Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 18.02.2012, 19:21   #16
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Im Internet Explorer ist kein Proxy aktiviert!

OTL.Txt
Code:
ATTFilter
OTL logfile created on: 18.02.2012 19:22:41 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\beckto\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,52 Gb Available Physical Memory | 69,03% Memory free
16,17 Gb Paging File | 14,00 Gb Available in Paging File | 86,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,97 Gb Total Space | 626,80 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive D: | 14,54 Gb Total Space | 1,58 Gb Free Space | 10,88% Space Free | Partition Type: NTFS
Drive L: | 74,54 Gb Total Space | 18,77 Gb Free Space | 25,19% Space Free | Partition Type: FAT32
 
Computer Name: BECKTO-PC | User Name: beckto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.13 16:39:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
PRC - [2012.02.02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
PRC - [2008.11.03 17:21:18 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.11.03 17:21:16 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.10.17 16:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.10.17 16:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.09.26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2008.10.17 16:57:20 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.09.15 15:14:32 | 000,028,672 | ---- | M] () -- c:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2008.11.09 23:32:28 | 000,918,528 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012.02.12 19:13:17 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012.01.20 21:15:41 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2011.04.24 21:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.11 15:06:02 | 002,225,416 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe -- (ClipInc001)
SRV - [2008.11.03 17:21:18 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.22 03:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1109000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011.08.22 03:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011.08.04 05:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2010.04.29 06:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010.04.22 03:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1109000.00C\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010.04.22 03:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010.04.10 13:27:24 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.08.30 01:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.10 03:08:52 | 004,825,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008.11.03 17:10:08 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008.08.06 17:26:08 | 000,174,592 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007.05.02 10:12:30 | 000,145,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_mdm.sys -- (ssm_mdm)
DRV:64bit: - [2007.05.02 10:12:30 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV:64bit: - [2007.05.02 10:12:30 | 000,019,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl)
DRV:64bit: - [2007.03.08 15:19:00 | 000,012,800 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2012.02.04 09:34:34 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.02.04 09:34:34 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.12.16 00:33:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120217.003\IDSviA64.sys -- (IDSVia64)
DRV - [2011.12.01 03:25:03 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120215.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.08.07 18:16:27 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120217.036\EX64.SYS -- (NAVEX15)
DRV - [2011.08.07 18:16:26 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120217.036\ENG64.SYS -- (NAVENG)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2008.09.26 02:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.09.10 02:19:36 | 000,025,888 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms -- (PCD5SRVC{8AAF211B-043E02A9-05040000})
DRV - [2005.01.01 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011.07.20 12:37:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2012.02.18 18:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.29 19:31:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.05 16:55:22 | 000,000,000 | ---D | M]
 
[2010.02.12 10:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beckto\AppData\Roaming\mozilla\Extensions
[2012.01.01 18:23:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions
[2010.02.12 11:09:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.08 18:32:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.03 11:26:33 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.01 18:23:13 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\battlefieldheroespatcher@ea.com
[2011.09.23 22:52:19 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\plugin@yontoo.com
[2011.11.28 19:11:26 | 000,002,342 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icq-search.xml
[2011.12.15 17:43:16 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin-1.xml
[2011.12.29 19:31:49 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin-2.xml
[2011.12.04 13:13:53 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin.xml
[2012.02.15 16:12:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.16 19:45:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.15 16:12:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.12.29 19:31:35 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.15 16:12:03 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.29 19:31:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.29 19:31:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.29 19:31:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.29 19:31:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\beckto\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\beckto\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range2 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D96B4E8-CD7C-4D40-AF54-A2E1E309910C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.16 21:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.16 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.16 18:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.16 18:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.16 18:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.15 18:02:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.15 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Local\sabnzbd
[2012.02.15 16:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DRAGON
[2012.02.15 16:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DRAGON
[2012.02.15 16:47:21 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\beckto\Desktop\aswMBR.exe
[2012.02.15 16:12:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.15 16:12:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.15 16:12:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.15 15:33:52 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 15:33:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.15 15:33:44 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.15 15:33:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.15 15:33:44 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 15:33:44 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.15 15:33:44 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.15 15:33:44 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.02.15 15:33:44 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 15:33:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 15:33:44 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.02.15 15:33:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.02.15 15:33:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.15 15:33:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.02.15 15:33:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.15 15:33:43 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.02.15 15:33:43 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 15:33:43 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.02.15 15:33:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.02.15 15:33:43 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.02.15 15:33:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.02.15 15:33:43 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 15:33:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.02.15 15:33:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.02.15 15:33:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.02.15 15:33:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 15:33:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.02.15 15:33:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.15 15:33:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.15 15:33:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.13 16:39:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
[2012.02.12 17:40:57 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Roaming\Malwarebytes
[2012.02.12 17:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.12 17:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.12 17:40:47 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.12 17:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.09 21:43:42 | 000,000,000 | ---D | C] -- C:\Threatfire
[2012.02.09 21:43:30 | 000,000,000 | ---D | C] -- C:\Malwarebyte
[2012.02.09 21:43:16 | 000,000,000 | ---D | C] -- C:\OTL
[2012.02.09 10:49:05 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.01.31 06:57:11 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.31 06:57:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.18 18:11:21 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 18:11:21 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 18:11:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.16 22:36:17 | 000,000,368 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223614.reg
[2012.02.16 22:35:53 | 000,000,174 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223550.reg
[2012.02.16 22:35:35 | 000,000,520 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223532.reg
[2012.02.16 22:35:08 | 000,005,960 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223503.reg
[2012.02.16 21:38:01 | 001,598,180 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.16 21:38:01 | 000,682,888 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.16 21:38:01 | 000,642,218 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.16 21:38:01 | 000,154,210 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.16 21:38:01 | 000,125,768 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.16 18:45:26 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.16 18:20:43 | 000,335,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 23:16:54 | 000,000,512 | ---- | M] () -- C:\Users\beckto\Desktop\MBR.dat
[2012.02.15 16:47:41 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\beckto\Desktop\aswMBR.exe
[2012.02.15 16:12:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.02.15 16:12:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.15 16:12:02 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.15 16:12:02 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.13 16:39:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
[2012.02.12 17:40:49 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.09 19:19:32 | 001,402,880 | R--- | M] () -- C:\HiJackThis.msi
[2012.02.09 18:20:38 | 000,006,836 | ---- | M] () -- C:\Users\beckto\AppData\Local\d3d9caps.dat
[2012.02.07 19:21:36 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.02.03 18:29:22 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.01.27 18:26:19 | 000,013,312 | ---- | M] () -- C:\Users\beckto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.26 21:25:26 | 000,000,582 | ---- | M] () -- C:\Users\beckto\Documents\Hoffnung.lnk
 
