| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner TR/Dropper.gen gefunden!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.05.2013, 00:01
| #1 |
 |  Trojaner TR/Dropper.gen gefunden! Hallo Ich habe heute von Avira Antivir eine Benachrichtigung erhalten, dass der Trojaner TR/Dropper.Gen auf meinem Laptop gefunden wurde. Ich habe diesen sofort in Quarantäne verschoben und mir daraufhin im Internet einige Beiträge zu diesem Trojaner durchgelesen. Das hat mich sehr beunruhigt und mich veranlasst, diese Nachricht zu schreiben und um Hilfe zu bitten, da ich nicht genau weiß, wie sehr ich betroffen bin und wie ich mich verhalten sollte. Ich habe mir bereits Malwarebytes Anti-Malware heruntergeladen und einen Quick-Scan durchgeführt. Es wurden aber keine schädlichen Dateien gefunden. Außerdem habe ich mit OTL einen Scan druchgeführt. OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.05.2013 23:59:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,80% Memory free 7,73 Gb Paging File | 5,54 Gb Available in Paging File | 71,70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 226,09 Gb Total Space | 126,52 Gb Free Space | 55,96% Space Free | Partition Type: NTFS Drive D: | 7,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive Z: | 224,99 Gb Total Space | 130,14 Gb Free Space | 57,84% Space Free | Partition Type: NTFS Computer Name: *** | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - Z:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () MOD - Z:\Program Files (x86)\Steam\bin\chromehtml.dll () MOD - Z:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - Z:\Program Files (x86)\Steam\bin\libcef.dll () MOD - Z:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - Z:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - Z:\Program Files (x86)\Steam\bin\avutil-51.dll () ========== Services (SafeList) ========== SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe (IDT, Inc.) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE () SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe (IDT, Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe (mst software GmbH, Germany) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe (Andrea Electronics Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (O2MDGRDR) -- C:\Windows\SysNative\drivers\o2mdgx64.sys (O2Micro ) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys () DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Acceler.sys (ST Microelectronics) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{7DD32983-A324-4EAC-8050-67DEFEAB8587}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{BC4A2AB4-B32D-47E4-9423-5F8626029054}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1562325414-483069299-86723442-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-1562325414-483069299-86723442-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-1562325414-483069299-86723442-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1562325414-483069299-86723442-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de IE - HKU\S-1-5-21-1562325414-483069299-86723442-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/|hxxp://www.spiegel.de/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 11:48:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 11:48:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 11:48:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 11:48:55 | 000,000,000 | ---D | M] [2010.11.05 13:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moe\AppData\Roaming\mozilla\Extensions [2013.05.11 12:41:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moe\AppData\Roaming\mozilla\Firefox\Profiles\09z5mk9o.default\extensions [2013.04.04 15:12:00 | 000,542,511 | ---- | M] () (No name found) -- C:\Users\Moe\AppData\Roaming\mozilla\firefox\profiles\09z5mk9o.default\extensions\toolbar@web.de.xpi [2013.05.11 12:41:58 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Moe\AppData\Roaming\mozilla\firefox\profiles\09z5mk9o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.12 11:48:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.12 11:48:58 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.06.22 02:45:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.13 12:45:51 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.22 02:45:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.22 02:45:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.22 02:45:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.22 02:45:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1562325414-483069299-86723442-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-1562325414-483069299-86723442-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1562325414-483069299-86723442-1001..\Run: [DAEMON Tools Lite] Z:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1562325414-483069299-86723442-1001..\Run: [Spotify] C:\Users\Moe\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-1562325414-483069299-86723442-1001..