| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Computer wurde gesperrt zahlen sie 100€ bei UkashWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.07.2012, 14:30
| #1 |
 |  Computer wurde gesperrt zahlen sie 100€ bei Ukash Hallo Leute, Seit 3 Tagen ist mein Virenschutz abgelaufen und da hab ich mir gedacht das in diesen paar Tagen bis ich einen kaufe wohl kein Virus oder so drauf kommen wird... Hab mir dann aber für diese paar Tage trotzdem nen gratis Schutz geholt (Avira). Soweit so gut, hab gerade vorhin gemütlich gesurft und dann kam eine Meldung von der "Polizei" das mein pc wegen illegaler Daten gesperrt wurde und ich zum entsperren 100€ per Ukash bezahlen soll und i-einen Code eingeben.... Hab dann schnell W-LAN ausgemacht und den Lappi ausgeschalten. Wenn ich ihn wieder einschalte kommt wieder dieses Fenster. Aber im abgesicherten Modus kann ich starten... Bitte helft mir....kenn mich mit Viren nicht aus , ist mein erster.. Lg. |
|
31.07.2012, 14:45
| #2 |
| /// Helfer-Team  | Computer wurde gesperrt zahlen sie 100€ bei Ukash Von einem sauberen PC OTL.exe runterladen auf USB Stick. Infizierten Rechner ohne Internet starten. OTL.exe auf Desktop kopieren und Log erstellen. Systemscan mit OTL (bebilderte Anleitung)
__________________ |
|
31.07.2012, 15:40
| #3 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Sry das es gedauert hat
__________________Hier der Log von Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 31.07.2012 16:35:36 - Run 4
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\George\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 3,14 Gb Available Physical Memory | 79,89% Memory free
7,86 Gb Paging File | 7,24 Gb Available in Paging File | 92,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,78 Gb Total Space | 304,68 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive D: | 16,68 Gb Total Space | 2,72 Gb Free Space | 16,29% Space Free | Partition Type: NTFS
Drive E: | 99,02 Mb Total Space | 92,44 Mb Free Space | 93,35% Space Free | Partition Type: FAT32
Drive G: | 3,70 Gb Total Space | 3,30 Gb Free Space | 89,15% Space Free | Partition Type: FAT32
Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F16966-F12F-4A1A-8449-211411B97073}" = lport=2869 | protocol=6 | dir=in | app=system |
"{113D4D35-93CF-4E2D-9738-C7232A844066}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{16CF70D1-1954-4B4F-AE6F-A423512CEF82}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{425217AB-2AB3-4FFA-B790-4C716FD31197}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5E4879D6-EEC3-4450-A8C4-4178C01CA171}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CAFF5B2-F603-43D8-9A7F-CEDC4465F1AF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AA95F26F-5464-407E-9FF3-7F376EA0FFC7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B02A9958-8D2C-4633-A7A3-C8D824B5F0F4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB069189-06EF-4003-BB27-EBB6F51AADF4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2BADE98-3CA8-4172-9443-86D1FE05354D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1970B60-5625-4751-ABC7-66AD52CBB79C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E31B82-5B70-4EE8-A263-CF524FB951BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{08FC294E-058A-424B-A75F-12DDC351D99B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{15CDDE7A-1267-4B8B-A035-3803FF605F13}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{17398BB3-1177-44BD-A7A2-3954216A208E}" = protocol=17 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{1DCBA010-FBB3-4BB1-895C-E41ED7CC5E06}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{1E3859F9-EEB6-400B-A31B-82F840A622B3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{1FAE7164-A0FF-4380-824F-3B93CC120CC6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{269721C8-153D-40C2-BE3C-C614B27EC1B5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{2787926F-CD4C-45E0-B436-93A623C83671}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{281F047C-C256-494E-A3A5-B2F093B6360A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2D59A283-B96D-49EF-BE5A-6A9F28464E69}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E9328B1-9A57-4C72-9736-40EF4972608D}" = protocol=17 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{2F8752A4-848F-49CD-BE12-026CC7438029}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{35C2109B-A3CC-4D45-A80B-E52A57B6658F}" = protocol=6 | dir=out | app=system |
"{35EA01F8-C594-40E9-941B-7D4A9AB906E9}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{36B2CBE8-3040-41FC-B74D-0E4C969032E6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{3BDB7C72-4DD4-4EF5-8C59-45BB2F5225FD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D04C996-6F0E-4A1D-93EA-8D4C3A415DAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41A78951-4268-4702-8CB8-18C83D9CED15}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{44C98526-7E7B-4E7D-91DF-283C68D5ABC6}" = protocol=17 | dir=in | app=c:\users\george\appdata\roaming\dropbox\bin\dropbox.exe |
"{4791CCD0-05BB-4341-AF66-501D4D9D9390}" = protocol=6 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{4826ED5F-5B89-46F4-8C8D-9E98EEA0D4B5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4CA9B8EA-1BDB-419E-965F-DE546DC4C3B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{4D655C66-2502-49DD-9038-A1D4FE977BEE}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{4F8BA8FB-15A9-4F0B-A614-474D9A42C09F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{4FF15ED0-18D1-4B5C-B946-58F9E77E6F78}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{5046A745-06DC-4D15-8A65-169FA77907E4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5167736A-1275-40CB-95EF-2318E611EE1A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{5188B16E-1E87-4AB3-A7D5-C353CD46D85D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{52880022-E157-4717-A1F1-28E4CF58C5D2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{55030609-6757-4E45-A036-AA592BE2314E}" = protocol=6 | dir=in | app=c:\users\george\appdata\roaming\dropbox\bin\dropbox.exe |
"{556819DF-8EB0-49EC-94AA-F96B8F23694B}" = protocol=6 | dir=in | app=c:\program files (x86)\a1 telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{5683B62C-AE51-4E8F-A290-6F23C18EBB49}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qp.exe |
"{577C2F76-F758-4430-BFB0-3F4882FB9E41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{5844CF55-CDF8-4707-BF57-F2C2D4FBAD6C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{5DB706F3-D352-4DE7-A9CB-1F8B5DD5CC80}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5DC007C3-2443-4956-94BE-936915CB5F23}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{5E8C8BA6-B979-46F8-9776-F80A1BB79E68}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6180C1FC-B7FE-46C9-B9B4-26DDEA9F68F5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{61895085-A785-4378-A304-A6EF3F1E5586}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{638CCCC6-D1B2-483B-A2E8-1DD4828E1643}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{67CC2664-94F4-479C-BE89-058792905C83}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6800797A-CCE0-47CA-89A4-2647F573A846}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6804D261-B1C9-46E1-90E8-5CC60076F567}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{687DA115-CBE3-4198-B9A5-C05C10F291F3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{69FF7A1D-207B-4D90-AB35-0060548364A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{6A874594-70FA-40B6-B81D-B5D807B3550C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{6E038A8A-842C-4AF8-83D2-639888FD5B77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6EBBD0D4-9ED3-41B1-9B53-982C91BBA5C5}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{7076999D-2D2C-426A-B422-A46AF354DE5F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74C0A27C-36EC-4E20-8B66-D157319DE89B}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii demo\starcraft ii.exe |
"{7655EA2C-651A-4D6C-B560-4B8A42936EA2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{7B7820F6-8AE8-4B1D-963E-9239B58AC307}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C2BA378-1988-442C-BD8B-34979C070471}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{7E2EE990-3773-4D7A-906D-E018D724F38D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{7E3640C6-709B-4757-87BD-F7845E4A722F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{803C26C3-177C-4E81-8EB7-66308C2C2E8B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{8436D79A-1A0A-4065-BBEB-9032567B474E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{846C84CF-054E-4334-B485-645CDB9DD6D7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{851AEF27-3BA8-4769-A6BC-251B6A8F77E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{85E9A4F2-D583-4FB4-BFE9-F17E62A0E97B}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii demo\starcraft ii.exe |
"{8A0CD50E-770F-47D7-81BE-C35B23648CAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C19764B-2CB8-4F9A-ACFA-4A94E959B9FB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{8C337849-05D5-4575-9501-1F146DAE8AF3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{8D492A56-3531-4986-8B0A-232516FB005B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{92DB2F95-D8FF-432E-AA6D-890A815D6C7B}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{92E93C53-205F-4BFD-8FF1-2D4347729A8A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{941CE412-D045-4E45-8F9C-CEECF09A8326}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{942E7B2E-7A22-4ABC-A4AF-07955CB108AE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{95FC7358-6A71-4548-A25A-C11E02D47B3D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{9682A932-8EB1-4353-AF47-6E1DAD3F6DAD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{97F87475-3F6A-4A15-9E9C-4F60D8C191F7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{9A4B61D5-7AFC-4C9F-B720-5C553A706D2F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qpservice.exe |
