| |
| |||||||
Log-Analyse und Auswertung: Incredibar-Toolbar dauerhaft entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.08.2012, 10:56
| #1 |
| |  Incredibar-Toolbar dauerhaft entfernen Ich habe den OTL Scan so durchgeführt wie es in dem Thread dazu beschrieben war und poste hier nun die beiden Logs. Log 1 [SPOILER] OTL logfile created on: 04.08.2012 11:27:14 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Alexander\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 56,42% Memory free 6,50 Gb Paging File | 4,46 Gb Available in Paging File | 68,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 125,98 Gb Total Space | 62,21 Gb Free Space | 49,38% Space Free | Partition Type: NTFS Drive D: | 232,79 Gb Total Space | 173,96 Gb Free Space | 74,73% Space Free | Partition Type: NTFS Drive E: | 339,78 Gb Total Space | 303,05 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive F: | 372,61 Gb Total Space | 283,86 Gb Free Space | 76,18% Space Free | Partition Type: NTFS Computer Name: ALEXABDER-PC | User Name: Alexander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Alexander\Desktop\otl.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe (Adobe Systems, Inc.) PRC - C:\Programme\YourFileDownloader\YourFileUpdater.exe (hxxp://yourfiledownloader.com) PRC - D:\ExpressFiles\EFupdater.exe (hxxp://www.express-files.com/) PRC - D:\ExpressFiles\ExpressFiles.exe (hxxp://www.express-files.com/) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe () PRC - C:\Programme\Wajam\Updater\WajamUpdater.exe (Wajam) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - D:\Program\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software) PRC - D:\Program\Kies\External\FirmwareUpdate\KiesPDLR.exe () PRC - D:\Program\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Programme\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - D:\Logitech\G35\G35.exe (Logitech(c)) PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_268.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll () MOD - C:\Users\Alexander\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll () MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - D:\Program\Kies\External\FirmwareUpdate\KiesPDLR.exe () MOD - D:\Program\WinRAR\RarExt.dll () MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () MOD - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe () MOD - C:\Programme\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll () MOD - C:\Programme\Logitech\Logitech Vid\plugins\imageformats\qico4.dll () MOD - C:\Programme\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll () MOD - C:\Programme\Logitech\Logitech Vid\SDL.dll () MOD - C:\Programme\Logitech\Logitech Vid\qtxml4.dll () MOD - C:\Programme\Logitech\Logitech Vid\QtWebKit4.dll () MOD - C:\Programme\Logitech\Logitech Vid\qtsql4.dll () MOD - C:\Programme\Logitech\Logitech Vid\QtOpenGL4.dll () MOD - C:\Programme\Logitech\Logitech Vid\QtNetwork4.dll () MOD - C:\Programme\Logitech\Logitech Vid\QtGui4.dll () MOD - C:\Programme\Logitech\Logitech Vid\QtCore4.dll () MOD - C:\Programme\Logitech\Logitech Vid\phonon4.dll () ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (MBAMService) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Hamachi2Svc) -- D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe () SRV - (WajamUpdater) -- C:\Programme\Wajam\Updater\WajamUpdater.exe (Wajam) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (NitroReaderDriverReadSpool2) -- D:\Program\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (LVPrcSrv) -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (KMService) -- C:\Windows\System32\srvany.exe () ========== Driver Services (SafeList) ========== DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found DRV - (XDva394) -- C:\Windows\system32\XDva394.sys File not found DRV - (GGSAFERDriver) -- D:\Garena Classic\safedrv.sys File not found DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120711.002\BHDrvx86.sys (Symantec Corporation) DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120803.002\IDSvix86.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120803.020\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120803.020\NAVENG.SYS (Symantec Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (SymNetS) -- C:\Windows\System32\drivers\NIS\1207020.003\symnets.sys (Symantec Corporation) DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\drivers\NIS\1207020.003\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\System32\drivers\NIS\1207020.003\srtspx.sys (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\System32\drivers\NIS\1207020.003\symefa.sys (Symantec Corporation) DRV - (SymDS) -- C:\Windows\System32\drivers\NIS\1207020.003\symds.sys (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\System32\drivers\NIS\1207020.003\ironx86.sys (Symantec Corporation) DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (LADF_SBVM) -- C:\Windows\System32\drivers\ladfSBVMi386.sys (Logitech) DRV - (LADF_DHP2) -- C:\Windows\System32\drivers\ladfDHP2i386.sys (Logitech) DRV - (LVUVC) Logitech Webcam 600(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.) DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?barid={49313A42-D0B8-436D-9146-8FB437D6481C} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={49313A42-D0B8-436D-9146-8FB437D6481C} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb164?a=6OyJWO48uF&i=26 IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DD CD 45 A8 5A D8 CC 01 [binary data] IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=3012_1&babsrc=SP_ss&mntrId=18e0ca4c00000000000000248c3f98d6 IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb164/?search={searchTerms}&loc=IB_DS&a=6OyJWO48uF&i=26 IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={49313A42-D0B8-436D-9146-8FB437D6481C} IE - HKU\S-1-5-21-3889063066-599459775-2845031126-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "MyStart Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb164/?loc=IB_DS&a=6OyJWO48uF&&i=26&search=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012.02.11 15:06:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_10_1 [2012.08.03 23:36:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.08.04 00:05:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 16:48:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 16:48:21 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.19 14:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\Extensions [2012.08.04 00:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions [2012.07.20 10:14:27 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2012.01.06 15:57:54 | 000,000,000 | ---D | M] (DealBulldog Toolbar) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2011.11.21 17:26:03 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.08.04 00:05:35 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\ffxtlbr@incredibar.com [2012.07.26 19:11:02 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\plugin@videofiledownload.com [2012.08.04 00:05:32 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\cbow7r0b.default\extensions\plugin@yontoo.com [2012.08.04 00:05:19 | 000,002,203 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\cbow7r0b.default\searchplugins\MyStart Search.xml [2012.06.23 10:21:41 | 000,003,974 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\cbow7r0b.default\searchplugins\sweetim.xml [2012.06.25 17:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.07.23 21:23:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.18 16:48:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.26 19:02:54 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = O1 HOSTS File: ([2012.05.08 19:31:05 | 000,000,857 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (VideoFileDownload) - {0931BD3F-547E-45C1-B133-D0E995645DBA} - C:\Programme\OApps\bho_project.dll (VideoFileDownload) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll File not found O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Programme\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\DealBulldog Toolbar\tbcore3.dll () O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\DealBulldog Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll File not found O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ExpressFiles] D:\ExpressFiles\ExpressFiles.exe (hxxp://www.express-files.com/) O4 - HKLM..\Run: [KiesHelper] D:\Program\Kies\KiesHelper.exe (Samsung) O4 - HKLM..\Run: [KiesTrayAgent] D:\Program\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Logitech G35] D:\Logitech\G35\G35.exe (Logitech(c)) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-3889063066-599459775-2845031126-1001..\Run: [KiesPDLR] D:\Program\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-3889063066-599459775-2845031126-1001..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.) O4 - HKU\S-1-5-21-3889063066-599459775-2845031126-1001..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0 File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3889063066-599459775-2845031126-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - C:\Users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{476C922E-4CB0-48AA-B7D6-8563F6854D4C}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{7158db0c-e5c7-11e0-a282-00248c3f98d6}\Shell - "" = AutoRun O33 - MountPoints2\{7158db0c-e5c7-11e0-a282-00248c3f98d6}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.04 11:25:50 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Alexander\Desktop\otl.exe [2012.08.04 11:06:02 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.08.04 11:06:02 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Malwarebytes [2012.08.04 11:05:45 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.08.04 11:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.04 00:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena [2012.08.04 00:06:10 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam [2012.08.04 00:06:06 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Wajam [2012.08.04 00:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam [2012.08.04 00:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo [2012.08.04 00:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012.08.04 00:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant [2012.08.02 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\1.3.1 Server [2012.07.26 21:02:17 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Teeworlds [2012.07.26 19:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\OApps [2012.07.26 19:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\TorrentSearch [2012.07.26 19:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl [2012.07.26 19:03:07 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\BabylonToolbar [2012.07.26 19:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012.07.26 19:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012.07.26 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Babylon [2012.07.26 19:02:33 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\YourFileDownloader [2012.07.26 19:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\YourFileDownloader [2012.07.24 18:04:58 