\Run: [Spotify Web Helper] C:\Users\Moe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] Z:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\Moe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A85F5241-AE7D-4E86-A12F-4102D11AB50C}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{624b5ef1-bc6b-11e0-8c74-5c260a165dca}\Shell - "" = AutoRun O33 - MountPoints2\{624b5ef1-bc6b-11e0-8c74-5c260a165dca}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{a6d4ec8d-00a3-11e0-8d8e-5c260a165dca}\Shell - "" = AutoRun O33 - MountPoints2\{a6d4ec8d-00a3-11e0-8d8e-5c260a165dca}\Shell\AutoRun\command - "" = F:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.16 22:29:16 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine [2013.05.16 22:28:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger [2013.05.16 22:06:23 | 000,000,000 | ---D | C] -- C:\Users\Moe\AppData\Roaming\Malwarebytes [2013.05.16 22:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.16 22:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.16 22:04:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.05.16 22:03:50 | 000,000,000 | ---D | C] -- C:\Users\Moe\AppData\Local\Programs [2013.05.15 16:05:18 | 000,000,000 | ---D | C] -- C:\Users\Moe\AppData\Local\ElevatedDiagnostics [2013.05.15 15:55:28 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 15:55:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 15:55:28 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 15:55:27 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 15:55:16 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 15:55:16 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 15:55:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.15 15:55:06 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.15 15:55:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.15 15:55:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.15 15:55:04 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.15 15:55:04 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.15 15:55:04 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.15 15:55:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.06 10:38:04 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys ========== Files - Modified Within 30 Days ========== [2013.05.16 22:04:14 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.16 20:09:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.16 12:05:25 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.16 12:05:25 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.16 11:59:54 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.16 11:59:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.16 11:59:54 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.16 11:57:55 | 3111,555,072 | -HS- | M] () -- C:\hiberfil.sys [2013.05.16 00:06:27 | 000,311,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 17:20:00 | 001,522,286 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.15 17:20:00 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.15 17:20:00 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.15 17:20:00 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.15 17:20:00 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.06 10:37:50 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys ========== Files Created - No Company Name ========== [2013.05.16 22:04:14 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.02 23:50:33 | 000,877,747 | ---- | C] () -- C:\Users\Moe\AppData\Local\Tempmusic.ogg [2011.07.27 18:33:00 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2011.07.27 18:33:00 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2011.02.18 00:15:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2010.12.05 21:31:58 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\DAEMON Tools Lite [2011.04.27 01:58:03 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\Leadertech [2013.04.26 22:45:08 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\SoftGrid Client [2013.05.16 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\Spotify [2010.11.30 20:04:57 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\TP [2012.09.19 15:00:56 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\Ubisoft [2010.11.05 19:35:59 | 000,000,000 | ---D | M] -- C:\Users\Moe\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > OTL Extras Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.05.2013 23:59:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,80% Memory free
7,73 Gb Paging File | 5,54 Gb Available in Paging File | 71,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226,09 Gb Total Space | 126,52 Gb Free Space | 55,96% Space Free | Partition Type: NTFS
Drive D: | 7,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Z: | 224,99 Gb Total Space | 130,14 Gb Free Space | 57,84% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1562325414-483069299-86723442-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FE44D09-50FC-4DFD-A7A9-43A646335E85}" = rport=10243 | protocol=6 | dir=out | app=system |
"{10A1DD48-6AD5-402B-8B96-1FA289EA340A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{15372F83-1761-418D-B8EF-0B2F54BC7F2E}" = rport=445 | protocol=6 | dir=out | app=system |