========== Files Created - No Company Name ==========
 
[2012.02.16 22:36:15 | 000,000,368 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223614.reg
[2012.02.16 22:35:51 | 000,000,174 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223550.reg
[2012.02.16 22:35:34 | 000,000,520 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223532.reg
[2012.02.16 22:35:05 | 000,005,960 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223503.reg
[2012.02.16 18:45:26 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.15 17:26:43 | 000,000,512 | ---- | C] () -- C:\Users\beckto\Desktop\MBR.dat
[2012.02.12 17:40:49 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.09 21:44:10 | 001,402,880 | R--- | C] () -- C:\HiJackThis.msi
[2012.01.26 21:25:26 | 000,000,582 | ---- | C] () -- C:\Users\beckto\Documents\Hoffnung.lnk
[2011.12.15 17:19:11 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ4809N.DAT
[2011.10.02 18:03:16 | 000,006,836 | ---- | C] () -- C:\Users\beckto\AppData\Local\d3d9caps.dat
[2010.10.31 07:34:22 | 000,000,094 | ---- | C] () -- C:\Users\beckto\AppData\Local\fusioncache.dat
[2010.10.31 07:32:46 | 001,489,258 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.25 22:34:53 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009.10.27 17:28:07 | 000,001,512 | ---- | C] () -- C:\Users\beckto\AppData\Roaming\wklnhst.dat
[2009.10.20 12:21:16 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.10.20 12:20:55 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.10.20 12:20:39 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.02.27 00:20:20 | 000,000,754 | ---- | C] () -- C:\Windows\wiso.ini
[2009.02.26 23:34:03 | 000,000,219 | ---- | C] () -- C:\Windows\BUHL.INI
[2009.02.08 20:46:14 | 000,013,312 | ---- | C] () -- C:\Users\beckto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.05 22:39:20 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2008.11.19 21:38:51 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.11.19 14:02:15 | 000,000,428 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2008.11.19 13:25:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.11.19 13:22:33 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008.11.19 13:07:03 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008.11.19 13:07:03 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 
========== LOP Check ==========
 
[2011.11.04 21:46:54 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\.minecraft
[2009.10.27 22:11:25 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\AAV
[2011.11.26 15:13:58 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Amazon
[2011.12.15 17:54:32 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Canon
[2011.03.17 17:50:24 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Cornelsen
[2011.12.04 12:16:12 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\DVDVideoSoft
[2011.11.22 19:55:47 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.09.18 18:13:04 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Elaborate Bytes
[2011.09.16 22:25:48 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\FreeFLVConverter
[2009.02.02 23:48:49 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\FRITZ!
[2009.05.02 12:32:51 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\GARMIN
[2011.05.11 15:01:41 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\gtk-2.0
[2011.11.28 18:45:08 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\ICQ
[2011.09.24 14:45:46 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Image-Line
[2009.12.21 18:28:40 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\LEGO Company
[2011.09.13 18:16:05 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Notepad++
[2010.07.04 14:06:33 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\PhotoScape
[2011.05.11 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Scribus
[2011.11.24 15:15:59 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\SPORE Creature Creator
[2009.10.27 17:28:09 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Template
[2009.02.05 22:42:36 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Tobit
[2011.11.21 19:11:45 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\TS3Client
[2011.05.15 10:37:50 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\ts3overlay
[2010.10.31 07:36:20 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\Turbine
[2011.05.14 17:32:16 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\wargaming.net
[2009.08.01 18:44:56 | 000,000,000 | ---D | M] -- C:\Users\beckto\AppData\Roaming\WinBatch
[2011.02.21 10:59:59 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012.02.18 02:05:25 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Extras.Txt

Code:
ATTFilter
OTL Extras logfile created on: 18.02.2012 19:22:41 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\beckto\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,52 Gb Available Physical Memory | 69,03% Memory free
16,17 Gb Paging File | 14,00 Gb Available in Paging File | 86,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,97 Gb Total Space | 626,80 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive D: | 14,54 Gb Total Space | 1,58 Gb Free Space | 10,88% Space Free | Partition Type: NTFS
Drive L: | 74,54 Gb Total Space | 18,77 Gb Free Space | 25,19% Space Free | Partition Type: FAT32
 