"{9F2D48A0-1E6D-46C9-AF17-AAF36E55F90D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F52F40C-396A-4C67-A653-496E3BA3C92B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A42FEB5A-B01B-43EF-9C14-3F4BE6B10767}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A4DBA12A-F214-4024-8EDA-ABB888CC8607}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A57B99DE-E801-4FB9-8AE3-7599A9B45087}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A653C050-3476-4AE5-8EC1-757D366EB29D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{A976AE63-7B31-481C-9700-B45230F8CE67}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{AA31E5C3-4998-4C30-B2CC-BD275DFEFD61}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{AA473D65-F7F6-4AE1-895B-0C51EBA28626}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\giraffic.exe |
"{ABEDAA97-45F8-4564-8395-C7AB53EF124C}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{AD47E39D-186A-492F-850B-BB5597023FD9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AF035F93-F066-4004-B442-DF803A530B31}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{B72ACC3A-319A-4A0C-85D8-1089D0D45289}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{BA60E521-99A0-433B-AD16-2D45D0A191B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{BFCD50B2-4864-4171-9E2D-D9E77D0545B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0623299-A3E2-4886-9FE3-BEC326944A7D}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{C10286F2-F32F-4E77-83E6-E0FEC1071DE2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{C121CBFD-AF87-4934-AC7C-CB81B7119B18}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C174AE6E-1638-479B-9647-87818967AC0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2C88508-6C74-4343-A8A4-FD12672CE802}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\giraffic.exe |
"{C516903B-E913-4F93-86D3-0A3D4A742283}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC254ED3-AE62-4F05-9930-3AB5935DB846}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D2362A99-2EC2-4F75-88D4-5568EFAE69F9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D35EBF18-D1EC-4136-A195-8513DB2AC94B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D3E97217-AC0B-4FBC-84CF-13738766C137}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{D466D639-9B26-4886-9EFD-1EFB9029E342}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D5D25694-155B-4C3B-AFDD-2F892B606ECB}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{D65D809A-35D1-4BFE-A007-C8EDA1E3D9D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{D8B64A89-A236-4820-BAD7-DCFBC1946B3C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D926E7E0-3E66-4675-894B-AECD3F6F43F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{D9AD3981-543B-4747-BC03-D3005E44DE50}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{DA9E242B-6867-4B96-95E3-635B6B975AC9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{DBB7F0C3-E94F-4B7A-9EE1-5585390158AF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{DD71C99E-7E18-4731-8AC9-C467DE0E6717}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{E4A11B12-B338-4E36-8735-048B1FB9E403}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E9350539-E9D2-4706-A6F6-A6B661517B25}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{EA0D11AE-7DA4-4B20-B6EE-FE6C19C0EA5A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{F0778BD6-711A-4585-831C-7A9E77FF8A2E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{F14019F3-E6D7-4003-B7A4-AB4FE51E08E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{F3520B41-A477-4BA1-8D47-D85A3A9B95A9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{3CA0B092-88CC-44A9-BBF6-E5079326FBC8}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"TCP Query User{98689702-78F3-466F-B4AA-45C41963BFA6}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{E73731F8-88A5-42D5-8ACC-33F6976F2446}C:\program files (x86)\steam\steamapps\xemnam\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\xemnam\garrysmod\hl2.exe |
"TCP Query User{F75B58C5-3D85-48DB-9F57-4EB27671A3E2}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{050FF2CA-17B5-43DB-B876-A0F977FE61EF}C:\program files (x86)\steam\steamapps\xemnam\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\xemnam\garrysmod\hl2.exe |
"UDP Query User{4C93F689-ECF6-442E-839B-FD5BECADC5D7}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"UDP Query User{7BBBA1B0-72A0-453A-AFA1-05D87E59F9F5}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{E0677472-548E-4B88-85BC-583459FC0FF0}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06F22256-8A8D-4F3F-B22C-6E07313D0FD1}" = HP Support Assistant
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{692DF640-F6EE-4BA2-90FD-466B9A23A6B5}_is1" = dirhtml v4.853
"{6B7FB3C4-E71B-478D-9E15-5AE97EAD67B8}" = aonFTP
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}" = Total Immersion Racing
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E7C25968-B418-4529-A389-E5DFCE792917}" = Worms 3D
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AGEIA PhysX v2.3.3" = AGEIA PhysX v2.3.3
"aonFTP" = aonFTP
"aonUpdate" = aonUpdate
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"CamStudio" = CamStudio
"conduitEngine" = Conduit Engine
"Controller" = Controller
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"EasyBits Magic Desktop" = Magic Desktop
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 4.8
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.26.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.7.804
"GOM Picker" = GOM PICKER
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"IrfanView" = IrfanView (remove only)
"LOGO!Soft Comfort V6.1" = LOGO!Soft Comfort V6.1
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Motherboard Monitor 5.3.7.0 Languages_is1" = Motherboard Monitor 5 Languages
"Motherboard Monitor 5_is1" = Motherboard Monitor 5
"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Trials 2 SE" = Trials 2 Second Edition
"Uninstall_is1" = Uninstall 1.0.0.1
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"KalydoPlayer" = Kalydo Player 4.06.00
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.11.2011 14:01:27 | Computer Name = George-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 25.11.2011 15:52:45 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 26.11.2011 06:50:28 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 26.11.2011 11:10:44 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 27.11.2011 06:31:40 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 27.11.2011 09:22:11 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 28.11.2011 11:57:06 | Computer Name = George-PC | Source = BugSplat | ID = 1
Description =
Error - 28.11.2011 14:20:41 | Computer Name = George-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 30.11.2011 13:10:22 | Computer Name = George-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 11.12.2011 05:14:53 | Computer Name = George-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ Hewlett-Packard Events ]
Error - 17.07.2011 13:34:35 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 17.07.2011 13:34:36 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 07.08.2011 11:01:33 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 07.08.2011 11:01:34 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 28.08.2011 10:37:20 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 28.08.2011 10:37:20 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 01.10.2011 15:10:28 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 01.10.2011 15:10:28 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
Error - 01.10.2011 15:16:44 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
HPSF
bei HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender,
RoutedEventArgs e) bei System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) bei System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) bei System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) bei System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) bei System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) bei System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) bei MS.Internal.LoadedOrUnloadedOperation.DoWork() bei System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
bei System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() bei System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) bei System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Error - 22.07.2012 10:28:29 | Computer Name = George-PC | Source = Hewlett-Packard | ID = 0
Description = de-AT Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a(Object
A_0, EventArgs A_1)
[ Media Center Events ]
Error - 03.05.2012 13:49:47 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 19:49:47 - Fehler beim Herstellen der Internetverbindung. 19:49:47
- Serververbindung konnte nicht hergestellt werden..
