoft Security Essentials "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Prism" = Prism Video Converter "PROSetDX" = Intel(R) Network Connections 13.0.42.0 "PunkBusterSvc" = PunkBuster Services "Riva FLV Player_is1" = Riva FLV Player "secretmaryo" = Secret Maryo Chronicles "SLOW-PCfighter" = SLOW-PCfighter "Softonic_Deutsch_FF Toolbar" = Softonic_Deutsch_FF Toolbar "SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer "Steam App 42700" = Call of Duty: Black Ops "Steam App 42710" = Call of Duty: Black Ops - Multiplayer "Switch" = Switch Sound File Converter "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 5" = TeamViewer 5 "Texas Hold'em Poker (Test)_is1" = Texas Hold'em Poker (Test) "Tilt Mouse Software_is1" = Tilt Mouse Software 5.0 "Tobit ClipInc Server" = Tobit.Software clipinc.fx "Uninstall_is1" = Uninstall 1.0.0.1 "WavePad" = WavePad Sound Editor "WinGimp-2.0_is1" = GIMP 2.6.10 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.8.9 "wkqey" = Favorit "World of Warcraft" = World of Warcraft ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent DNA" = DNA "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03.01.2011 01:11:17 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = 396: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.) Error - 03.01.2011 01:11:17 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = 440: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.) Error - 03.01.2011 01:11:17 | Computer Name = *** | Source = Bonjour Service | ID = 100 Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.) Error - 03.01.2011 01:18:06 | Computer Name = *** | Source = WinMgmt | ID = 10 Description = Error - 03.01.2011 01:18:11 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 3.3.10.0, Zeitstempel 0x49c9efad, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x07070707, Prozess-ID 0xeb8, Anwendungsstartzeit 01cbab058d73e07a. Error - 03.01.2011 08:57:35 | Computer Name = *** | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18999, Zeitstempel 0x4ccf92fb, fehlerhaftes Modul IEShims.dll, Version 8.0.6001.18999, Zeitstempel 0x4ccfa85d, Ausnahmecode 0xc0000005, Fehleroffset 0x00021e16, Prozess-ID 0xe90, Anwendungsstartzeit 01cbab45ca4ac87a. Error - 03.01.2011 10:17:47 | Computer Name = *** | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.01.2011 10:17:48 | Computer Name = *** | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.01.2011 10:17:51 | Computer Name = *** | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.01.2011 10:17:51 | Computer Name = *** | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". [ System Events ] Error - 02.01.2011 11:02:53 | Computer Name = +++ | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 02.01.2011 11:04:05 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = Error - 02.01.2011 11:57:22 | Computer Name = *** | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 02.01.2011 11:58:23 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = Error - 02.01.2011 16:43:04 | Computer Name = *** | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 02.01.2011 um 21:41:06 unerwartet heruntergefahren. Error - 02.01.2011 16:43:21 | Computer Name = *** | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 02.01.2011 16:44:17 | Computer Name = *** | Source = Microsoft Antimalware | ID = 3002 Description = %%861 Real-Time Protection feature has encountered an error and failed. Feature: %%835 Error Code: 0x80004005 Error description: Unbekannter Fehler Reason: %%842 Error - 02.01.2011 16:44:37 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = Error - 03.01.2011 01:17:18 | Computer Name = *** | Source = Microsoft-Windows-TaskScheduler | ID = 412 Description = Error - 03.01.2011 01:18:07 | Computer Name = *** | Source = Service Control Manager | ID = 7026 Description = < End of report > --- --- ---OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.01.2011 15:42:04 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 29,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 576,15 Gb Total Space | 333,62 Gb Free Space | 57,90% Space Free | Partition Type: NTFS Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,83% Space Free | Partition Type: FAT32 Drive E: | 3,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ***| User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Public\World of Warcraft\WoW.exe (Blizzard Entertainment) PRC - C:\Programme\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Users\***\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - c:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) PRC - C:\Users\***\Program Files\DNA\btdna.exe (BitTorrent, Inc.) PRC - C:\Programme\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe () PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe () PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Ask & Record Toolbar\FLVSrvc.exe (Applian Technologies, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Vimicro\VMUVC\VMonitor.exe (Vimicro Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Razer\Lycosa\razertra.exe () PRC - C:\Programme\Razer\Lycosa\razerhid.exe (Razer USA Ltd.) PRC - C:\Programme\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe () PRC - C:\Programme\Siemens\Gigaset USB Adapter 54\PRISMSVR.exe (Conexant Systems, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TeamViewer5) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ClipInc001) -- C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe () SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VcommMgr) -- C:\Windows\System32\Drivers\VcommMgr.sys File not found DRV - (VComm) -- C:\Windows\System32\DRIVERS\VComm.