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\SCE [2012.07.24 18:04:58 | 000,000,000 | ---D | C] -- C:\Crash [2012.07.24 18:03:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012.07.21 11:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killing Floor [2012.07.20 14:40:42 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Killing Floor [2012.07.19 17:11:46 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.07.19 17:11:46 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.07.19 17:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012 [2012.07.19 17:11:28 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\TuneUp Software [2012.07.19 17:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012 [2012.07.19 17:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.07.19 17:11:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.07.19 17:11:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012.07.19 17:07:58 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\OpenCandy [2012.07.13 16:15:25 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\uTorrent [2012.07.11 23:27:00 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.07.11 23:27:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.07.11 23:26:59 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.07.11 23:26:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.07.11 23:26:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.07.11 23:26:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.07.11 23:26:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.07.11 23:24:01 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.07.11 16:37:51 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.07.11 16:37:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012.07.11 16:37:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012.07.09 17:10:29 | 000,000,000 | ---D | C] -- C:\Users\Alexander\riotsGamesLogs [2012.07.06 14:04:08 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\TinyAndBigGrandpasLeftovers [2012.07.06 14:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com ========== Files - Modified Within 30 Days ========== [2012.08.04 11:25:50 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\otl.exe [2012.08.04 11:06:31 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.08.04 11:05:46 | 000,000,623 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.04 10:50:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.04 10:49:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.04 00:26:48 | 000,045,270 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\room_v3.dat [2012.08.04 00:05:36 | 000,000,751 | ---- | M] () -- C:\user.js [2012.08.03 23:52:08 | 000,000,907 | ---- | M] () -- C:\Users\Alexander\Desktop\Slender.lnk [2012.08.03 23:44:00 | 000,014,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.03 23:44:00 | 000,014,960 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.03 23:37:38 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.08.03 23:36:29 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.03 23:36:11 | 2616,496,128 | -HS- | M] () -- C:\hiberfil.sys [2012.08.02 22:42:00 | 000,000,701 | ---- | M] () -- C:\Users\Alexander\Desktop\Minecraft_Server.lnk [2012.08.02 20:51:45 | 000,000,976 | ---- | M] () -- C:\Users\Alexander\Desktop\Minecraft.lnk [2012.08.01 12:21:53 | 000,000,740 | ---- | M] () -- C:\Users\Alexander\Desktop\teeworlds.lnk [2012.07.30 15:24:02 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.07.30 15:24:02 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.07.25 14:42:48 | 000,010,752 | ---- | M] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.24 20:25:34 | 000,184,872 | ---- | M] () -- C:\torrent.exe [2012.07.24 18:04:17 | 000,138,904 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012.07.24 18:04:17 | 000,138,904 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\PnkBstrK.sys [2012.07.24 18:03:34 | 000,282,512 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2012.07.24 18:02:34 | 000,000,684 | ---- | M] () -- C:\Users\Alexander\Desktop\Bullet Run Beta.lnk [2012.07.21 11:51:44 | 000,000,586 | ---- | M] () -- C:\Users\Alexander\Desktop\Killing Floor.lnk [2012.07.21 11:12:21 | 000,000,647 | ---- | M] () -- C:\Users\Public\Desktop\Express Files.lnk [2012.07.21 11:10:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.07.12 15:06:55 | 003,789,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.08.04 11:05:45 | 000,000,623 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.04 00:26:48 | 000,045,270 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\room_v3.dat [2012.08.03 23:52:07 | 000,000,907 | ---- | C] () -- C:\Users\Alexander\Desktop\Slender.lnk [2012.08.02 20:51:45 | 000,000,976 | ---- | C] () -- C:\Users\Alexander\Desktop\Minecraft.lnk [2012.08.01 12:21:53 | 000,000,740 | ---- | C] () -- C:\Users\Alexander\Desktop\teeworlds.lnk [2012.07.26 19:03:08 | 000,000,751 | ---- | C] () -- C:\user.js [2012.07.24 20:25:34 | 000,184,872 | ---- | C] () -- C:\torrent.exe [2012.07.24 18:02:34 | 000,000,684 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullet Run Beta.lnk [2012.07.24 18:02:33 | 000,000,684 | ---- | C] () -- C:\Users\Alexander\Desktop\Bullet Run Beta.lnk [2012.07.21 11:51:44 | 000,000,586 | ---- | C] () -- C:\Users\Alexander\Desktop\Killing Floor.lnk [2012.07.21 11:12:21 | 000,000,647 | ---- | C] () -- C:\Users\Public\Desktop\Express Files.lnk [2012.07.19 17:11:34 | 000,002,153 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk [2012.03.05 20:03:22 | 000,000,132 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\Adobe BMP Format CS5 Prefs [2012.03.01 