Error - 03.05.2012 13:50:00 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 19:49:52 - Fehler beim Herstellen der Internetverbindung. 19:49:52
- Serververbindung konnte nicht hergestellt werden..
Error - 07.05.2012 11:03:28 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 17:03:27 - Fehler beim Herstellen der Internetverbindung. 17:03:28
- Serververbindung konnte nicht hergestellt werden..
Error - 07.05.2012 11:03:39 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 17:03:34 - Fehler beim Herstellen der Internetverbindung. 17:03:34
- Serververbindung konnte nicht hergestellt werden..
Error - 13.05.2012 07:30:59 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 13:30:59 - Fehler beim Herstellen der Internetverbindung. 13:30:59
- Serververbindung konnte nicht hergestellt werden..
Error - 13.05.2012 07:31:09 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 13:31:04 - Fehler beim Herstellen der Internetverbindung. 13:31:04
- Serververbindung konnte nicht hergestellt werden..
Error - 15.05.2012 12:58:11 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 18:58:11 - Fehler beim Herstellen der Internetverbindung. 18:58:11
- Serververbindung konnte nicht hergestellt werden..
Error - 15.05.2012 12:58:26 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 18:58:16 - Fehler beim Herstellen der Internetverbindung. 18:58:16
- Serververbindung konnte nicht hergestellt werden..
Error - 16.05.2012 11:33:40 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 17:33:40 - Fehler beim Herstellen der Internetverbindung. 17:33:40
- Serververbindung konnte nicht hergestellt werden..
Error - 16.05.2012 11:33:54 | Computer Name = George-PC | Source = MCUpdate | ID = 0
Description = 17:33:46 - Fehler beim Herstellen der Internetverbindung. 17:33:46
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 31.07.2012 09:58:18 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:19 | Computer Name = George-PC | Source = DCOM | ID = 10005
Description =
Error - 31.07.2012 09:58:19 | Computer Name = George-PC | Source = DCOM | ID = 10005
Description =
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 09:58:20 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 31.07.2012 10:21:34 | Computer Name = George-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
Und hier der OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.07.2012 16:35:36 - Run 4 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\George\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 3,14 Gb Available Physical Memory | 79,89% Memory free 7,86 Gb Paging File | 7,24 Gb Available in Paging File | 92,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,78 Gb Total Space | 304,68 Gb Free Space | 67,89% Space Free | Partition Type: NTFS Drive D: | 16,68 Gb Total Space | 2,72 Gb Free Space | 16,29% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 92,44 Mb Free Space | 93,35% Space Free | Partition Type: FAT32 Drive G: | 3,70 Gb Total Space | 3,30 Gb Free Space | 89,15% Space Free | Partition Type: FAT32 Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\George\Desktop\OTL.exe (OldTimer Tools) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (IDT, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) DRV - (mbmiodrvr) -- C:\Windows\SysWOW64\mbmiodrvr.sys (cansoft@livewiredev.com) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {1E6255D5-820C-422A-BD80-645116960399} IE:64bit: - HKLM\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1 IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKLM\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1 IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes,DefaultScope = {1E6255D5-820C-422A-BD80-645116960399} IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{DB720E02-DF9F-44DC-93EB-492A060D692B}: "URL" = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{F68EF3B5-7FDD-42FB-8D5A-86CEB6E1EC09}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848 IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://g.uk.msn.com/HPCON/1" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\George\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.23 11:32:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.25 10:15:35 | 000,000,000 | ---D | M] [2010.06.30 20:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\George\AppData\Roaming\mozilla\Extensions [2012.07.21 15:40:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions [2012.07.21 15:40:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB DE) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2011.04.23 19:31:11 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.07.09 15:29:01 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.23 19:31:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\engine@conduit.com [2010.11.26 17:26:14 | 000,000,000 | ---D | M] (BrowserDeals Preisvergleich) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\mail@browserdeals.com [2012.03.12 17:07:28 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\mail@gutscheinrausch.de [2011.09.04 14:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.06.28 19:57:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010.11.26 17:24:22 | 000,000,000 | ---D | M] (foxydeal) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2011.09.04 14:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.06.12 03:24:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.06.12 03:24:05 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.06.12 03:24:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.06.12 03:24:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.06.12 03:24:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (foxy) - {DAEB27B6-FFA6-417F-B060-C5413E6269AA} - C:\Users\George\AppData\Roaming\foxydeal\IE\foxyDeal.dll (foxyDeal.com) O2 - BHO: (GretechBHO Class) - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe () O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [pxnbeyxbvpdqueu] C:\ProgramData\pxnbeyxb.exe () O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deer Hunter 2005 Registration.lnk = File not found O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\George\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51D2849B-CEDD-42BB-8D51-6EE3073431A2}: DhcpNameServer = 10.0.0.138 10.0.0.138 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.06.04 09:10:08 | 000,000,000 | ---D | M] - G:\Autocad -- [ FAT32 ] O33 - MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\OblivionLauncher.exe O33 - MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\Shell - "" = AutoRun O33 - MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\Shell\AutoRun\command - "" = G:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.31 16:16:44 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2012.07.31 14:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\okhjmlfjvkwpfat [2012.07.29 18:19:35 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Avira [2012.07.29 18:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.07.29 18:14:10 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.07.29 18:14:10 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.07.29 18:14:10 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.07.29 18:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.07.29 18:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.07.24 08:07:09 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Criterion Games [2012.07.21 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012.07.21 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB_DE [2012.07.21 15:39:53 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll [2012.07.21 15:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.07.15 22:23:55 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\fltk.org [2012.07.15 22:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org [2012.07.15 22:23:53 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Amnesia [2012.07.15 20:29:57 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012.07.15 09:48:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks [2012.07.11 10:33:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.11 10:33:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.11 10:33:53 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.11 10:33:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.11 10:33:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.11 10:33:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.11 10:33:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.11 10:33:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.11 10:33:51 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.11 10:33:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.11 10:33:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.11 10:33:50 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.11 10:33:50 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 10:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 10:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 10:22:45 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 10:22:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.11 10:22:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.02 12:39:29 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\IrfanView [2012.07.02 12:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2010.07.09 15:27:11 | 018,014,460 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\George\FreeYouTubeToMp3Converter3512.exe [2010.06.04 11:05:40 | 004,083,712 | ---- | C] (dP-Software) -- C:\Program Files\Cannonhill.