"{1F7A1D45-42BF-4A2D-AEE1-F9177863ED36}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36D6CFB2-1DB2-4E21-8CEA-2BF72CB82980}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{38C9397C-27E1-4F15-8E6E-A8C596107A7F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39A3DFC5-123E-4161-AA57-5AC27F4269E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4FE29040-9A89-46F0-BEB3-44291565D518}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{518890C7-D0E2-4930-A03E-6D79554FA6B7}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5AA202CD-3410-46B7-86A1-75F493C4E8DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78CCC728-9D8D-4226-A383-AF5E3E4604C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{797F9B6A-82EA-472D-AEA0-00CBB37483EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7CA0FE83-20C2-4D2A-9446-92F5CBB71628}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FAEEF5E-ECBC-4221-938C-9A4AFA05FEFC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83680449-8890-4FA6-BACC-D3886A07EC43}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{85D99D2C-C47B-4FF7-A926-F6F4A68F960F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8C523CAF-8F9C-4C58-971A-63DC5ECCDD93}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{94C4B672-134B-488D-96E2-18F683EA5E68}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{97ED8273-F6F6-4E8A-8074-88F5C3BBD57F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99A3E422-A4AC-4534-BECA-F408F448039E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A8288289-88C0-40E6-92A4-AD0A71F84037}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B69B62F9-097C-4E63-8518-13F37CB477B0}" = lport=138 | protocol=17 | dir=in | app=system |
"{B86DE7EE-FD41-44E2-B21E-EC849E851C42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CAF8F38E-D1FE-4113-9F82-6B37EBBABC33}" = rport=137 | protocol=17 | dir=out | app=system |
"{D2B208F1-62DC-4DAE-8542-B0A817893BFF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D75A21CD-EFEE-4AC4-9F53-DEC050CD26B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{DE5D038E-FD48-44A7-B859-CFE56ADE0BEC}" = rport=138 | protocol=17 | dir=out | app=system |
"{E547E4DF-D551-496E-979E-A3A0A7CE1429}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5DBB6FF-13C7-4684-8C0E-DF3B171A1F4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1EE6870-1715-4865-8B6B-21EF6587F40B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F24AB96F-E506-4472-9346-F23B56F9F01E}" = lport=139 | protocol=6 | dir=in | app=system |
"{F2F58CB4-CA42-4EC4-9441-3EA2D9228EB9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F4CDA3C4-B2A0-4C86-B887-43133C61DA02}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC756187-37FA-4749-817B-A51C868C1E78}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AD2721-4D32-4BC0-9E30-C23EF7092DC4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{013A53CF-8E87-40D0-B258-F7BCEFFE3EAC}" = protocol=17 | dir=in | app=z:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{049060D9-346A-4F9F-B9F5-3437552C7778}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{057C2210-65E8-4EB8-8313-A461A17E2546}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{066577F3-0D29-4185-9181-BD5791365AA1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{0D069DAF-20E1-4BE3-A5A2-B2F8828180F4}" = protocol=6 | dir=in | app=z:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{0FBC7720-C5B5-4379-B52D-2DA156FC0B2D}" = protocol=17 | dir=in | app=z:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{15E781BD-28FF-4F4B-A0B0-92313ABFF330}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18960318-2D18-428B-91A7-866C3F4C0961}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1EF6EBAD-BC30-4157-9D24-E117B6486229}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{1FEC6ECC-9B92-4F00-9AF5-02ED104B23D1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{21B4F38D-07DE-4737-951D-0BCEEBF3A6BE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{229627E8-31C7-4F60-BFF7-28C7218081F5}" = protocol=17 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{2423ED58-CE88-4656-9BAA-408C29D253DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{2551B3B5-6F29-4B14-BA64-68C358CB0C38}" = protocol=17 | dir=in | app=e:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"{27B7C2C8-E16A-4464-AA45-D7AEDB5F9323}" = protocol=17 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{2AA21D88-4F55-4C10-996C-CB99464F7D4D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B55873A-AD82-4D10-97CF-04292B08EE8C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{40CFF8A7-F46A-49BD-94FA-C159AB55F72F}" = protocol=6 | dir=in | app=z:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"{41C6CCC5-198C-42B2-A53B-C4734A6BE7A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{477B48ED-CAE6-450D-8C52-AD58DAAEE290}" = protocol=6 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{48858458-9363-4E19-8E6D-B1F80A263DDE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4894BD84-754A-42C7-985D-E7C1AA0FCC18}" = protocol=17 | dir=in | app=z:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"{4CBA8D08-1F71-45DC-9FEC-83A98BF9D641}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4DD9BC4B-0F1F-4179-8E78-E256A7966E90}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{5671A1CA-0E51-4189-87E2-6062C0631EC1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56D782F9-5F9D-41D6-9E2F-9F05A270DC2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57B7F16C-318E-4CAD-AFFB-EDD2A06B747E}" = protocol=17 | dir=in | app=z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"{5B3BDE24-F3EB-4EF6-A46C-28916B416554}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{609EF8A0-F0B8-44E0-AE03-648A1AC5AA65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{649A4D4E-B33B-47EE-B088-369E3E3BE29B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{667B8CE5-AFBC-423F-B0DF-DEF8387CD6AE}" = protocol=17 | dir=in | app=z:\program files (x86)\steam\steam.exe |
"{66E9474C-16A0-4D11-A11A-FDFA7267C8FB}" = protocol=6 | dir=in | app=z:\program files (x86)\steam\steamapps\blade2000\counter-strike\hl.exe |