Computer Name: BECKTO-PC | User Name: beckto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = A1 8B 34 3C 33 57 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1333A9D6-F0C7-4470-9CED-FE09C2F4F3A8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2BF120D6-1F9A-47C4-B1C2-1DA4C75DA67C}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface | 
"{4E9C4B3E-C593-4646-8D39-ABB07DA00A19}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5110711D-7538-4856-90E2-A87C29DDE50E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{59EE28CB-ACF8-46FD-9D5C-501447F02660}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{60645A38-AA25-4D74-977E-A7ECDE6BD5D6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6E4F5221-0803-4F64-96EB-B0586DE29AF5}" = rport=137 | protocol=17 | dir=out | app=system | 
"{87B71DB2-9EB9-4118-9DE0-591B0EB622ED}" = rport=445 | protocol=6 | dir=out | app=system | 
"{95C71BAE-6175-488F-88D2-62F4409597FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CAF5B240-F280-4323-84CE-7ABE47923C96}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E38E26E7-D022-48A7-AE62-324DD149A3AD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E81F4609-4B15-48DA-94F2-17795B7EC925}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D87EE2F-D33D-4EB1-98CB-D258142E995C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{200E5605-4909-4F6C-8768-C91A1EFA297C}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit clipinc\player\clipinc-player.exe | 
"{244AFF89-5AFF-46D4-8700-D280C4DF5AF6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{319C43A2-2E1E-4765-B9A7-D763EF438F8A}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit clipinc\player\clipinc-player.exe | 
"{3294B831-2127-4C8E-8B12-CD46987902BB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{340D0199-59EF-468E-A221-8473D66BE324}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
"{3A6BF761-E186-48CB-B0EB-E2E5AFCF48E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{56184837-1579-4050-A41B-F9075ABA76A5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
"{56808872-44F2-4CB4-B3C7-350B21908A12}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{5DCB21FA-FD5F-449E-8CE8-3902DA45AB5C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | 
"{655527E8-0D3B-4ABF-91A4-96B86196FAC4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{6AE96F6F-BE2A-42D9-B318-3144D014F444}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6CC27AEB-E21F-4313-B001-C70821608BBD}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit clipinc\server\clipinc-server.exe | 
"{7F762B2A-DC07-4E68-99BC-34D58B1426F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{842FA9C7-C5BC-40BF-8AFE-CEAD953F89AB}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit clipinc\server\clipinc-server.exe | 
"{85D7EA1A-120B-4FB0-B2D6-C68C15FF881E}" = protocol=6 | dir=in | app=c:\users\beckto\appdata\local\akamai\netsession_win.exe | 
"{8673EB0E-F43B-4E0B-993A-A538C5DA6F06}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
"{8C594390-305A-403A-A5BA-7B994CA4FDA9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8F287FAF-C57D-4669-B59E-40F6B0644574}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | 
"{932866C5-ECE1-4EEC-9B0C-53E7DC386133}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{9388D3F1-BDFA-45DC-8C73-65C84B926C3A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | 
"{9FD8B0C1-02EE-460F-A227-A050D015B0A2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
"{A06A6A21-2E5B-43BC-A528-4A992F5146AB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A096BCDF-B228-48B6-BF0C-9C3834F839BD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | 
"{C97E480A-FA69-4D0B-9CFC-997A08D25A73}" = protocol=17 | dir=in | app=c:\users\beckto\appdata\local\akamai\netsession_win.exe | 
"{D8137223-7BD1-49A8-B32F-AAEF0368983C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | 
"{DC2A5F58-2EF3-449B-8DE9-076A4B96DED9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E5A8B61C-8561-4609-8DB5-F616780ED6E2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
"{E7FFFA42-9B19-4E24-A684-4F82DD55BDF1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
"{F1C06EDF-63CC-4BF0-A22E-55BF124365BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F99C62FE-E7E0-4A77-BFB3-44CB95A88E08}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05C2FF93-1708-14F3-7764-E2FA94125A10}" = ATI Catalyst Install Manager
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809" = CanoScan LiDE 210 Scanner Driver
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7647E230-D0E7-B2C9-EA66-78051500A808}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Hardware Diagnose Tools
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{0808E971-58C1-1D83-9930-C6D2ED22D0F9}" = CCC Help English
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{128A289E-9927-2097-1837-04EC9E480BED}" = Catalyst Control Center Graphics Previews Vista
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.3.11
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2243253D-C2A2-9079-E89F-D74FF8D75A89}" = Catalyst Control Center Localization Finnish
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{263DE13F-61FD-A28A-4B9D-C72AA72C25C8}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2E9BD664-F25E-1620-8997-D574E1E89107}" = CCC Help Thai
"{3202CC4E-4A13-F909-BE5E-A4C6D3DA8B78}" = CCC Help Dutch
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32B93B86-A83F-A50D-6319-C0369700D0AA}" = Catalyst Control Center Graphics Light
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{45E902EA-88DB-1254-9056-6BF02B87AACA}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4E8F00-60D5-743F-F19F-86AAA15A4CBC}" = CCC Help Hungarian
"{4BBE0F16-BF2F-C1DB-FFF1-60B4ED1BFB22}" = Catalyst Control Center Localization Korean
"{4D7B0A60-02E8-78C7-06D8-3824FEB0AADD}" = CCC Help Danish
"{4D8E10A4-0752-648F-06AD-0367B70C7E0A}" = ccc-core-static
"{4F1634E4-95F2-0838-EB37-1B7BAD3F10B4}" = CCC Help German
"{4FAEB344-BF38-E170-4C8F-254D1C4C911D}" = Catalyst Control Center Localization Portuguese
"{53F7328C-6687-4AC9-9F68-2E28D8273033}_is1" = Südtirol (Topo)
"{54404D8B-1C8D-566A-4784-954844ED870F}" = CCC Help Chinese Traditional
"{58C967CF-488B-434C-AE03-70EC781106D7}}_is1" = SüdtirolOVL
"{5C4FE4A5-4D37-3654-D899-7E8CDB905499}" = CCC Help French
"{5E040210-8D8F-731E-F7BD-80AE8F8D3BF2}" = Catalyst Control Center Localization Norwegian
"{63C2F5DA-017A-8DA9-5B3E-FC8D0F1DBCA8}" = Catalyst Control Center Localization Swedish
"{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{677922E8-8C39-F8A2-C80E-271FAEFBF699}" = Catalyst Control Center Localization Polish
"{6B3F6013-AD51-873A-9B30-FECD2B96FA03}" = Catalyst Control Center Localization German
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6BBCA753-41B1-1375-D8DB-E9CC89A9A714}" = Catalyst Control Center Localization Thai
"{6C2F776F-A2AE-129E-8F40-F54322164FE6}" = Catalyst Control Center Localization Dutch
"{6EC96F37-F96B-9ED5-BDB6-B9FF31854966}" = Catalyst Control Center Localization Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}" = InfoBibliothek 2
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{8263696C-ECF6-64E1-8345-3BFAE5FE28FA}" = Catalyst Control Center Localization Italian
"{82D9289F-106D-6721-76CD-F501BD4E60C5}" = Catalyst Control Center Localization Danish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{929F57D2-9EEC-3056-0047-AECFA1E582C8}" = CCC Help Spanish
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96017B85-FF83-5078-460A-B7800E3BAB0B}" = CCC Help Italian
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A140CCEE-8BE7-8B2A-A9E2-DC4EE9431135}" = CCC Help Greek
"{A14B3B6E-F6B1-2E74-0EC1-B1CB333276BB}" = Catalyst Control Center Localization Hungarian
"{A24AC565-0F2A-8729-1913-6DC707F847F0}" = Catalyst Control Center Localization Japanese
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB8DA2D8-11D5-0542-74CA-31F57127A3AD}" = Catalyst Control Center Core Implementation
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADFF3B15-A5C9-2004-B990-8EDD2739809B}" = CCC Help Japanese
"{B1BCB022-0BCA-CEDD-E1F7-66F87A36E9E2}" = CCC Help Czech
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9F24235-FE7C-FCA5-7158-F8B7E6A5EF77}" = CCC Help Norwegian
"{BD0F2CF0-0093-5959-3FF7-D48FB35804CD}" = Catalyst Control Center Localization French
"{BF63E1F0-FA38-10B6-6FE9-059E175E2595}" = CCC Help Turkish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6AD5D5C-0791-C3F6-B4CF-C6DD95F88806}" = Catalyst Control Center Graphics Full Existing
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB59183B-4DEF-BA61-837B-A597B6AD8D42}" = Catalyst Control Center Localization Chinese Standard
"{CD6C83D2-48BD-C2FC-1A04-4EFF446EA89D}" = CCC Help Russian
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0CB63D4-FF40-6F88-C653-922E38AF199F}" = CCC Help Polish
"{D3560032-D697-8CA6-F23D-9E973C253E29}" = Catalyst Control Center Localization Greek
"{D64C4123-EAD0-4B7C-BE2A-B18D07657DA4}" = Haushaltsbuch
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DBF0A4ED-2B3F-9243-1A02-3068A0804A75}" = CCC Help Swedish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCCB8907-5B03-81FA-0212-6BC955A8DD96}" = CCC Help Chinese Standard
"{DCFFA267-43EE-163C-C892-799C2037BECB}" = Catalyst Control Center InstallProxy
"{DE92C0B9-63AA-B22D-3D37-E32F92F5EA0D}" = Catalyst Control Center Localization Russian
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E503B81F-5987-AB68-6BF7-6BD0D4449B67}" = Catalyst Control Center Localization Turkish
"{E79945AB-C672-48F3-8BC3-E57FE021DFF9}" = Catalyst Control Center - Branding
"{E8B55EF4-DEA6-4607-0BAC-3F799E8A3B84}" = CCC Help Korean
"{E8C23EBE-EE3C-4299-9DB9-601AB3751454}" = AAVUpdateManager
"{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}" = Garmin MapSource
"{EBA349BA-FE63-27A7-9613-23906F832034}" = Skins
"{ED4E4157-0896-857B-3A6F-536AE5838B30}" = Catalyst Control Center Localization Czech
"{EECD2271-F792-C120-C3BC-97F6933A7118}" = CCC Help Finnish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCA59925-DA66-3D89-93A0-D90798495156}" = Catalyst Control Center Localization Spanish
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFBF517A-D536-07F1-9CBF-B1084FAB4FE8}" = Catalyst Control Center Graphics Previews Common
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"Free FLV Converter_is1" = Free FLV Converter V 7.0.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.12.1117
"GeoGebra" = GeoGebra
"germany1_is1" = Topo_Deutschland_OSM 1.0.0.7 Pro
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MWSnap 3" = MWSnap 3
"NAVIGON Fresh" = NAVIGON Fresh 3.0.1
"NIS" = Norton Internet Security
"Notepad++" = Notepad++
"PhotoScape" = PhotoScape
"QuickTime" = QuickTime
"Scribus 1.3.9" = Scribus 1.3.9
"Steam App 440" = Team Fortress 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tobit ClipInc Server" = Tobit.Software clipinc.fx
"Trusted Software Assistant_is1" = File Type Assistant
"Uninstall_is1" = Uninstall 1.0.0.1
"WildTangent hp Master Uninstall" = My HP Games
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.02.2012 13:58:09 | Computer Name = beckto-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.02.2012 13:58:09 | Computer Name = beckto-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.02.2012 13:59:18 | Computer Name = beckto-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.02.2012 13:59:19 | Computer Name = beckto-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.02.2012 16:55:15 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 16.02.2012 16:58:24 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.02.2012 17:37:48 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 17.02.2012 08:59:01 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.02.2012 21:05:22 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 18.02.2012 13:12:00 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12.02.2012 12:33:49 | Computer Name = beckto-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12.02.2012 12:33:53 | Computer Name = beckto-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12.02.2012 12:33:53 | Computer Name = beckto-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12.02.2012 12:34:30 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.02.2012 12:34:30 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 12.02.2012 14:14:29 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 15.02.2012 16:43:21 | Computer Name = beckto-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.02.2012 um 18:01:53 unerwartet heruntergefahren.
 