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Users\George\*.tmp files -> C:\Users\George\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.31 16:17:23 | 001,828,946 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.31 16:17:23 | 000,773,488 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.31 16:17:23 | 000,727,106 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.31 16:17:23 | 000,178,170 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.31 16:17:23 | 000,150,386 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.31 16:15:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe [2012.07.31 15:57:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.31 15:57:46 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys [2012.07.31 15:54:42 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.31 14:56:40 | 000,000,051 | ---- | M] () -- C:\ProgramData\rgdabqdonxfqaxb [2012.07.31 14:56:34 | 000,061,440 | ---- | M] () -- C:\ProgramData\pxnbeyxb.exe [2012.07.31 14:56:34 | 000,061,440 | ---- | M] () -- C:\Users\George\0.10120897262842443.exe [2012.07.31 14:43:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.31 10:33:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.31 10:33:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.29 18:14:18 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.07.23 09:17:27 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.07.23 09:17:20 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.07.21 15:40:38 | 000,000,009 | ---- | M] () -- C:\END [2012.07.21 15:23:47 | 000,000,221 | ---- | M] () -- C:\Users\George\Desktop\Burnout Paradise The Ultimate Box.url [2012.07.18 19:55:05 | 000,000,220 | ---- | M] () -- C:\Users\George\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url [2012.07.18 18:04:42 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.07.18 18:04:42 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.07.18 18:04:41 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.07.15 20:29:57 | 000,000,221 | ---- | M] () -- C:\Users\George\Desktop\Amnesia The Dark Descent.url [2012.07.15 10:17:59 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Morrowind.lnk [2012.07.11 12:58:40 | 000,372,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 12:47:27 | 001,135,999 | ---- | M] () -- C:\Users\George\Desktop\Unbenannt.png [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Users\George\*.tmp files -> C:\Users\George\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.31 14:56:39 | 000,061,440 | ---- | C] () -- C:\ProgramData\pxnbeyxb.exe [2012.07.31 14:56:36 | 000,000,051 | ---- | C] () -- C:\ProgramData\rgdabqdonxfqaxb [2012.07.31 14:56:34 | 000,061,440 | ---- | C] () -- C:\Users\George\0.10120897262842443.exe [2012.07.29 18:14:18 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.07.21 15:40:37 | 000,000,009 | ---- | C] () -- C:\END [2012.07.21 15:23:47 | 000,000,221 | ---- | C] () -- C:\Users\George\Desktop\Burnout Paradise The Ultimate Box.url [2012.07.18 19:55:05 | 000,000,220 | ---- | C] () -- C:\Users\George\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url [2012.07.15 20:29:57 | 000,000,221 | ---- | C] () -- C:\Users\George\Desktop\Amnesia The Dark Descent.url [2012.07.15 09:42:57 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Morrowind.lnk [2012.07.05 12:47:27 | 001,135,999 | ---- | C] () -- C:\Users\George\Desktop\Unbenannt.png [2011.10.29 12:08:59 | 000,000,244 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.01.26 15:42:40 | 000,000,094 | ---- | C] () -- C:\Users\George\AppData\Local\fusioncache.dat [2011.01.25 13:51:20 | 001,620,114 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.25 13:49:39 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.11.30 18:54:01 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.30 18:53:58 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.11.30 18:53:58 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.29 15:00:44 | 000,113,152 | ---- | C] () -- C:\Program Files (x86)\1031.MST [2010.09.29 15:00:44 | 000,015,832 | ---- | C] () -- C:\Program Files (x86)\0x0407.ini [2010.09.29 15:00:43 | 097,979,392 | ---- | C] () -- C:\Program Files (x86)\Samsung New PC Studio.msi [2010.06.04 11:05:40 | 000,000,641 | ---- | C] () -- C:\Program Files\anleitung.htm [2010.05.30 11:39:23 | 000,067,075 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.6 [2010.05.30 11:39:22 | 000,067,074 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.5 [2010.05.30 11:39:21 | 000,775,702 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.4 [2010.05.30 11:39:20 | 000,067,103 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.3 [2010.05.30 11:39:19 | 000,067,075 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.2 [2010.05.30 11:39:17 | 000,067,103 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.JPG [2010.05.30 11:39:17 | 000,067,074 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.1 [2010.05.30 11:39:16 | 000,775,702 | ---- | C] () -- C:\Users\George\AppData\Local\tmpJELLYFISH.0 ========== LOP Check ========== [2011.09.25 14:56:05 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\.minecraft [2011.06.02 10:39:54 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Bioshock2 [2010.10.20 17:32:29 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\DAEMON Tools Lite [2011.09.14 19:04:35 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\DisneyInteractiveStudios [2012.07.31 10:25:40 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Dropbox [2012.07.21 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\DVDVideoSoft [2011.10.27 20:57:16 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\DVDVideoSoftIEHelpers [2012.07.15 22:23:55 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\fltk.org [2011.10.15 20:21:54 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\FOG Downloader [2010.11.26 17:24:23 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\foxydeal [2010.12.24 09:40:05 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\funkitron [2011.06.10 16:24:04 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\iMaxGen [2010.07.09 14:38:07 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Imperium Romanum [2012.07.02 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\IrfanView [2012.05.11 19:07:25 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Kalydo [2011.11.05 15:39:55 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Leadertech [2011.04.12 19:05:51 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\mquadr.at [2011.07.23 20:32:00 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\OpenCandy [2011.05.04 19:06:44 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\PhotoFiltre [2011.11.27 16:55:56 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\PriceGong [2011.03.25 17:53:57 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\PunkBuster [2011.03.11 19:44:29 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Rovio [2011.04.02 11:21:49 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\runic games [2010.09.29 15:03:44 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Samsung [2011.08.27 12:36:52 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\TS3Client [2011.09.14 19:02:50 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Ubisoft [2010.05.24 19:03:20 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\_MDLogs [2012.07.30 08:28:33 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.11.15 20:37:22 | 000,000,649 | ---- | M] ()(C:\Users\George\AppData\Local\PMB Fik?s) -- C:\Users\George\AppData\Local\PMB Fik聥s [2011.11.15 20:37:22 | 000,000,649 | ---- | C] ()(C:\Users\George\AppData\Local\PMB Fik?s) -- C:\Users\George\AppData\Local\PMB Fik聥s < End of report > Lg. PS: Hab alles so gemacht wie es auf den Screenshots zu sehen war |
|
31.07.2012, 15:48
| #4 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {1E6255D5-820C-422A-BD80-645116960399}
IE:64bit: - HKLM\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes,DefaultScope = {1E6255D5-820C-422A-BD80-645116960399}
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{DB720E02-DF9F-44DC-93EB-492A060D692B}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\SearchScopes\{F68EF3B5-7FDD-42FB-8D5A-86CEB6E1EC09}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.startup.homepage: "http://g.uk.msn.com/HPCON/1"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-4237530706-4014961039-1401757581-1000..\Run: [pxnbeyxbvpdqueu] C:\ProgramData\pxnbeyxb.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deer Hunter 2005 Registration.lnk = File not found
O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\George\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\OblivionLauncher.exe
O33 - MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\Shell - "" = AutoRun
O33 - MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\Shell\AutoRun\command - "" = G:\Autorun.exe
[2012.07.31 14:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\okhjmlfjvkwpfat
[[2012.07.31 14:56:40 | 000,000,051 | ---- | M] () -- C:\ProgramData\rgdabqdonxfqaxb