"{6AE27C18-A7D4-4C83-8B6E-689810144D3D}" = protocol=6 | dir=in | app=z:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{7967C7C0-E76D-4018-AC75-16520FF5BA27}" = protocol=6 | dir=in | app=z:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{80B09573-B733-4297-8203-A2BA03A984C5}" = protocol=6 | dir=in | app=z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"{80CCD0F4-6249-4B68-88DF-F0C7056E121B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80E323B5-577B-4E54-9A87-1C7FC8F07EFA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{821B580C-A651-45F6-93D2-181653CE01D8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{877E1F73-6988-46E8-BE3B-6B54BD7F08AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D68EC4B-9D62-43CD-86E3-DE37B13F4661}" = protocol=6 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{912AD4AA-09F1-492C-87C3-BF881817D97A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{92837882-8EC8-4D84-8C0D-69686CE2CDF6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{950EC466-BB87-4D66-BE68-923A603F0555}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{970A7143-00B9-4109-A6C6-5813CEEC010C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{ACC3687D-4279-4BC7-9E71-BF94EC68B70F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{AD549B02-79CD-41AA-892D-A12CC2939370}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B33FB38C-360B-405B-A5F7-5C4C96236B3B}" = protocol=17 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{B5119CC5-8D6A-4EB3-A9B5-9DD624E4D283}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{B53CB740-6762-4B2B-A0BF-F10291EBA437}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{B7BDA296-860A-41B2-91CD-6550E62CA684}" = protocol=6 | dir=out | app=system |
"{BA74E916-8491-4D79-BA93-EA375FFBB33A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{BB79B08C-1E66-4063-B95F-AE3F72C23420}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1D93A8D-F332-499A-B565-025967005AC7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C23A4DA6-0B5B-44FA-8B1A-4424CF524196}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C28913A7-0AFF-4838-A9BD-2309A7621AA1}" = protocol=17 | dir=in | app=z:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{C2991B05-764D-46F5-949D-257BF825B97F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3943583-5FA7-4693-A2EB-9B1806C0350E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C8C5EFA5-0A44-4B53-BC2A-9A12203BB71F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{CFF7953E-3404-47EF-8BEE-093DAA9D6BC7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{D245480B-8FAA-4430-B806-8821D6C54A56}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D4155467-D4FD-425F-8901-78AC9438E915}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D51897F8-14C5-46E7-869A-145D5B3264BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D73E2864-9C75-4D40-9781-69DF0AB772FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{D7643A05-5AF5-4636-B6DC-29AB8E894406}" = protocol=17 | dir=in | app=z:\program files (x86)\steam\steamapps\blade2000\counter-strike\hl.exe |
"{DFF0098B-BEA2-45A7-A640-0BBC1534A40A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E69B4440-9857-46B7-8BFC-7F5B31B1D87D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E7370C4B-B094-42C6-94D5-C5BFBC517A34}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{F1E14786-DFD9-4DE5-A782-583B79DE8836}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F25C6A73-052C-4143-8CC2-7072F43C20E8}" = protocol=6 | dir=in | app=e:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"{F42CA414-D46A-4201-B90F-8659110C3C6E}" = protocol=6 | dir=in | app=z:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{F49DEB1F-C797-4B21-AFFE-2F33E632F49B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{F9A0D936-98E1-4F01-833D-BE372DC2BDC9}" = protocol=6 | dir=in | app=z:\program files (x86)\steam\steam.exe |
"{FD4F74E9-4CC8-42B6-9E35-F7D963C01A2C}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"TCP Query User{070BAB4F-4B54-4D2A-850D-13350C5D406E}E:\games\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=e:\games\stronghold crusader\stronghold crusader.exe |
"TCP Query User{09E8D1F3-6240-4407-A1CB-F14041D31680}Z:\program files (x86)\ea sports\madden nfl 06\mainapp.exe" = protocol=6 | dir=in | app=z:\program files (x86)\ea sports\madden nfl 06\mainapp.exe |
"TCP Query User{0A097A66-2EA3-4308-B6F6-E91A60225D03}Z:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=z:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{10AFD87F-9AED-452B-9D02-7340275D8D07}C:\users\moe\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\moe\appdata\roaming\spotify\spotify.exe |
"TCP Query User{12555303-A0A8-4D22-BC2D-E0AF8318368A}Z:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=z:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{1645DBD5-391A-4368-A9E7-61C535931177}Z:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe" = protocol=6 | dir=in | app=z:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"TCP Query User{16F70510-2A1F-4E19-BA84-D3DD920C955B}G:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=g:\games\warcraft iii\war3.exe |
"TCP Query User{29F16043-ABF1-42FD-9062-FD5BAAD6D701}C:\users\moe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\moe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{3A644381-B5CD-424B-84FB-851957F89CC3}E:\games\flatout!\flatout2.exe" = protocol=6 | dir=in | app=e:\games\flatout!\flatout2.exe |