Error - 15.02.2012 16:46:04 | Computer Name = beckto-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.20  registriert werden. Der Computer mit IP-Adresse 192.168.178.21
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 17.02.2012 09:00:38 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 18.02.2012 13:11:36 | Computer Name = beckto-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.20  registriert werden. Der Computer mit IP-Adresse 192.168.178.21
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
 
< End of report >
         

Gruß,
Tobias

Geändert von tobeck (18.02.2012 um 19:31 Uhr)

Alt 19.02.2012, 08:54   #17
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

2.
Dir bekannt?:
[2012.02.15 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Local\sabnzbd

3.
Lösche:
Zitat:
Softonic Downloader
Anleitung für FF:-> Add-ons deinstallieren
-> Firefox mit Add-ons anpassen
-> Löschen: Firefox Add-Ons endgültig löschen | PcBeirat.de

im Internet Explorer Add-ons bzw. Erweiterungen deaktivieren/löschen ::
Verwalten von Add-Ons in Internet Explorer 9
Internet Explorer 9 Addons – installieren, deaktivieren, löschen und optimieren

4.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.
__________________

__________________

Alt 23.02.2012, 21:25   #18
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Code:
ATTFilter
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: beckto
->Temp folder emptied: 55794643 bytes
->Temporary Internet Files folder emptied: 1037965 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 28660655 bytes
->Flash cache emptied: 1500 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Internetkonto
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16817818 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 10427137 bytes
 
Total Files Cleaned = 108,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02192012_213132

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         

Code:
ATTFilter
OTL logfile created on: 19.02.2012 22:34:07 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\beckto\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,65 Gb Available Physical Memory | 70,68% Memory free
16,05 Gb Paging File | 13,93 Gb Available in Paging File | 86,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,97 Gb Total Space | 621,69 Gb Free Space | 67,80% Space Free | Partition Type: NTFS
Drive D: | 14,54 Gb Total Space | 1,68 Gb Free Space | 11,55% Space Free | Partition Type: NTFS
Drive L: | 74,54 Gb Total Space | 18,78 Gb Free Space | 25,20% Space Free | Partition Type: FAT32
 
Computer Name: BECKTO-PC | User Name: beckto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.13 16:39:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
PRC - [2012.02.02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
PRC - [2008.11.03 17:21:18 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.11.03 17:21:16 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.10.17 16:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.10.17 16:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.09.26 02:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2008.10.17 16:57:20 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2008.11.09 23:32:28 | 000,918,528 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012.02.12 19:13:17 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012.01.20 21:15:41 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe -- (NIS)
SRV - [2011.04.24 21:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.11 15:06:02 | 002,225,416 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe -- (ClipInc001)
SRV - [2008.11.03 17:21:18 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.22 03:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1109000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011.08.22 03:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011.08.04 05:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2010.04.29 06:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010.04.22 03:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1109000.00C\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010.04.22 03:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010.04.10 13:27:24 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.08.30 01:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1109000.00C\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.10 03:08:52 | 004,825,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008.11.03 17:10:08 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008.08.06 17:26:08 | 000,174,592 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007.05.02 10:12:30 | 000,145,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_mdm.sys -- (ssm_mdm)
DRV:64bit: - [2007.05.02 10:12:30 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV:64bit: - [2007.05.02 10:12:30 | 000,019,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl)
DRV:64bit: - [2007.03.08 15:19:00 | 000,012,800 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2012.02.04 09:34:34 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.02.04 09:34:34 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.12.16 00:33:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120217.003\IDSviA64.sys -- (IDSVia64)
DRV - [2011.12.01 03:25:03 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120215.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.08.07 18:16:27 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120218.008\EX64.SYS -- (NAVEX15)
DRV - [2011.08.07 18:16:26 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120218.008\ENG64.SYS -- (NAVENG)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2008.09.26 02:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.09.10 02:19:36 | 000,025,888 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms -- (PCD5SRVC{8AAF211B-043E02A9-05040000})
DRV - [2005.01.01 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011.07.20 12:37:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2012.02.19 22:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.29 19:31:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.05 16:55:22 | 000,000,000 | ---D | M]
 