[2012.07.31 14:56:34 | 000,061,440 | ---- | M] () -- C:\ProgramData\pxnbeyxb.exe
[2012.07.31 14:56:34 | 000,061,440 | ---- | M] () -- C:\Users\George\0.10120897262842443.exe
[2012.07.21 15:40:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB DE) -- C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
[2012.07.21 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.07.21 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB_DE
[2012.07.21 15:40:38 | 000,000,009 | ---- | M] () -- C:\END
[2012.07.21 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\DVDVideoSoft
[2012.07.31 15:54:42 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.31 14:43:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
|
31.07.2012, 16:24
| #5 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Der PC lässt sich jetzt auch wieder ohne abgesicherten Modus starten... soll ich ab jetzt so weiterarbeiten oder im abgesichertem bleiben? Und hier der Code : All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6255D5-820C-422A-BD80-645116960399}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\ deleted successfully. C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6255D5-820C-422A-BD80-645116960399}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll not found. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found. HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1E6255D5-820C-422A-BD80-645116960399}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6255D5-820C-422A-BD80-645116960399}\ not found. Registry key HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DB720E02-DF9F-44DC-93EB-492A060D692B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB720E02-DF9F-44DC-93EB-492A060D692B}\ not found. Registry key HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F68EF3B5-7FDD-42FB-8D5A-86CEB6E1EC09}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F68EF3B5-7FDD-42FB-8D5A-86CEB6E1EC09}\ not found. HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: "hxxp://g.uk.msn.com/HPCON/1" removed from browser.startup.homepage Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems Prefs.js: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 removed from extensions.enabledItems Prefs.js: 0 removed from network.proxy.type 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll not found. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AGEIA PhysX SysTray deleted successfully. C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Corel File Shell Monitor deleted successfully. C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster deleted successfully. C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\pxnbeyxbvpdqueu deleted successfully. C:\ProgramData\pxnbeyxb.exe moved successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deer Hunter 2005 Registration.lnk moved successfully. C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk moved successfully. C:\Users\George\AppData\Roaming\Dropbox\bin\Dropbox.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23e56d00-66ff-11df-aebb-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23e56d00-66ff-11df-aebb-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23e56d00-66ff-11df-aebb-806e6f6e6963}\ not found. File F:\OblivionLauncher.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9c9b338-dc5c-11df-8fea-f07bcb47026e}\ not found. File G:\Autorun.exe not found. C:\ProgramData\okhjmlfjvkwpfat folder moved successfully. C:\ProgramData\rgdabqdonxfqaxb moved successfully. File C:\ProgramData\pxnbeyxb.exe not found. C:\Users\George\0.10120897262842443.exe moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\Plugins folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\modules folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\META-INF folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\lib folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\defaults\preferences folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\defaults folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\skin folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\sl folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\lib folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\core folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\WEATHER\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\WEATHER\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\WEATHER folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TWITTER\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TWITTER\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TWITTER\img folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TWITTER folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_POPUP\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_POPUP folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\TESTER_BCAPI folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\view folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\Css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\SEARCH folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\PRICE_GONG folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\Optimizer\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\Optimizer folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\NOTIFICATION folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\MULTI_RSS folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa\404 folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\wa folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\menu\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\menu\img folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\menu\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\menu folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\gf\img folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\gf\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\gf folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\gadgetFrame folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\dlg\ftd folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui\dlg folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ui folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\searchProtector folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\options\js\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\options\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\options\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\options\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\options folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\myStuffDialogs folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\features\js\resources folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\features\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\features folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\api folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ac\res folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ac\img folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ac\css folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\ac folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\aboutBox\js folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\aboutBox\images folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al\aboutBox folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb\al folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content\tb folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848\content folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome\CT2625848 folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}\chrome folder moved successfully. C:\Users\George\AppData\Roaming\mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} folder moved successfully. C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully. C:\Program Files (x86)\Conduit folder moved successfully. C:\Program Files (x86)\DVDVideoSoftTB_DE folder moved successfully. C:\END moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\setup folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\logs folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeUploader\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeUploader folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToiPodConverter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToiPodConverter\History folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeYouTubeToiPodConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\TwilightWorld folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\TropicalSeaShore folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\PrinceOfPersia folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\PrairieRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\None folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\Mountains folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\MistyRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\iPhoneDeepBlue folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\iPhoneBall folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\HarryPotter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\GreenHills folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\Default folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\Concert folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\AzureLagoon folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\Avatar folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\AutumnRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes\AboveTheClouds folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToMP3Converter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\TwilightWorld folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\TropicalSeaShore folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\PrinceOfPersia folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\PrairieRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\None folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\Mountains folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\MistyRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\iPhoneDeepBlue folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\iPhoneBall folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\HarryPotter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\GreenHills folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\Default folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\Concert folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\AzureLagoon folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\Avatar folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\AutumnRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes\AboveTheClouds folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPodConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\TwilightWorld folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\TropicalSeaShore folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\PrinceOfPersia folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\PrairieRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\None folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\Mountains folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\MistyRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\iPhoneDeepBlue folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\iPhoneBall folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\HarryPotter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\GreenHills folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\Default folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\Concert folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\AzureLagoon folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\Avatar folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\AutumnRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes\AboveTheClouds folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeVideoToiPhoneConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\TwilightWorld folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\TropicalSeaShore folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\PrinceOfPersia folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\PrairieRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\None folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\Mountains folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\MistyRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\iPhoneDeepBlue folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\iPhoneBall folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\HarryPotter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\GreenHills folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\Default folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\Concert folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\AzureLagoon folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\Avatar folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\AutumnRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes\AboveTheClouds folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\FreeAudioConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\TwilightWorld folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\TropicalSeaShore folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\PrinceOfPersia folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\PrairieRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\None folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\Mountains folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\MistyRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\iPhoneDeepBlue folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\iPhoneBall folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\HarryPotter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\GreenHills folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\Default folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\Concert folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\AzureLagoon folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\Avatar folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\AutumnRoad folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes\AboveTheClouds folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter\Themes folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\Free3GPVideoConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\backup\FreeYouTubeToiPodConverter folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft\backup folder moved successfully. C:\Users\George\AppData\Roaming\DVDVideoSoft folder moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows-IP-Konfiguration Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten. C:\Users\George\Desktop\cmd.bat deleted successfully. C:\Users\George\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: ADMINI~1 ->Temp folder emptied: 2071034 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User User: George ->Temp folder emptied: 13273778062 bytes ->Temporary Internet Files folder emptied: 860150205 bytes ->Java cache emptied: 17858073 bytes ->FireFox cache emptied: 29873040 bytes ->Apple Safari cache emptied: 669696 bytes ->Flash cache emptied: 186543 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 155648 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 718455410 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes RecycleBin emptied: 3187762305 bytes Total Files Cleaned = 17.253,00 mb [EMPTYFLASH] User: ADMINI~1 User: All Users User: Default User: Default User User: George ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.55.0 log created on 07312012_171338 Files\Folders moved on Reboot... C:\Users\George\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\George\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Lg und danke schonmal ;D |
|
31.07.2012, 16:46
| #6 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Sehr gut!  Im normalen Modus weitermachen! Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 2. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> Computer wurde gesperrt zahlen sie 100€ bei Ukash |
|
31.07.2012, 20:49
| #7 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Hab bei Malwarebyte keine Option mit "Zeige Resultate" gefunden also poste ich halt den Log : Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.31.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 George :: GEORGE-PC [Administrator] 31.07.2012 19:21:55 mbam-log-2012-07-31 (19-21-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 602295 Laufzeit: 1 Stunde(n), 53 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\George\Desktop\Spiele\Populous\Spites + Tools\popfont.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Und vom AdwCleaner Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.31.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 George :: GEORGE-PC [Administrator] 31.07.2012 19:21:55 mbam-log-2012-07-31 (19-21-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 602295 Laufzeit: 1 Stunde(n), 53 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\George\Desktop\Spiele\Populous\Spites + Tools\popfont.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Lg. ;D |
|
31.07.2012, 21:59
| #8 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Log vom adwCleaner? |
|
01.08.2012, 07:43