"TCP Query User{3EE84BB2-94D3-44D4-8B23-2EE571BFA816}Z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |
"TCP Query User{41E344E4-60C4-4994-B62C-D72D58C28CAE}C:\users\moe\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\moe\appdata\roaming\spotify\spotify.exe |
"TCP Query User{4FE423AC-BB66-4E5D-BB2F-1532F71BB7C6}Z:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=z:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{54F95FAF-1347-46CA-8A00-7BFF78E70292}Z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe" = protocol=6 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe |
"TCP Query User{5B85AD2D-EDCC-49A3-97D2-52A8969B5AA3}E:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat" = protocol=6 | dir=in | app=e:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"TCP Query User{6D2391DB-F8EF-47C7-9A32-2526CEB5497E}Z:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=z:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
"TCP Query User{7DD14211-664B-4544-B1F8-38E7F2242F7F}Z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |
"TCP Query User{8D6CED62-FBA2-4038-AF10-8993E6A9DEF6}E:\games\cs 1.6\hl.exe" = protocol=6 | dir=in | app=e:\games\cs 1.6\hl.exe |
"TCP Query User{918392FA-544C-4FBD-A295-C68D5E5B2C02}G:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=g:\games\warcraft iii\war3.exe |
"TCP Query User{A27DDD81-A92F-490F-8BC7-9AB8B533CE4F}E:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\games\warcraft iii\war3.exe |
"TCP Query User{A2DC4E8F-3C43-48A6-9A13-04EDA90F4C65}Z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"TCP Query User{AE8FC1A9-7065-4350-82D6-F4723DEED361}Z:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=z:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{B8438741-A92F-42B0-AA85-33EBA7E8A2AE}Z:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=z:\program files (x86)\valve\hl.exe |
"TCP Query User{BFBE070B-E59A-4575-815E-A5F3036ED188}Z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe" = protocol=6 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe |
"TCP Query User{C5269BB4-EEF4-4F26-9781-6D44323BEF31}Z:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=z:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{CFFAD703-D274-4D55-B7F8-2915376500F4}Z:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=z:\program files (x86)\valve\hl.exe |
"TCP Query User{D6D81D3E-38E3-4867-9283-2349BE5AD212}E:\games\quakeiii\quake3.exe" = protocol=6 | dir=in | app=e:\games\quakeiii\quake3.exe |
"TCP Query User{D778F00C-9D40-4F8C-9517-878B911CE0D4}Z:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=z:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{E6C70ED7-816D-497E-B154-A9BF6FCBCA50}E:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\games\warcraft iii\war3.exe |
"TCP Query User{F23E9448-CDCE-41BD-B724-307DC8957D3C}Z:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=z:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{0BCBD07C-36F0-44D7-A8D5-5972E46125FC}Z:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe" = protocol=17 | dir=in | app=z:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"UDP Query User{0DCAD1DD-A0AB-4FE5-AF15-D9F896381077}Z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |
"UDP Query User{20C27AB0-8AC9-4C2C-A80D-EC093330E411}Z:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=z:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{218FD21B-D6DD-44F4-8013-CE974854D31C}E:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat" = protocol=17 | dir=in | app=e:\program files (x86)\ea games\die schlacht um mittelerde(tm)\game.dat |
"UDP Query User{3353F96B-D137-4530-ABC5-23D05014A594}C:\users\moe\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\moe\appdata\roaming\spotify\spotify.exe |
"UDP Query User{3563B1C1-A199-46C8-B651-1E4D78A99001}C:\users\moe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\moe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{43618246-8F98-45CC-AF93-6541D8A52397}E:\games\cs 1.6\hl.exe" = protocol=17 | dir=in | app=e:\games\cs 1.6\hl.exe |
"UDP Query User{45531C5D-53AD-4423-ABF3-D89FE3D0FA3E}Z:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=z:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{514C7E81-6BD4-467C-A1D2-C05F0476F047}E:\games\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=e:\games\stronghold crusader\stronghold crusader.exe |
"UDP Query User{61DF3F85-E2A8-4A07-8982-114CC851DC9E}Z:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=z:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{763BA7D2-3ED0-4E4A-B76C-8D98D8CEB91A}Z:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=z:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{877329CD-E728-4BBC-93EC-1C8B46343546}Z:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=z:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{939EDB06-579D-4B12-822A-D24E6AB63DFC}Z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=z:\program files (x86)\ea games\battlefield vietnam\bfvietnam.exe |
"UDP Query User{95FE4D22-2E42-4FF7-8D56-23D732A75C35}Z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe" = protocol=17 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe |
"UDP Query User{A1075624-8944-45FC-A527-15FE153DFB76}C:\users\moe\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\moe\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A604D478-9A47-4324-8F5C-94BD1D1A925F}Z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe" = protocol=17 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ucc.exe |