[2010.02.12 10:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beckto\AppData\Roaming\mozilla\Extensions
[2012.01.01 18:23:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions
[2010.02.12 11:09:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.08 18:32:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.03 11:26:33 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.01 18:23:13 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\battlefieldheroespatcher@ea.com
[2011.09.23 22:52:19 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\beckto\AppData\Roaming\mozilla\Firefox\Profiles\tg2cafr6.default\extensions\plugin@yontoo.com
[2011.11.28 19:11:26 | 000,002,342 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icq-search.xml
[2011.12.15 17:43:16 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin-1.xml
[2011.12.29 19:31:49 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin-2.xml
[2011.12.04 13:13:53 | 000,000,950 | ---- | M] () -- C:\Users\beckto\AppData\Roaming\Mozilla\Firefox\Profiles\tg2cafr6.default\searchplugins\icqplugin.xml
[2012.02.15 16:12:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.16 19:45:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.15 16:12:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.12.29 19:31:35 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.15 16:12:03 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.29 19:31:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.29 19:31:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.29 19:31:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.29 19:31:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\beckto\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\beckto\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range2 ([*] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D96B4E8-CD7C-4D40-AF54-A2E1E309910C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.16 21:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.16 18:45:58 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.16 18:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.16 18:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.16 18:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.15 18:02:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.15 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Local\sabnzbd
[2012.02.15 16:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DRAGON
[2012.02.15 16:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DRAGON
[2012.02.15 16:47:21 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\beckto\Desktop\aswMBR.exe
[2012.02.15 16:12:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.15 16:12:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.15 16:12:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.15 15:33:52 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 15:33:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.15 15:33:44 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.15 15:33:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.15 15:33:44 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 15:33:44 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.15 15:33:44 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.15 15:33:44 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.02.15 15:33:44 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 15:33:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 15:33:44 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.02.15 15:33:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.02.15 15:33:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.15 15:33:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.02.15 15:33:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.15 15:33:43 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.02.15 15:33:43 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 15:33:43 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.02.15 15:33:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.02.15 15:33:43 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.02.15 15:33:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.02.15 15:33:43 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 15:33:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.02.15 15:33:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.02.15 15:33:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.02.15 15:33:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 15:33:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.02.15 15:33:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.15 15:33:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.15 15:33:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.13 16:39:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
[2012.02.12 17:40:57 | 000,000,000 | ---D | C] -- C:\Users\beckto\AppData\Roaming\Malwarebytes
[2012.02.12 17:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.12 17:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.12 17:40:47 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.12 17:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.09 21:43:42 | 000,000,000 | ---D | C] -- C:\Threatfire
[2012.02.09 21:43:30 | 000,000,000 | ---D | C] -- C:\Malwarebyte
[2012.02.09 21:43:16 | 000,000,000 | ---D | C] -- C:\OTL
[2012.02.09 10:49:05 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.01.31 06:57:11 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.31 06:57:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.19 22:12:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.19 22:12:19 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.19 22:12:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.16 22:36:17 | 000,000,368 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223614.reg
[2012.02.16 22:35:53 | 000,000,174 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223550.reg
[2012.02.16 22:35:35 | 000,000,520 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223532.reg
[2012.02.16 22:35:08 | 000,005,960 | ---- | M] () -- C:\Users\beckto\Documents\cc_20120216_223503.reg
[2012.02.16 21:38:01 | 001,598,180 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.16 21:38:01 | 000,682,888 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.16 21:38:01 | 000,642,218 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.16 21:38:01 | 000,154,210 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.16 21:38:01 | 000,125,768 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.16 18:45:26 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.16 18:20:43 | 000,335,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 23:16:54 | 000,000,512 | ---- | M] () -- C:\Users\beckto\Desktop\MBR.dat
[2012.02.15 16:47:41 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\beckto\Desktop\aswMBR.exe
[2012.02.15 16:12:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.02.15 16:12:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.15 16:12:02 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.15 16:12:02 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.13 16:39:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\beckto\Desktop\OTL.exe
[2012.02.12 17:40:49 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.09 19:19:32 | 001,402,880 | R--- | M] () -- C:\HiJackThis.msi
[2012.02.09 18:20:38 | 000,006,836 | ---- | M] () -- C:\Users\beckto\AppData\Local\d3d9caps.dat
[2012.02.07 19:21:36 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.02.03 18:29:22 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.01.27 18:26:19 | 000,013,312 | ---- | M] () -- C:\Users\beckto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.26 21:25:26 | 000,000,582 | ---- | M] () -- C:\Users\beckto\Documents\Hoffnung.lnk
 
========== Files Created - No Company Name ==========
 
[2012.02.16 22:36:15 | 000,000,368 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223614.reg
[2012.02.16 22:35:51 | 000,000,174 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223550.reg
[2012.02.16 22:35:34 | 000,000,520 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223532.reg
[2012.02.16 22:35:05 | 000,005,960 | ---- | C] () -- C:\Users\beckto\Documents\cc_20120216_223503.reg
[2012.02.16 18:45:26 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.02.15 17:26:43 | 000,000,512 | ---- | C] () -- C:\Users\beckto\Desktop\MBR.dat
[2012.02.12 17:40:49 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.09 21:44:10 | 001,402,880 | R--- | C] () -- C:\HiJackThis.msi
[2012.01.26 21:25:26 | 000,000,582 | ---- | C] () -- C:\Users\beckto\Documents\Hoffnung.lnk
[2011.12.15 17:19:11 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ4809N.DAT
[2011.10.02 18:03:16 | 000,006,836 | ---- | C] () -- C:\Users\beckto\AppData\Local\d3d9caps.dat
[2010.10.31 07:34:22 | 000,000,094 | ---- | C] () -- C:\Users\beckto\AppData\Local\fusioncache.dat
[2010.10.31 07:32:46 | 001,489,258 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.25 22:34:53 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009.10.27 17:28:07 | 000,001,512 | ---- | C] () -- C:\Users\beckto\AppData\Roaming\wklnhst.dat
[2009.10.20 12:21:16 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.10.20 12:20:55 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.10.20 12:20:39 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.02.27 00:20:20 | 000,000,754 | ---- | C] () -- C:\Windows\wiso.ini
[2009.02.26 23:34:03 | 000,000,219 | ---- | C] () -- C:\Windows\BUHL.INI
[2009.02.08 20:46:14 | 000,013,312 | ---- | C] () -- C:\Users\beckto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.05 22:39:20 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2008.11.19 21:38:51 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.11.19 14:02:15 | 000,000,428 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2008.11.19 13:25:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.11.19 13:22:33 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008.11.19 13:07:03 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008.11.19 13:07:03 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 19.02.2012 22:34:07 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\beckto\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,65 Gb Available Physical Memory | 70,68% Memory free
16,05 Gb Paging File | 13,93 Gb Available in Paging File | 86,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,97 Gb Total Space | 621,69 Gb Free Space | 67,80% Space Free | Partition Type: NTFS
Drive D: | 14,54 Gb Total Space | 1,68 Gb Free Space | 11,55% Space Free | Partition Type: NTFS
Drive L: | 74,54 Gb Total Space | 18,78 Gb Free Space | 25,20% Space Free | Partition Type: FAT32
 