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IvtBtBUs) -- C:\Windows\System32\Drivers\IvtBtBus.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys File not found DRV - (BT) -- C:\Windows\System32\DRIVERS\btnetdrv.sys File not found DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys () DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\Windows\System32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (vvftUVC) -- C:\Windows\System32\drivers\vvftUVC.sys (Vimicro Corporation) DRV - (VMUVC) -- C:\Windows\System32\drivers\VMUVC.sys (Vimicro Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (LycoFltr) -- C:\Windows\System32\drivers\Lycosa.sys (Razer USA Ltd.) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (SE4501D) -- C:\Windows\System32\drivers\SE4501D.sys (Siemens AG) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 3A 18 E5 08 AF CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6 FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.type: 4 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.08 18:27:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.08 18:27:30 | 000,000,000 | ---D | M] [2008.11.19 15:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.01.02 17:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions [2009.08.08 12:19:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.02.25 18:50:38 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010.06.18 13:24:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.07.24 02:52:24 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.01.31 21:34:26 | 000,000,000 | ---D | M] (Softonic Deutsch FF Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c} [2010.06.07 20:08:58 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.01.10 12:48:43 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2009.06.14 09:25:50 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2009.12.14 13:36:08 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\t7sux7cw.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2010.06.06 09:39:34 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-1.xml [2010.02.24 20:50:43 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-10.xml [2010.03.29 12:51:50 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-11.xml [2010.04.06 15:09:04 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-12.xml [2010.06.18 22:15:58 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-13.xml [2009.03.29 14:45:45 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-2.xml [2009.04.23 12:34:00 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-3.xml [2009.04.29 14:30:54 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-4.xml [2009.06.13 09:02:50 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-5.xml [2009.07.24 19:33:54 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-6.xml [2009.08.05 10:41:25 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-7.xml [2010.01.05 12:21:48 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-8.xml [2010.02.24 20:49:55 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin-9.xml [2010.05.12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\icqplugin.xml [2009.12.14 13:35:53 | 000,003,915 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\searchplugins\sweetim.xml [2010.11.23 13:50:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.19 13:31:32 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.11.23 13:50:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.11.23 13:50:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.03 06:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\NIKLAS\PROGRAM FILES\DNA [2010.11.23 13:49:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.23 14:55:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.23 14:55:00 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.23 14:55:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.23 14:55:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.23 14:55:01 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.01.09 12:07:15 | 000,000,743 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [ACQTMOUSE] C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe () O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe (Applian Technologies, Inc.) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.) O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [PRISMSVR.EXE] C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.EXE (Conexant Systems, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( ) O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro\VMUVC\VMonitor.exe (Vimicro Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\***\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [ClipIncSrvTray] C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe (Tobit.Software) O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.01.10 21:04:50 | 000,000,074 | -H-- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{8f4a72c8-b62c-11dd-b6d7-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8f4a72c8-b62c-11dd-b6d7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\World of Warcraft (Windows).exe -- [2007.12.15 21:53:54 | 001,180,352 | ---- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.03 15:39:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.01.03 15:17:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.01.03 15:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.01.03 15:17:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.01.03 15:17:33 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.01.02 18:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner Free [2011.01.02 18:09:38 | 000,000,000 | ---D | C] -- C:\Programme\Wise Registry Cleaner [2011.01.02 17:15:48 | 000,000,000 | ---D | C] -- C:\fcb3ea4ea8dd9f44a55ed16fbb [2010.12.27 00:46:05 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\GTA San Andreas User Files [2010.12.26 04:46:06 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games [2010.12.26 04:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2010.12.26 04:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2010.12.26 04:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [2010.12.26 04:14:57 | 000,065,536 | ---- | C] (Razer Inc.) -- C:\Windows\System32\Lycosa.cpl [2010.12.26 04:14:56 | 000,016,128 | ---- | C] (Razer USA Ltd.) -- C:\Windows\System32\drivers\Lycosa.sys [2010.12.26 04:14:56 | 000,000,000 | ---D | C] -- C:\Programme\Razer [2010.12.26 04:14:36 | 000,000,000 | ---D | C] -- C:\Users\Niklas\AppData\Roaming\InstallShield [2010.12.23 10:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2010.12.23 10:03:02 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.12.23 10:00:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.12.16 11:45:12 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.16 11:45:10 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.16 11:45:08 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.16 11:45:05 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.16 11:44:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.16 11:44:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.16 11:44:30 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.12.16 11:44:28 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.16 11:44:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.16 11:44:26 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.16 11:44:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.12.16 11:44:17 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.16 11:44:16 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.16 11:44:14 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.16 11:44:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.12.16 11:44:13 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.12.16 11:44:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.12.16 11:44:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.12.16 11:44:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.16 11:44:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.16 11:44:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.16 11:44:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.16 11:44:07 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.16 11:44:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.16 11:44:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.16 11:43:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.08 18:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2010.12.08 18:26:48 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2010.12.05 23:37:36 | 000,000,000 | ---D | C] -- C:\Programme\Super Mario World ========== Files - Modified Within 30 Days ========== [2011.01.03 15:46:48 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A58B91F8-99FB-4CC3-899E-68375FA52BEC}.job [2011.01.03 15:40:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.03 15:39:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Niklas\Desktop\OTL.exe [2011.01.03 15:17:40 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.03 14:54:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002UA.job [2011.01.03 14:27:51 | 000,000,607 | ---- | M] () -- C:\Users\***\Desktop\World of Warcraft.lnk [2011.01.03 14:17:10 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.03 14:17:10 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.03 06:23:36 | 000,674,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.01.03 06:23:36 | 000,634,202 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.03 06:23:36 | 000,146,028 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.01.03 06:23:36 | 000,119,766 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.03 06:17:53 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.01.03 