| #9 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Sry hatte beim Kopieren falschen Log in zwischenablage... Hier der von Adw : # AdwCleaner v1.703 - Logfile created 08/01/2012 at 08:39:33 # Updated 20/07/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : George - GEORGE-PC # Running from : C:\Users\George\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\George\AppData\Local\Conduit Folder Found : C:\Users\George\AppData\Local\ConduitEngine Folder Found : C:\Users\George\AppData\Local\DVDVideoSoftTB Folder Found : C:\Users\George\AppData\Local\OpenCandy Folder Found : C:\Users\George\AppData\LocalLow\Conduit Folder Found : C:\Users\George\AppData\LocalLow\ConduitEngine Folder Found : C:\Users\George\AppData\LocalLow\DVDVideoSoftTB Folder Found : C:\Users\George\AppData\LocalLow\PriceGong Folder Found : C:\Users\George\AppData\Roaming\OpenCandy Folder Found : C:\Users\George\AppData\Roaming\PriceGong Folder Found : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Found : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\extensions\engine@conduit.com Folder Found : C:\Program Files (x86)\ConduitEngine Folder Found : C:\Program Files (x86)\DVDVideoSoftTB File Found : C:\Program Files (x86)\Mozilla Firefox\.autoreg ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2625848[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2653012 Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\conduitEngine Key Found : HKCU\Software\DVDVideoSoftTB Key Found : HKCU\Software\PriceGong Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\conduitEngine Key Found : HKLM\SOFTWARE\DT Soft Key Found : HKLM\SOFTWARE\DVDVideoSoftTB Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\conduitEngine [x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong [x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar [x64] Key Found : HKCU\Software\AppDataLow\Toolbar [x64] Key Found : HKCU\Software\Conduit [x64] Key Found : HKCU\Software\conduitEngine [x64] Key Found : HKCU\Software\DVDVideoSoftTB [x64] Key Found : HKCU\Software\PriceGong [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.4 (de) Profile name : default File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\prefs.js Found : user_pref("CT2625848.autoDisableScopes", -1); -\\ Google Chrome v [Unable to get version] File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [4850 octets] - [31/07/2012 21:44:11] AdwCleaner[R2].txt - [3897 octets] - [01/08/2012 08:39:33] ########## EOF - C:\AdwCleaner[R2].txt - [4025 octets] ########## Lg. |
|
01.08.2012, 12:40
| #10 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Sehr gut!
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
02.08.2012, 08:54
| #11 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Hallo, Sry das es gedauert hat aber hier der Log von AdwCleaner: # AdwCleaner v1.703 - Logfile created 08/01/2012 at 19:50:37 # Updated 20/07/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : George - GEORGE-PC # Running from : C:\Users\George\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\George\AppData\Local\Conduit Folder Deleted : C:\Users\George\AppData\Local\ConduitEngine Folder Deleted : C:\Users\George\AppData\Local\DVDVideoSoftTB Folder Deleted : C:\Users\George\AppData\Local\OpenCandy Folder Deleted : C:\Users\George\AppData\LocalLow\Conduit Folder Deleted : C:\Users\George\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\George\AppData\LocalLow\DVDVideoSoftTB Folder Deleted : C:\Users\George\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\George\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\George\AppData\Roaming\PriceGong Folder Deleted : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Deleted : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\extensions\engine@conduit.com Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2625848[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2653012 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Ask.com.tmp Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\conduitEngine Key Deleted : HKCU\Software\DVDVideoSoftTB Key Deleted : HKCU\Software\PriceGong Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\conduitEngine Key Deleted : HKLM\SOFTWARE\DT Soft Key Deleted : HKLM\SOFTWARE\DVDVideoSoftTB Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.4 (de) Profile name : default File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\prefs.js Deleted : user_pref("CT2625848.autoDisableScopes", -1); -\\ Google Chrome v [Unable to get version] File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [4850 octets] - [31/07/2012 21:44:11] AdwCleaner[R2].txt - [4002 octets] - [01/08/2012 08:39:33] AdwCleaner[S1].txt - [3397 octets] - [01/08/2012 19:50:37] ########## EOF - C:\AdwCleaner[S1].txt - [3525 octets] ########## Und hier von Emisoft: Emsisoft Anti-Malware - Version 6.6 Letztes Update: 01.08.2012 21:00:25 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\ Archiv Scan: An ADS Scan: An Scan Beginn: 02.08.2012 08:28:51 Key: hkey_local_machine\software\trymedia systems\activemark software gefunden: Trace.Registry.trymedia!E1 Key: hkey_local_machine\software\trymedia systems gefunden: Trace.Registry.trymedia!E1 C:\_OTL\MovedFiles\07312012_171338\C_Users\George\0.10120897262842443.exe gefunden: Trojan.Win32.Weelsof!E2 C:\_OTL\MovedFiles\07312012_171338\C_ProgramData\pxnbeyxb.exe gefunden: Trojan.Win32.Weelsof!E2 C:\Users\George\Dropbox\2AHET\AINF\Beispiele\03_Schleifen\03_Schleifen\bin\Debug\03_Schleifen.exe gefunden: Trojan-PWS.MSIL!E2 C:\Users\George\Dropbox\2AHET\AINF\Beispiele\01_Einstieg\4565\obj\x86\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\Dropbox\2AHET\AINF\Beispiele\03_Schleifen\03_Schleifen\obj\x86\Debug\03_Schleifen.exe gefunden: Trojan-PWS.MSIL!E2 C:\Users\George\Dropbox\2AHET\AINF\Beispiele\01_Einstieg\4565\bin\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\Desktop\Schule\C#\01_Einstieg\bin\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\Desktop\Schule\C#\01_Einstieg\obj\x86\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\Desktop\Schule\C#\01_Einstieg\01_Einstieg\obj\x86\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\Desktop\Schule\C#\01_Einstieg\01_Einstieg\bin\Debug\01_Einstieg.exe gefunden: Email-Worm.Win32.Alcaul!E2 C:\Users\George\AppData\Local\PunkBuster\BC2\pb\pbclold.dll gefunden: Trojan.Win32.Patched!E2 C:\Users\George\AppData\Local\PunkBuster\BC2\pb\pbcls.dll gefunden: Trojan.Win32.Patched!E2 C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\qlipso-qlipso-silent-us.exe gefunden: Riskware.Win32.Toolbar.Zugo.AMN!E1 C:\Program Files (x86)\bullfrog\populous\popres.exe gefunden: Trojan-Proxy.Win32.Horst!E2 C:\HP\Bin\EndProcess.exe gefunden: Riskware.Win32.KillApp!E1 Gescannt 832186 Gefunden 17 Scan Ende: 02.08.2012 09:51:00 Scan Zeit: 1:22:09 Lg. ;D |
|
02.08.2012, 12:29
| #12 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Sehr gut! Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
02.08.2012, 18:29
| #13 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Hi, hier der Log: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=71ce3610e98def4584ba2a4c01ee51d6 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-02 05:20:49 # local_time=2012-08-02 07:20:49 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 341999 341999 0 0 # compatibility_mode=5893 16776574 100 94 342823 95550299 0 0 # compatibility_mode=8192 67108863 100 0 300 300 0 0 # scanned=411854 # found=7 # cleaned=7 # scan_time=7600 C:\Program Files (x86)\Disney Interactive Studios\LEGO® Pirates\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\qlipso-qlipso-silent-us.exe a variant of Win32/Toolbar.Zugo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\George\Desktop\sblauncher.exe probably unknown NewHeur_PE virus (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\George\Downloads\sblauncher.exe probably unknown NewHeur_PE virus (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\07312012_171338\C_ProgramData\pxnbeyxb.exe a variant of Win32/Kryptik.AJHI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\07312012_171338\C_ProgramData\okhjmlfjvkwpfat\main.html HTML/Ransom.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\07312012_171338\C_Users\George\0.10120897262842443.exe a variant of Win32/Kryptik.AJHI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C Lg. |
|
03.08.2012, 13:50
| #14 |
| /// Helfer-Team | Computer wurde gesperrt zahlen sie 100€ bei Ukash Malware mit Combofix beseitigen Lade Combofix von einem der folgenden Download-Spiegel herunter: BleepingComputer.com - ForoSpyware.com und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig! Beachte die ausführliche Original-Anleitung. Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
Vorbereitung und wichtige Hinweise
Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen! |
|
03.08.2012, 14:52
| #15 |
| | Computer wurde gesperrt zahlen sie 100€ bei Ukash Hab alles so gemacht wie beschrieben aber kann ich gar nichts mehr öffnen auser Ordner ,kann kein Programm öffnen kann Net mal log auf USB-Stick machen und mit anderen pc hochladen weil ich keinen Editor öffnen kann.... Es kommt immer die Fehlermeldung:"Dateipfad" Es wurde versucht,einen Registrierungsschlüssel einem unzulässigen Vorgang zu unterziehen,der zum Löschen markiert wurde. Pls dringende Hilfe Edit: Geht schon wieder alles nach manuellen Pc neustart ...PUhh hier die logs : Compofix.txt: Combofix Logfile: Code:
ATTFilter ComboFix 12-07-31.06 - George 03.08.2012 15:22:10.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.4023.2532 [GMT 2:00]
ausgeführt von:: c:\users\George\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\SysWow64\dbfb.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-03 bis 2012-08-03 ))))))))))))))))))))))))))))))
.
.
2012-08-03 09:59 . 2012-08-03 09:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-03 09:59 . 2012-08-03 09:59 -------- d-----w- c:\program files (x86)\Oracle
2012-08-03 09:58 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-01 18:58 . 2012-08-02 14:56 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-07-31 17:19 . 2012-07-31 17:19 -------- d-----w- c:\users\George\AppData\Roaming\Malwarebytes
2012-07-31 17:19 . 2012-07-31 17:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-31 17:19 . 2012-07-31 17:19 -------- d-----w- c:\programdata\Malwarebytes