Computer Name: BECKTO-PC | User Name: beckto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = A1 8B 34 3C 33 57 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1333A9D6-F0C7-4470-9CED-FE09C2F4F3A8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2BF120D6-1F9A-47C4-B1C2-1DA4C75DA67C}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface | 
"{4E9C4B3E-C593-4646-8D39-ABB07DA00A19}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5110711D-7538-4856-90E2-A87C29DDE50E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{59EE28CB-ACF8-46FD-9D5C-501447F02660}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{60645A38-AA25-4D74-977E-A7ECDE6BD5D6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6E4F5221-0803-4F64-96EB-B0586DE29AF5}" = rport=137 | protocol=17 | dir=out | app=system | 
"{87B71DB2-9EB9-4118-9DE0-591B0EB622ED}" = rport=445 | protocol=6 | dir=out | app=system | 
"{95C71BAE-6175-488F-88D2-62F4409597FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{CAF5B240-F280-4323-84CE-7ABE47923C96}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E38E26E7-D022-48A7-AE62-324DD149A3AD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E81F4609-4B15-48DA-94F2-17795B7EC925}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D87EE2F-D33D-4EB1-98CB-D258142E995C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{200E5605-4909-4F6C-8768-C91A1EFA297C}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit clipinc\player\clipinc-player.exe | 
"{244AFF89-5AFF-46D4-8700-D280C4DF5AF6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{319C43A2-2E1E-4765-B9A7-D763EF438F8A}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit clipinc\player\clipinc-player.exe | 
"{3294B831-2127-4C8E-8B12-CD46987902BB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{340D0199-59EF-468E-A221-8473D66BE324}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
"{3A6BF761-E186-48CB-B0EB-E2E5AFCF48E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{56184837-1579-4050-A41B-F9075ABA76A5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
"{56808872-44F2-4CB4-B3C7-350B21908A12}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{5DCB21FA-FD5F-449E-8CE8-3902DA45AB5C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | 
"{655527E8-0D3B-4ABF-91A4-96B86196FAC4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{6AE96F6F-BE2A-42D9-B318-3144D014F444}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6CC27AEB-E21F-4313-B001-C70821608BBD}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit clipinc\server\clipinc-server.exe | 
"{7F762B2A-DC07-4E68-99BC-34D58B1426F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{842FA9C7-C5BC-40BF-8AFE-CEAD953F89AB}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit clipinc\server\clipinc-server.exe | 
"{85D7EA1A-120B-4FB0-B2D6-C68C15FF881E}" = protocol=6 | dir=in | app=c:\users\beckto\appdata\local\akamai\netsession_win.exe | 
"{8673EB0E-F43B-4E0B-993A-A538C5DA6F06}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
"{8C594390-305A-403A-A5BA-7B994CA4FDA9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8F287FAF-C57D-4669-B59E-40F6B0644574}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | 
"{932866C5-ECE1-4EEC-9B0C-53E7DC386133}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{9388D3F1-BDFA-45DC-8C73-65C84B926C3A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | 
"{9FD8B0C1-02EE-460F-A227-A050D015B0A2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
"{A06A6A21-2E5B-43BC-A528-4A992F5146AB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{A096BCDF-B228-48B6-BF0C-9C3834F839BD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | 
"{C97E480A-FA69-4D0B-9CFC-997A08D25A73}" = protocol=17 | dir=in | app=c:\users\beckto\appdata\local\akamai\netsession_win.exe | 
"{D8137223-7BD1-49A8-B32F-AAEF0368983C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | 
"{DC2A5F58-2EF3-449B-8DE9-076A4B96DED9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E5A8B61C-8561-4609-8DB5-F616780ED6E2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
"{E7FFFA42-9B19-4E24-A684-4F82DD55BDF1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
"{F1C06EDF-63CC-4BF0-A22E-55BF124365BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F99C62FE-E7E0-4A77-BFB3-44CB95A88E08}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05C2FF93-1708-14F3-7764-E2FA94125A10}" = ATI Catalyst Install Manager
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809" = CanoScan LiDE 210 Scanner Driver
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7647E230-D0E7-B2C9-EA66-78051500A808}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Hardware Diagnose Tools
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{0808E971-58C1-1D83-9930-C6D2ED22D0F9}" = CCC Help English
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{128A289E-9927-2097-1837-04EC9E480BED}" = Catalyst Control Center Graphics Previews Vista
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.3.11
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2243253D-C2A2-9079-E89F-D74FF8D75A89}" = Catalyst Control Center Localization Finnish
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{263DE13F-61FD-A28A-4B9D-C72AA72C25C8}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2E9BD664-F25E-1620-8997-D574E1E89107}" = CCC Help Thai
"{3202CC4E-4A13-F909-BE5E-A4C6D3DA8B78}" = CCC Help Dutch
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32B93B86-A83F-A50D-6319-C0369700D0AA}" = Catalyst Control Center Graphics Light
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{45E902EA-88DB-1254-9056-6BF02B87AACA}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4E8F00-60D5-743F-F19F-86AAA15A4CBC}" = CCC Help Hungarian
"{4BBE0F16-BF2F-C1DB-FFF1-60B4ED1BFB22}" = Catalyst Control Center Localization Korean
"{4D7B0A60-02E8-78C7-06D8-3824FEB0AADD}" = CCC Help Danish
"{4D8E10A4-0752-648F-06AD-0367B70C7E0A}" = ccc-core-static
"{4F1634E4-95F2-0838-EB37-1B7BAD3F10B4}" = CCC Help German
"{4FAEB344-BF38-E170-4C8F-254D1C4C911D}" = Catalyst Control Center Localization Portuguese
"{53F7328C-6687-4AC9-9F68-2E28D8273033}_is1" = Südtirol (Topo)
"{54404D8B-1C8D-566A-4784-954844ED870F}" = CCC Help Chinese Traditional
"{58C967CF-488B-434C-AE03-70EC781106D7}}_is1" = SüdtirolOVL
"{5C4FE4A5-4D37-3654-D899-7E8CDB905499}" = CCC Help French
"{5E040210-8D8F-731E-F7BD-80AE8F8D3BF2}" = Catalyst Control Center Localization Norwegian
"{63C2F5DA-017A-8DA9-5B3E-FC8D0F1DBCA8}" = Catalyst Control Center Localization Swedish
"{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{677922E8-8C39-F8A2-C80E-271FAEFBF699}" = Catalyst Control Center Localization Polish
"{6B3F6013-AD51-873A-9B30-FECD2B96FA03}" = Catalyst Control Center Localization German
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6BBCA753-41B1-1375-D8DB-E9CC89A9A714}" = Catalyst Control Center Localization Thai
"{6C2F776F-A2AE-129E-8F40-F54322164FE6}" = Catalyst Control Center Localization Dutch
"{6EC96F37-F96B-9ED5-BDB6-B9FF31854966}" = Catalyst Control Center Localization Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}" = InfoBibliothek 2
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{8263696C-ECF6-64E1-8345-3BFAE5FE28FA}" = Catalyst Control Center Localization Italian
"{82D9289F-106D-6721-76CD-F501BD4E60C5}" = Catalyst Control Center Localization Danish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{929F57D2-9EEC-3056-0047-AECFA1E582C8}" = CCC Help Spanish
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96017B85-FF83-5078-460A-B7800E3BAB0B}" = CCC Help Italian
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A140CCEE-8BE7-8B2A-A9E2-DC4EE9431135}" = CCC Help Greek
"{A14B3B6E-F6B1-2E74-0EC1-B1CB333276BB}" = Catalyst Control Center Localization Hungarian
"{A24AC565-0F2A-8729-1913-6DC707F847F0}" = Catalyst Control Center Localization Japanese
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB8DA2D8-11D5-0542-74CA-31F57127A3AD}" = Catalyst Control Center Core Implementation
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADFF3B15-A5C9-2004-B990-8EDD2739809B}" = CCC Help Japanese
"{B1BCB022-0BCA-CEDD-E1F7-66F87A36E9E2}" = CCC Help Czech
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9F24235-FE7C-FCA5-7158-F8B7E6A5EF77}" = CCC Help Norwegian
"{BD0F2CF0-0093-5959-3FF7-D48FB35804CD}" = Catalyst Control Center Localization French
"{BF63E1F0-FA38-10B6-6FE9-059E175E2595}" = CCC Help Turkish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6AD5D5C-0791-C3F6-B4CF-C6DD95F88806}" = Catalyst Control Center Graphics Full Existing
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB59183B-4DEF-BA61-837B-A597B6AD8D42}" = Catalyst Control Center Localization Chinese Standard
"{CD6C83D2-48BD-C2FC-1A04-4EFF446EA89D}" = CCC Help Russian
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0CB63D4-FF40-6F88-C653-922E38AF199F}" = CCC Help Polish
"{D3560032-D697-8CA6-F23D-9E973C253E29}" = Catalyst Control Center Localization Greek
"{D64C4123-EAD0-4B7C-BE2A-B18D07657DA4}" = Haushaltsbuch
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DBF0A4ED-2B3F-9243-1A02-3068A0804A75}" = CCC Help Swedish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCCB8907-5B03-81FA-0212-6BC955A8DD96}" = CCC Help Chinese Standard
"{DCFFA267-43EE-163C-C892-799C2037BECB}" = Catalyst Control Center InstallProxy
"{DE92C0B9-63AA-B22D-3D37-E32F92F5EA0D}" = Catalyst Control Center Localization Russian
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E503B81F-5987-AB68-6BF7-6BD0D4449B67}" = Catalyst Control Center Localization Turkish
"{E79945AB-C672-48F3-8BC3-E57FE021DFF9}" = Catalyst Control Center - Branding
"{E8B55EF4-DEA6-4607-0BAC-3F799E8A3B84}" = CCC Help Korean
"{E8C23EBE-EE3C-4299-9DB9-601AB3751454}" = AAVUpdateManager
"{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}" = Garmin MapSource
"{EBA349BA-FE63-27A7-9613-23906F832034}" = Skins
"{ED4E4157-0896-857B-3A6F-536AE5838B30}" = Catalyst Control Center Localization Czech
"{EECD2271-F792-C120-C3BC-97F6933A7118}" = CCC Help Finnish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCA59925-DA66-3D89-93A0-D90798495156}" = Catalyst Control Center Localization Spanish
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFBF517A-D536-07F1-9CBF-B1084FAB4FE8}" = Catalyst Control Center Graphics Previews Common
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"Free FLV Converter_is1" = Free FLV Converter V 7.0.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.12.1117
"GeoGebra" = GeoGebra
"germany1_is1" = Topo_Deutschland_OSM 1.0.0.7 Pro
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MWSnap 3" = MWSnap 3
"NAVIGON Fresh" = NAVIGON Fresh 3.0.1
"NIS" = Norton Internet Security
"Notepad++" = Notepad++
"PhotoScape" = PhotoScape
"QuickTime" = QuickTime
"Scribus 1.3.9" = Scribus 1.3.9
"Steam App 440" = Team Fortress 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tobit ClipInc Server" = Tobit.Software clipinc.fx
"Trusted Software Assistant_is1" = File Type Assistant
"Uninstall_is1" = Uninstall 1.0.0.1
"WildTangent hp Master Uninstall" = My HP Games
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.02.2012 16:55:15 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 16.02.2012 16:58:24 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.02.2012 17:37:48 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 17.02.2012 08:59:01 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.02.2012 21:05:22 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 18.02.2012 13:12:00 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.02.2012 18:26:22 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 19.02.2012 15:56:16 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.02.2012 17:10:41 | Computer Name = beckto-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 19.02.2012 17:13:17 | Computer Name = beckto-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12.02.2012 12:33:53 | Computer Name = beckto-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12.02.2012 12:34:30 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.02.2012 12:34:30 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 12.02.2012 14:14:29 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 15.02.2012 16:43:21 | Computer Name = beckto-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.02.2012 um 18:01:53 unerwartet heruntergefahren.
 