06:17:52 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.01.03 06:17:35 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.03 06:17:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.03 06:17:08 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys [2011.01.02 21:43:15 | 000,325,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.02 18:09:43 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Clear with 1 click.lnk [2011.01.02 18:09:43 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk [2010.12.30 22:12:32 | 000,049,664 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.26 04:46:06 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.12.23 10:04:34 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.23 09:53:41 | 000,000,629 | ---- | M] () -- C:\Windows\System32\mapisvc.inf [2010.12.21 22:52:08 | 000,000,205 | ---- | M] () -- C:\Users\***\Desktop\Beruf.rtf [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.16 23:43:10 | 000,003,817 | ---- | M] () -- C:\Users\***\Desktop\Vr-China.rtf [2010.12.16 22:28:33 | 000,000,000 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat [2010.12.16 19:59:44 | 000,000,294 | ---- | M] () -- C:\Users\***\Desktop\wowreamlmlist4.0.3.rtf [2010.12.15 07:25:12 | 000,002,051 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk [2010.12.09 21:30:08 | 000,000,603 | ---- | M] () -- C:\Users\***\Desktop\zsnesw - Verknüpfung.lnk [2010.12.08 18:27:19 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.12.05 23:39:59 | 000,000,956 | ---- | M] () -- C:\Users\***\Desktop\Super Mario World (U) [!].smc - Verknüpfung.lnk ========== Files Created - No Company Name ========== [2011.01.03 15:17:40 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.02 18:09:43 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Clear with 1 click.lnk [2011.01.02 18:09:43 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk [2010.12.28 14:22:13 | 000,000,607 | ---- | C] () -- C:\Users\***\Desktop\World of Warcraft.lnk [2010.12.26 04:46:06 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.12.23 10:04:34 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.21 22:52:08 | 000,000,205 | ---- | C] () -- C:\Users\***\Desktop\Beruf.rtf [2010.12.16 22:48:35 | 000,003,817 | ---- | C] () -- C:\Users\***\Desktop\Vr-China.rtf [2010.12.16 22:28:33 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat [2010.12.16 19:59:44 | 000,000,294 | ---- | C] () -- C:\Users\***\Desktop\wowreamlmlist4.0.3.rtf [2010.12.09 21:30:08 | 000,000,603 | ---- | C] () -- C:\Users\***\Desktop\zsnesw - Verknüpfung.lnk [2010.12.08 18:27:19 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.12.05 23:39:59 | 000,000,956 | ---- | C] () -- C:\Users\***\Desktop\Super Mario World (U) [!].smc - Verknüpfung.lnk [2010.11.22 15:27:23 | 000,000,121 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.pls [2010.07.22 23:11:32 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.07.22 23:11:32 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.10.24 15:34:36 | 000,000,144 | -H-- | C] () -- C:\Windows\System32\CTLSW.INI [2009.10.24 15:34:36 | 000,000,119 | ---- | C] () -- C:\Windows\System32\swctl.dll [2009.08.18 23:48:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.07.14 12:44:16 | 000,367,957 | ---- | C] () -- C:\Users\***\AppData\Local\wkqey_nav.dat [2009.07.14 12:43:46 | 000,003,342 | ---- | C] () -- C:\Users\***\AppData\Local\wkqey.dat [2009.07.14 12:43:46 | 000,001,378 | ---- | C] () -- C:\Users\***\AppData\Local\wkqey_navps.dat [2009.07.14 12:43:46 | 000,000,089 | ---- | C] () -- C:\Users\***\AppData\Local\wkqey.bat [2009.07.01 13:15:40 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.07.01 13:15:06 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.06.14 09:20:55 | 007,349,744 | ---- | C] () -- C:\Programme\FLV PlayerATBSetup.exe [2009.04.29 12:42:14 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2009.03.13 18:21:47 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat [2009.03.13 18:18:38 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.03.13 18:18:37 | 000,022,328 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys [2009.02.13 09:51:06 | 000,000,174 | ---- | C] () -- C:\Windows\holdemg.ini [2009.01.08 13:22:09 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2008.12.26 20:55:21 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2008.12.26 20:55:21 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2008.12.15 14:17:56 | 000,000,000 | ---- | C] () -- C:\Windows\galaxy.ini [2008.12.13 18:28:12 | 000,000,119 | ---- | C] () -- C:\Windows\disney.ini [2008.12.07 12:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys [2008.11.20 05:57:48 | 000,049,664 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.19 16:20:29 | 000,000,552 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat [2008.08.08 14:49:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini < End of report > Geändert von Osswald (03.01.2011 um 16:16 Uhr) |
03.01.2011, 20:05 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar!Zitat:
Poste auch alle etwaigen anderen Logs von MBAM, die du im Reiter Logdateien siehst.