"UDP Query User{A6B3A3BC-E3A8-4E2E-8BA4-E96F3DD8F593}Z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=z:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |
"UDP Query User{AE6BCFC5-6D48-4632-A4C5-1DEB2F245436}Z:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=z:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{C04EEB8B-36A7-41CD-85EC-3FF34535166E}E:\games\quakeiii\quake3.exe" = protocol=17 | dir=in | app=e:\games\quakeiii\quake3.exe |
"UDP Query User{C283089F-DAA1-4DA9-A338-CE36EA2F7179}Z:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=z:\program files (x86)\valve\hl.exe |
"UDP Query User{C8760FB8-7B95-43F6-B671-A6884486CD05}Z:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=z:\program files (x86)\ea games\battlefield 1942\bf1942.exe |
"UDP Query User{CA05EB53-9065-4305-B2A0-8684710D2FFC}G:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=g:\games\warcraft iii\war3.exe |
"UDP Query User{D0770CC2-D257-4194-BBD3-5923393239F6}Z:\program files (x86)\ea sports\madden nfl 06\mainapp.exe" = protocol=17 | dir=in | app=z:\program files (x86)\ea sports\madden nfl 06\mainapp.exe |
"UDP Query User{D680ECDF-D18B-4AE0-BB6C-440F4D7AD490}G:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=g:\games\warcraft iii\war3.exe |
"UDP Query User{D9CB82E7-AA4B-43E7-9365-9BD530116A00}E:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\games\warcraft iii\war3.exe |
"UDP Query User{E74EA1FC-1B26-4343-8FDE-BD7822AEB131}Z:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=z:\program files (x86)\valve\hl.exe |
"UDP Query User{E8E47F64-A136-4835-94F4-C7B547FD57DB}Z:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=z:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{F6208B1D-28AA-4BA0-8112-D972EFF1D1BE}E:\games\flatout!\flatout2.exe" = protocol=17 | dir=in | app=e:\games\flatout!\flatout2.exe |
"UDP Query User{FD52D26D-E47D-4513-8C29-D2BCFE836BE6}E:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\games\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A1A7434-D996-350A-F6FD-3A3EF8189B7E}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{045EB31E-AE9B-9726-428B-C56CED299D17}" = CCC Help Korean
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07A80ED7-EE6F-DAF7-2B68-7BFC0AB394C8}" = Catalyst Control Center Localization All
"{0B2B4860-D5C9-5903-99A2-844B2F3184CC}" = CCC Help German
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1A7CDBFD-9FE9-83AC-6AB4-19EDD22D06E2}" = CCC Help Danish
"{1B55C5CD-051C-6F83-9663-FAB967734746}" = Skins
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{233DC280-BF32-3C6A-3DE0-9C0E15A55294}" = CCC Help Swedish
"{2353A12B-AA20-5EB7-3361-CEB8055FD3AC}" = CCC Help Chinese Standard
"{26427E43-8B33-7063-F26D-59C1120CE2DF}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26C96F4B-F019-3F40-1352-AD5298450372}" = CCC Help French
"{2B21DEAC-4EB7-4516-8E0C-F1F3A29FF2AE}" = Gothic III - Götterdämmerung Patch
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40F4FF7A-B214-4453-B973-080B09CED019}" = LoJack Factory Installer
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ADEAE70-10F8-6EE1-1CB5-B68B4917C565}" = CCC Help Norwegian
"{4C11F1A6-CE0F-93C8-B108-228A4A551789}" = Catalyst Control Center InstallProxy
"{4E15A0E1-A588-C578-E0C3-4835BA0225ED}" = CCC Help Finnish
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57FE772D-FA6C-65C7-58E7-9CEC7E3501B7}" = CCC Help Italian
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{64A7F1FB-ACEC-BAFB-8FAD-BB87580D796C}" = Catalyst Control Center Graphics Full Existing
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767ECF6F-2344-4103-0091-44584B70D7CA}" = Madden NFL 06
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79FC04F1-E592-C8D7-41CE-319A8B900902}" = CCC Help Portuguese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{82B21A86-5526-9BA3-2B17-65AF582BF267}" = Catalyst Control Center Core Implementation
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C3737D8-5958-218F-8219-9117054430F5}" = Catalyst Control Center Graphics Light
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8F803766-0BAB-CACF-5943-4099F0DFBCE7}" = CCC Help Chinese Traditional
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AFA32E15-B53C-0C82-2C91-93C927258842}" = CCC Help Spanish
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B4483ACC-2281-6167-02E6-4171E7F9A9A8}" = Catalyst Control Center Graphics Previews Vista
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C31E0F2C-FB0F-552D-C864-138726D5C19A}" = CCC Help English
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CA886961-382C-8282-AD77-0AB1659FE40D}" = Catalyst Control Center Graphics Previews Common
"{CDD2DDE1-30BB-05D8-BBCE-433F54531F78}" = ccc-core-static
"{D48B6973-9CC4-DFC3-3696-1BA76796C1F3}" = CCC Help Dutch
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0D32964-37E5-8405-1AF0-D31F1120B9AE}" = CCC Help Russian
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F278E7E7-89AE-0F98-DEBF-DB0C5AF4971B}" = CCC Help Japanese
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"ArtMoney SE_is1" = ArtMoney SE v7.38
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"Avira AntiVir Desktop" = Avira Free Antivirus
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PunkBusterSvc" = PunkBuster Services
"Steam App 10" = Counter-Strike