Error - 15.02.2012 16:46:04 | Computer Name = beckto-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.20  registriert werden. Der Computer mit IP-Adresse 192.168.178.21
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 17.02.2012 09:00:38 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 18.02.2012 13:11:36 | Computer Name = beckto-PC | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.178.20  registriert werden. Der Computer mit IP-Adresse 192.168.178.21
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 19.02.2012 16:11:45 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 19.02.2012 16:31:32 | Computer Name = beckto-PC | Source = Service Control Manager | ID = 7034
Description = 
 
 
< End of report >
         
__________________

Alt 23.02.2012, 21:27   #19
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Hi Kria,
mit etwas Verspätung noch die restlichen Logfiles. Im IE Explorer und Firefox war kein Softonic mehr zu finden.
Wie gehts weiter?
Viele Grüße, Tobias

Alt 25.02.2012, 06:16   #20
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 25.02.2012, 15:26   #21
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Keine Probleme mehr, allerdings ist der PC extrem langsam, ich denke, da muss ich aber nur ein paar Sachen runterschmeißen.

Viele Grüße,

Tobias

Alt 25.02.2012, 19:21   #22
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:
Code:
ATTFilter
CCleaner
         
- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Alle Systemwiederherstellungspunkte löschen, auch den Letzten

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen)
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

5.
► für Vista Update ziehen:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!

6.
► der Internet Explorer muss aktualisiert werden! Version 9 ist aktuell...
Du kannst gleich den Internet Explorer 9 installieren, um die vorhandene Version von Internet Explorer zu ersetzen:-> Internet Explorer 9
Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann.

7.
lade Dir HijackThis 2.0.4 von *von hier* herunter
Rechtsklick drauf-> "Als Administrator ausführen" wählen
HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 01.03.2012, 20:19   #23
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:31, on 01.03.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AAV UpdateService - Unknown owner - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9096 bytes
         
Hi Kira,
hier das Logfile von HijackThis. Habe auf IE9 aktualisiert und Vista-Updates ausgeführt. Hoffe, jetzt ist alle ok? Macht es Sinn von Vista auf Win7 upzugraden?
Bin jetzt auf deine Antwort gespannt.
Viele Grüße, Tobias

Alt 02.03.2012, 07:43   #24
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Zitat:
Zitat von tobeck Beitrag anzeigen
Macht es Sinn von Vista auf Win7 upzugraden?
Bin jetzt auf deine Antwort gespannt.
ich würde damit noch warten, da Windows 8 kommt sehr bald bestimmt

1.
Empfehlungen/Vorschläge:-> Laden von Programmen beim Start von Windows Vista verhindern - Programme, die automatisch starten, und ihre Funktion

Beim Hochfahren von Windows werden einige Programme mit gestartet, die sich (mit oder ohne Zustimmung des Users) im Autostart eingetragen haben
Je mehr Programme hier aufgeführt sind, umso langsamer startet Windows. Deshalb kann es sinnvoll sein, Software die man nicht unbedingt immer benötigt, aus dem Autostart zu entfernen.- Bei allem Häkchen weg was nicht starten soll.
Die Programme bleiben dabei erhalten, falls man braucht, kann jederzeit manuell gestartet werden!