__________________ Logfiles bitte immer in CODE-Tags posten |
06.01.2011, 17:19 | #5 |
| Wie Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 06.01.2011 15:41:10 mbam-log-2011-01-06 (15-41-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|) Durchsuchte Objekte: 421169 Laufzeit: 2 Stunde(n), 25 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
06.01.2011, 17:22 | #6 |
| Wo Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Lösung! Ich habe auch probiert Avast zu Deinstallieren, weil ich das in einem andern Beitrag gelesen habe, bis jetzt hat er sich nocht nicht geöffnet, aber ich hab so ein Gefühl das er das trotzdem tut. (Deinstallation vor ca. 3 stunden) |
06.01.2011, 17:23 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar!Zitat:
Bitte updaten und einen Vollscan machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
06.01.2011, 17:26 | #8 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Jetzt hab ich den ordner mit den Logdaten gefunden^^. Soll ich den auch noch posten? Oder nach dem Update alle? |
06.01.2011, 17:41 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! Poste die alten schonmal jetzt.
__________________ Logfiles bitte immer in CODE-Tags posten |
06.01.2011, 17:59 | #10 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5471 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 06.01.2011 17:56:48 mbam-log-2011-01-06 (17-56-48).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Durchsuchte Objekte: 102809 Laufzeit: 28 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 06.01.2011 15:41:10 mbam-log-2011-01-06 (15-41-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|) Durchsuchte Objekte: 421169 Laufzeit: 2 Stunde(n), 25 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 06.01.2011 13:06:55 mbam-log-2011-01-06 (13-06-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 63840 Laufzeit: 12 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5447 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 03.01.2011 15:38:25 mbam-log-2011-01-03 (15-38-25).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 188344 Laufzeit: 18 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3526 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 09.01.2010 15:11:40 mbam-log-2010-01-09 (15-11-40).txt Scan-Methode: Vollständiger Scan (C:\|D:\|) Durchsuchte Objekte: 398287 Laufzeit: 2 hour(s), 20 minute(s), 25 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 5 Infizierte Registrierungswerte: 5 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 7 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\glaide32 (Rootkit.Rustock) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wkqey (Trojan.Agent.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysgif32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\39323727 (Rogue.Multiple) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: C:\ProgramData\39323727 (Rogue.Multiple) -> Quarantined and deleted successfully. Infizierte Dateien: C:\ProgramData\39323727\nix.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Users\***\AppData\Local\Temp\~TMA7E9.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Windows\Temp\_ex-68.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\siszyd32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Users\***\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\***\AppData\Roaming\fvgqad.dat (Malware.Trace) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3526 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 09.01.2010 12:49:32 mbam-log-2010-01-09 (12-49-32).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 2126 Laufzeit: 9 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
06.01.2011, 18:30 | #11 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] Während der scan läuft hat sich WMP wieder 2 mal geöffnet, ich hab herausgefunden, das wenn ich warte bis der vollscreen geladen ist, ihn dann schließe, das man ihn dann schließen kann. Also das der sich nicht wieder sofort öffnet. |
06.01.2011, 19:59 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
06.01.2011, 20:15 | #13 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] Ok, hier ist erstmal noch der Voll-scan von mbam mit neuster Version Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5471 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 06.01.2011 20:13:12 mbam-log-2011-01-06 (20-13-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Durchsuchte Objekte: 422290 Laufzeit: 2 Stunde(n), 15 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
06.01.2011, 20:18 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] Ok - mach bitte wie o.g. den Durchgang mit CF
__________________ Logfiles bitte immer in CODE-Tags posten |
06.01.2011, 20:24 | #15 |
| Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! [gelöst] "Benenne es beim Runterladen um in cofi.exe.[/list]" Wie kann ich es beim herunterladen umbenennen? Ich hab Google Chrome zur Info da läd der das sofort runter. |
Themen zu Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! |
antivir, antivir guard, antivirus, askbar, avast!, avira, bho, bonjour, browser, converter, desktop, ebay, google, hijack, hijackthis, media player, microsoft, microsoft security, microsoft security essentials, mp3, plug-in, problem, security, senden, server, softonic, softonic deutsch ff toolbar, software, sweetim, system, teamspeak, trojaner, virus, vista, wickel, windows, windows vista |