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1562325414-483069299-86723442-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.05.2012 13:35:28 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fifa.exe, Version: 1.0.0.0, Zeitstempel:
0x4c8a90dc Name des fehlerhaften Moduls: fifa.exe, Version: 1.0.0.0, Zeitstempel:
0x4c8a90dc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0096a34d ID des fehlerhaften Prozesses:
0x1d0 Startzeit der fehlerhaften Anwendung: 0x01cd32b8cc986437 Pfad der fehlerhaften
Anwendung: Z:\Program Files (x86)\EA Sports\FIFA 11\Game\fifa.exe Pfad des fehlerhaften
Moduls: Z:\Program Files (x86)\EA Sports\FIFA 11\Game\fifa.exe Berichtskennung:
5bf7264d-9eb4-11e1-ad57-5c260a165dca
Error - 16.05.2012 05:27:54 | Computer Name = moe-pc | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 16.05.2012 05:37:51 | Computer Name = moe-pc | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 16.05.2012 10:49:55 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0xc64 Startzeit der fehlerhaften Anwendung: 0x01cd33732732495c
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
664818e0-9f66-11e1-9f2c-5c260a165dca
Error - 16.05.2012 10:50:31 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0xe4c Startzeit der fehlerhaften Anwendung: 0x01cd33733d6dba9a
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
7b3c92ce-9f66-11e1-9f2c-5c260a165dca
Error - 16.05.2012 10:51:13 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0x1668 Startzeit der fehlerhaften Anwendung: 0x01cd337357016645
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
94d02edc-9f66-11e1-9f2c-5c260a165dca
Error - 16.05.2012 10:51:26 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0xfd8 Startzeit der fehlerhaften Anwendung: 0x01cd33735e8daa24
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
9c5cd848-9f66-11e1-9f2c-5c260a165dca
Error - 16.05.2012 10:53:42 | Computer Name = moe-pc | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 16.05.2012 10:54:11 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0xe0 Startzeit der fehlerhaften Anwendung: 0x01cd3373bfd0fd84
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
fec5fe8c-9f66-11e1-862a-5c260a165dca
Error - 16.05.2012 10:54:59 | Computer Name = moe-pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MassEffectConfig.exe, Version: 1.2.0.13,
Zeitstempel: 0x481b677e Name des fehlerhaften Moduls: MassEffectConfig.exe, Version:
1.2.0.13, Zeitstempel: 0x481b677e Ausnahmecode: 0xc000000d Fehleroffset: 0x000ad694
ID
des fehlerhaften Prozesses: 0xa80 Startzeit der fehlerhaften Anwendung: 0x01cd3373dd6f0ceb
Pfad
der fehlerhaften Anwendung: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Pfad
des fehlerhaften Moduls: Z:\Games\Mass Effect\Binaries\MassEffectConfig.exe Berichtskennung:
1b3b165a-9f67-11e1-862a-5c260a165dca
[ Dell Events ]
Error - 10.06.2011 17:09:24 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 12.06.2011 15:46:47 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 12.06.2011 15:46:47 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 06:42:48 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 06:42:48 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 09:09:17 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 09:09:17 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 10:01:44 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 20.06.2011 10:01:44 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 22.06.2011 09:16:10 | Computer Name = moe-pc | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
[ System Events ]
Error - 15.05.2013 10:03:57 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Audio" ist vom Dienst "Multimediaklassenplaner"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 15.05.2013 10:05:09 | Computer Name = moe-pc | Source = DCOM | ID = 10016
Description =
Error - 15.05.2013 10:05:12 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Audio" ist vom Dienst "Multimediaklassenplaner"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 15.05.2013 10:05:40 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Audio" ist vom Dienst "Multimediaklassenplaner"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 15.05.2013 18:07:37 | Computer Name = moe-pc | Source = DCOM | ID = 10016
Description =
Error - 16.05.2013 05:59:10 | Computer Name = moe-pc | Source = DCOM | ID = 10016
Description =
Error - 16.05.2013 16:29:25 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7034
Description = Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 16.05.2013 16:29:25 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Service Agent" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
Error - 16.05.2013 16:29:25 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7034
Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 16.05.2013 16:29:25 | Computer Name = moe-pc | Source = Service Control Manager | ID = 7034
Description = Dienst "SupportSoft Sprocket Service (DellSupportCenter)" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
< End of report >
Ich hoffe, dass ich soweit alles richtig gemacht habe und bedanke mich im Voraus.  |
|
17.05.2013, 11:35
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner TR/Dropper.gen gefunden! Hallo und
__________________ Zitat:
Schön und wo sind die Logs dazu? Mit solchen unkonkreten Angaben kann dir niemand helfen!  Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
17.05.2013, 15:08
| #3 |
| | Trojaner TR/Dropper.gen gefunden! Danke für die schnelle Antwort.