Code:
ATTFilter
Du solltest nie deaktivieren :
Grafiktreibers
Firewall
Antivirenprogramm
Sound
         
Es ist immer Benutzerspezifisch (ein allgemein gültiges Rezept gibt es nicht), Tipps kann ich Dir geben

um den Autostart von Windows Vista zu verwalten:
► Vista u. Win7: "Start -> Alle Programme-> Zubehör-> Ausführen" .. und gibst Du "msconfig" (ohne "") ein ->OK

(Autostart-Einträge, die Du nicht findest, einfach mit HijackThis fixen:
Alle Programme, Browser etc schließen→ HijackTis starten→ "Do a system scan only" anklicken→ Eintrag auswählen→ "Fix checked"klicken→ PC neu aufstarten
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen [/size]
um den Autostart von Windows XP zu verwalten:-> "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart
An deiner Stelle würde ich aus dem Autostart folgende Programme rausnehmen:
Code:
ATTFilter
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

Info: wenn Du das Media Center nicht verwendest (ehtray.exe ist ein(e) Microsoft Media Center Tray Icon):
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

Info: Wenn nicht verwendest (meistens ungefragt installiert):
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
         
Achtung!:
Für die aufgelisteten Programme gelten zusätzlich, dass man nach Aktualisierung (AfterUpdate) erneut unter Start und Dienste nachkontrollieren muss!

2.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...(Wista und WIN 7)
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Geändert von kira (02.03.2012 um 07:48 Uhr)

Alt 02.03.2012, 20:53   #25
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:31, on 01.03.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\beckto\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AAV UpdateService - Unknown owner - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9096 bytes
         

Läuft jetzt wieder echt schnell!

Gruß, Tobias

Alt 03.03.2012, 19:58   #26
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



► Somit kann ich Dein Problem als erledigt ansehen und diesen Thread schließen denke ich
Lesestoff Nr.1:
  • Wie erstelle ich ein eingeschränktes Benutzerkonto?
  • Software immer auf dem neuesten Stand halten!:
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
  • Ein sicherer Browser als IE z.B. *Ein Wechsel des Standardbrowsers zu...von SETI@home* - Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox - Standardbrowser
  • Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
    - Unbekannten E-Mail-Anhang NICHT öffnen!
  • Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    auch noch hier unter: Sicheres Kennwort (Password)
    Die fünf häufigsten Passwort-Fehler[/b[
  • "Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
    Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Bei der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
    Sponsor-Programm, Toolbars möglist abwählen (so wird oft Art von Adware/Spyware mitinstalliert)
  • NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!
  • Programme und Treiber:
    Nur vom Hersteller!
  • Onlinebanking:
    Gib deine Passwörter niemals preis!
    Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.
  • Comnputer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
    Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab
  • Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
  • Webseiten ohne Gültiges Impressum nicht besuchen
  • Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
    Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
    ► Ausserdem machst Du dich damit strafbar!
  • Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
    Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen
  • Virenscanner
  • BSI für Bürger
  • SETI@home - [Sicherheit] Sicherheitskonzept
  • Entwicklung schädlicher Websites/viruslist.com
  • Brennpunkt: Bilder und Töne
    Gefährliche Bilder, schräge Töne/BSI

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!
Zitat:
Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -
Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:wünsch Dir alles Gute

Wenn Du uns unterstützen möchtest→ Spendekonto

gruß
kira
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 06.03.2012, 21:19   #27
tobeck
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Hi Kira,
ganz herzlichen Dank für die Leistung und die Hilfe!
Ich werde von eurem Spendekonto Gebrauch machen!!!
Viele Grüße, Tobias

Alt 07.03.2012, 13:20   #28
kira
/// Helfer-Team
 
Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Standard

Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox



Vielen dank für deine Unterstützung!
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Antwort

Themen zu Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox
beheben, bezahlen, bildschirm, entferne, gesperrt, graue, interne, internet, internetverbindung, kabel, klicke, klicken, logfiles, meldung, modus, norton, ohne internetverbindung, problem, schwarze, surfe, surfen, troja, verbindung, videos, windows, youtube



Ähnliche Themen: Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox


  1. Virus? Schwarzer Bildschirm.Antivirusprogramm wurde gesperrt
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (93)
  2. Schwarzer Bildschirm, Windows System wurde geblockt
    Log-Analyse und Auswertung - 19.04.2012 (9)
  3. Windows aus Sicherheitsgründen blockiert, schwarzer Bildschirm
    Log-Analyse und Auswertung - 09.04.2012 (11)
  4. Windows gesperrt, schwarzer Bildschirm mit Button zur Eingabe von Kontodaten
    Log-Analyse und Auswertung - 06.04.2012 (1)
  5. Schwarzer Bildschirm, Deutschlandflagge, "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert"
    Log-Analyse und Auswertung - 04.04.2012 (9)
  6. Windows wurde aus Sicherheitsgründen gesperrt
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (12)
  7. schwarzer Bildschirm, meldung, ihr computer wurde gesperrt.....
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (5)
  8. Windows wurde aus Sicherheitsgründen gesperrt
    Log-Analyse und Auswertung - 16.03.2012 (24)
  9. windows wird aus Sicherheitsgründen gesperrt,pornografische bilder,laden sie,schwarzer monitor
    Plagegeister aller Art und deren Bekämpfung - 22.02.2012 (3)
  10. Schwarzer Bildschirm: ACHTUNG! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert.
    Plagegeister aller Art und deren Bekämpfung - 21.02.2012 (14)
  11. Trojaner: schwarzer Hintergrund, Bundesflagge: Ihr Windows System wurde aus Sicherheitsgründen...
    Plagegeister aller Art und deren Bekämpfung - 11.02.2012 (4)
  12. Schwarzer Bildschirm: ACHTUNG! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert.
    Plagegeister aller Art und deren Bekämpfung - 10.02.2012 (13)
  13. Hilfe!!! Schwarzer Bildschirm Windows 7 gesperrt, da infiziert, Zahlungsaufforderung
    Log-Analyse und Auswertung - 07.02.2012 (2)
  14. Plagegeist 50 Euro / schwarzer Bildschirm / Windows wurden aus Sicherheitsgründen....
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (2)
  15. Windows 7 wurde aus Sicherheitsgründen gesperrt
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (23)
  16. schwarzer bildschirm mid dem satz "aus sicherheitsgründen wurde ihr windows system blockiert"
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (9)
  17. Schwarzer Bildschirm mit dem Satz "aus Sicherheitsgründen wurde ihr Windows system blockiert"
    Plagegeister aller Art und deren Bekämpfung - 14.12.2011 (2)

Zum Thema Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox - Im Internet Explorer ist kein Proxy aktiviert! OTL.Txt Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 18.02.2012 19:22:41 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = - Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox...
Archiv
Du betrachtest: Windows wurde aus Sicherheitsgründen gesperrt -schwarzer Bildschirm- graue Bezahlbox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.