2012-07-31 17:19 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-31 15:13 . 2012-07-31 15:13 -------- d-----w- C:\_OTL
2012-07-29 16:19 . 2012-07-29 16:19 -------- d-----w- c:\users\George\AppData\Roaming\Avira
2012-07-29 16:14 . 2012-07-29 16:14 -------- d-----w- c:\programdata\Avira
2012-07-29 16:14 . 2012-07-29 16:14 -------- d-----w- c:\program files (x86)\Avira
2012-07-29 16:14 . 2012-07-18 16:04 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-07-29 16:14 . 2012-07-18 16:04 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-29 16:14 . 2012-07-18 16:04 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-29 16:00 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{182DA90F-7C99-4BAC-B4B1-27D766D19F60}\mpengine.dll
2012-07-24 06:07 . 2012-07-24 06:07 -------- d-----w- c:\users\George\AppData\Local\Criterion Games
2012-07-21 13:39 . 2012-06-22 14:32 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-21 13:38 . 2012-07-21 13:38 -------- d-----w- c:\programdata\EA Logs
2012-07-15 20:23 . 2012-07-15 20:23 -------- d-----w- c:\users\George\AppData\Roaming\fltk.org
2012-07-15 20:23 . 2012-07-15 20:23 -------- d-----w- c:\programdata\fltk.org
2012-07-15 07:48 . 2012-07-30 09:03 -------- d-----w- c:\program files (x86)\Bethesda Softworks
2012-07-11 08:37 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 08:22 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-23 07:17 . 2010-11-30 16:53 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-23 07:17 . 2010-11-30 16:54 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-11 08:34 . 2010-06-09 12:19 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-06 19:18 . 2010-11-30 18:13 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-06 19:12 . 2010-11-30 16:54 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-02 22:19 . 2012-06-22 12:36 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 12:36 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 12:36 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 12:36 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 12:36 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 12:36 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 12:36 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 12:35 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 12:35 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-07-24 07:04 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-16 16:35 . 2012-03-30 14:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-05-16 16:34 . 2012-03-16 19:52 824144 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-05-15 17:58 . 2012-03-16 19:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-05-12 12:23 . 2012-03-24 06:30 188896 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1031\ResourceCache.dll
2010-09-29 13:00 . 2010-09-29 13:00 97979392 ----a-w- c:\program files (x86)\Samsung New PC Studio.msi
2002-09-14 12:59 . 2010-06-04 09:05 4083712 ----a-w- c:\program files\Cannonhill.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-11-18 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-28 116648]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2009-03-02 35840]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 dump_wmimmc;dump_wmimmc;c:\users\George\Desktop\Spiele\Rappelz\GameGuard\dump_wmimmc.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-28 116648]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-10-03 258560]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-31 1255736]
R3 X6va002;X6va002;c:\users\George\AppData\Local\Temp\002BE10.tmp [x]
R3 X6va003;X6va003;c:\users\George\AppData\Local\Temp\0038555.tmp [x]
R3 X6va005;X6va005;c:\users\George\AppData\Local\Temp\005581D.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-13 151040]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-08-22 84512]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\George\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-09 171520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\George\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to iPod Converter - c:\users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: Free YouTube to Mp3 Converter - c:\users\George\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\George\AppData\Roaming\Mozilla\Firefox\Profiles\cu9iv51c.default\
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: network.proxy.type -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-AGEIA PhysX v2.3.3 - c:\program files (x86)\AGEIA Technologies\uninstall.exe
AddRemove-DVDVideoSoftTB_DE Toolbar - c:\program files (x86)\DVDVideoSoftTB_DE\uninstall.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{692DF640-F6EE-4BA2-90FD-466B9A23A6B5}_is1 - c:\users\George\Desktop\Spiele\dirhtml\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\George\AppData\Local\Temp\002BE10.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\George\AppData\Local\Temp\0038555.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\George\AppData\Local\Temp\005581D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:cf,1d,01,fe,18,2a,e6,a0,a8,11,40,b7,ba,6a,b0,ed,ea,44,97,39,cd,9c,1f,
08,4c,a3,ab,40,f0,ce,f6,58,d4,12,1a,8f,6e,1a,05,48,6b,15,47,21,a7,15,95,a6,\
"??"=hex:9d,0f,2a,b5,f3,49,07,b9,52,2d,99,8c,7c,03,53,e4
.
[HKEY_USERS\S-1-5-21-4237530706-4014961039-1401757581-1000\Software\SecuROM\License information*]
"datasecu"=hex:20,c6,66,fd,dd,68,9e,9e,57,64,e5,77,81,db,e5,87,08,17,9a,ce,a8,
8d,6d,94,67,d9,b0,25,70,90,e4,78,dc,a9,1b,32,fa,3f,76,a5,95,20,54,9b,a8,dc,\
"rkeysecu"=hex:f1,1b,4f,48,8d,63,65,7e,c3,77,3e,f0,b6,05,a3,d3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-03 15:42:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-03 13:42
.
Vor Suchlauf: 19 Verzeichnis(se), 378.212.524.032 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 389.624.098.816 Bytes frei
.
- - End Of File - - 5CD3035E7F78EBE472D9958ED7864CE1
Add-Remove-Programms.txt Log: Update for Microsoft Office 2007 (KB2508958) Acrobat.com ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.1 MUI Adobe Shockwave Player AGEIA PhysX v2.3.3 Amnesia: The Dark Descent aonFTP aonUpdate Apple Application Support Apple Software Update Audacity 1.2.6 Avira Free Antivirus Bing Bar Burnout Paradise: The Ultimate Box CamStudio Compatibility Pack für 2007 Office System Controller Corel Paint Shop Pro Photo X2 Corel VideoStudio 12 CyberLink DVD Suite DAEMON Tools Lite dirhtml v4.853 Dropbox DVD Menu Pack for HP MediaSmart Video DVDVideoSoftTB DE Toolbar ESU for Microsoft Windows 7 EVEREST Home Edition v2.20 Fraps Free Audio CD Burner version 1.4.7 Free Studio version 4.8 Free YouTube to iPod Converter version 3.10.26.706 Free YouTube to MP3 Converter version 3.10.7.804 GOM PICKER Google Earth Google Update Helper Highspeed-Internet-Installation HP Advisor HP Customer Experience Enhancements HP Games HP MediaSmart DVD HP MediaSmart Internet TV HP MediaSmart Live TV HP MediaSmart Music/Photo/Video HP MediaSmart Webcam HP Quick Launch Buttons HP Setup HP Support Assistant HP Update HP User Guides 0154 HP Wireless Assistant HPAsset component for HP Active Support Library Icy Tower v1.4 IDT Audio Intel(R) Turbo Boost Technology Driver IrfanView (remove only) Java Auto Updater Java(TM) 6 Update 26 Java(TM) 7 Update 5 JavaFX 2.1.1 JMicron Flash Media Controller Driver Junk Mail filter update Just Cause 2 Kalydo Player 4.06.00 LabelPrint LightScribe System Software LOGO!Soft Comfort V6.1 Magic Desktop Malwarebytes Anti-Malware Version 1.62.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (German) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (German) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft SQL Server System CLR Types Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C# 2010 Express - DEU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Works Morrowind Motherboard Monitor 5 Motherboard Monitor 5 Languages Movie Theme Pack for HP MediaSmart Video Mozilla Firefox (3.6.4) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MySQL Connector/ODBC 5.1 NVIDIA PhysX OpenAL Pando Media Booster Power2Go PowerDirector Prince of Persia T2T PunkBuster Services QLBCASL QuickTime Realtek Ethernet Controller Driver For Windows Vista and Later Recovery Manager Rockstar Games Social Club S.T.A.L.K.E.R.: Shadow of Chernobyl Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Visual C# 2010 Express - DEU (KB2251489) Steam System Requirements Lab System Requirements Lab CYRI TeamSpeak 2 RC2 TES Construction Set Trials 2 Second Edition Ubisoft Game Launcher Uninstall 1.0.0.1 Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App VideoStudio Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU WildTangent Games App (HP Games) Windows Live-Uploadtool Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Mail Windows Live Messenger Windows Live Sync Windows Live Writer Windows Media Encoder 9 Series WinRAR Worms 3D Lg. Geändert von Sycro (03.08.2012 um 15:00 Uhr) |
|
| Themen zu Computer wurde gesperrt zahlen sie 100€ bei Ukash |
| abgelaufen, abgesicherte, abgesicherten, avira, bezahlen, code, computer, daten, eingebe, entfernen, gesperrt, gratis, helft, kommt wieder, leute, meldung, modus, schnell, schutz, sperre, sperren, starte, virenschutz, virus, w-lan, zahlen |