__________________Ich hoffe, das ist das richtige: Code:
ATTFilter Exportierte Ereignisse:
16.05.2013 21:39 [System-Scanner] Malware gefunden
Die Datei 'Z:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hlds.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '59c194bd.qua'
verschoben!
16.05.2013 21:07 [Echtzeit-Scanner] Malware gefunden
In der Datei 'Z:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hlds.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
16.05.2013 21:07 [Echtzeit-Scanner] Malware gefunden
In der Datei 'Z:\Program Files (x86)\Steam\SteamApps\downloading\70\hlds.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
|
|
17.05.2013, 15:55
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Dropper.gen gefunden! Steam/Half-Life kommt aus offizieller Quelle? Was ist Laufwerk Z bei dir?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 16:02
| #5 |
| | Trojaner TR/Dropper.gen gefunden! Jap. Ich habe mir Half-Life gekauft und einen Steam Account eingerichtet damit ich Counter-Strike online spielen kann. Der Account ist schon richtig alt aber ich habe vor ca einem Monat mal wieder angefangen im Internet zu spielen. Ich habe meine Festplatten partitioniert und das Laufwerk Z eingerichtet, um darauf meine Spiele etc zu installieren. Ich habe gelesen, dass ich dadurch mein System nicht so stark belaste. |
|
17.05.2013, 16:07
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Dropper.gen gefunden! Ich halte zwar von dieser Trennerei wenig bis garnix, aber diese Funde scheinen mE nach Fehlalarmezu sein
__________________ --> Trojaner TR/Dropper.gen gefunden! |
|
17.05.2013, 16:09
| #7 |
| | Trojaner TR/Dropper.gen gefunden! Okay. Bedeutet das, dass ich den TR/Dropper.gen aus der Avira Quarantäne löschen kann und mein Laptop nicht(mehr) infiziert ist? |
|
17.05.2013, 18:23
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Dropper.gen gefunden! I break together  was bitte hast du denn an Fehlalarm nicht verstanden?Fehlalarm = kein Schädling! Wenn deine Alarmanlage einen Fehlalarm hatte, dann war ja wohl auch kein Einbrecher da oder etwa doch?!  Aner lösch es ruhig aus der Q wenn du Half-Life zerstören willst und es neu installieren (oder sogar über Valve/Steam neu beziehen?) musst...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 20:10
| #9 |
| | Trojaner TR/Dropper.gen gefunden! Okay. Danke für die Hilfe. |
|
17.05.2013, 20:47
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Dropper.gen gefunden! Stell es aus der Q mal wieder bitte her, sodass die Dinger wieder am Ursprungsort sind. AntiVir aktualisieren. Berichte bitte ob die Dateien immer noch gemeldet werden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 22:30
| #11 |
| | Trojaner TR/Dropper.gen gefunden! Hab die Datein TR/Dropper.gen wiederhergestellt aber Avira hat bei einem erneuten Suchlauf nicht mehr gefunden. |
|
17.05.2013, 22:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Dropper.gen gefunden! Ich sag ja Fehlalarm 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 23:23
| #13 |
| | Trojaner TR/Dropper.gen gefunden! Optimal. Danke |
|
| Themen zu Trojaner TR/Dropper.gen gefunden! |
| antivir, autorun, avira, bho, black, desktop, error, firefox, flash player, format, helper, home, install.exe, internet, logfile, metin2, microsoft office starter 2010, mozilla, plug-in, realtek, registry, rundll, security, senden, spotify web helper, storm, svchost.exe, tr/dropper.gen, trojaner, udp, windows, wlan |
Linear-Darstellung