19:17:55 | 000,000,132 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.02.13 17:43:15 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2012.02.13 17:43:15 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2012.02.13 17:43:15 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2012.02.03 13:21:59 | 000,138,904 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012.02.03 13:21:34 | 000,282,512 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012.02.03 13:21:33 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2012.01.22 17:55:21 | 000,138,904 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\PnkBstrK.sys [2012.01.18 20:01:02 | 000,001,456 | ---- | C] () -- C:\Users\Alexander\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.01.06 14:04:23 | 000,010,752 | ---- | C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.16 23:16:20 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.09.19 17:34:45 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.09.19 17:21:02 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011.04.09 19:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.02.17 22:39:13 | 000,835,440 | R--- | C] () -- C:\Windows\System32\pbsvc.exe [2010.09.29 12:34:38 | 000,075,096 | ---- | C] () -- C:\Windows\System32\LADFCoinst_i386.dll ========== LOP Check ========== [2012.08.02 20:51:45 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\.minecraft [2012.07.26 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Babylon [2012.07.26 19:03:07 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\BabylonToolbar [2012.07.15 03:21:37 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\BitTorrent [2011.11.24 18:01:51 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Canon [2012.01.07 01:10:57 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.10.29 17:38:40 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DAEMON Tools Lite [2011.10.11 16:02:10 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Downloaded Installations [2012.07.19 17:08:02 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DVDVideoSoft [2012.07.19 17:07:51 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers [2012.07.06 13:31:02 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\ExpressFiles [2012.01.18 18:15:45 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\FireShot [2011.12.16 23:16:57 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Leadertech [2012.05.01 22:46:09 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\LolClient [2012.05.24 18:00:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\LolClient2 [2011.10.31 12:53:44 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Nitro PDF [2012.03.21 21:32:45 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\No Company Name [2012.07.19 17:07:58 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\OpenCandy [2012.03.30 17:27:50 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Opera [2012.01.21 19:51:18 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Origin [2012.03.15 19:22:19 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Publish Providers [2011.10.30 03:26:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\PunkBuster [2011.10.30 13:11:37 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Samsung [2012.04.01 00:16:55 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Scoregasm [2012.01.06 15:43:47 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Solveig Multimedia [2012.04.30 10:51:53 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Sony [2012.04.20 23:41:30 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.07.30 21:52:00 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Teeworlds [2012.07.06 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TinyAndBigGrandpasLeftovers [2012.07.14 16:22:06 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TS3Client [2011.11.28 12:58:04 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\ts3overlay [2012.07.19 17:11:28 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TuneUp Software [2012.02.02 14:09:14 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Ubisoft [2012.07.13 18:56:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\uTorrent [2012.03.31 21:49:04 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Vessel [2012.07.26 19:02:33 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\YourFileDownloader [2012.08.03 23:37:38 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job [2012.07.27 14:45:46 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Log 2 [SPOILER] OTL Extras logfile created on: 04.08.2012 11:27:14 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Alexander\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 56,42% Memory free 6,50 Gb Paging File | 4,46 Gb Available in Paging File | 68,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 125,98 Gb Total Space | 62,21 Gb Free Space | 49,38% Space Free | Partition Type: NTFS Drive D: | 232,79 Gb Total Space | 173,96 Gb Free Space | 74,73% Space Free | Partition Type: NTFS Drive E: | 339,78 Gb Total Space | 303,05 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive F: | 372,61 Gb Total Space | 283,86 Gb Free Space | 76,18% Space Free | Partition Type: NTFS Computer Name: ALEXABDER-PC | User Name: Alexander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- D:\Program\Photoshop CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07123570-7A68-4FDF-B2AF-B3F59326C1F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0C726CFC-3EAE-4CB5-B99C-2A5D7F544669}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{127C5D7D-FF47-4740-BEEB-18A85F17A196}" = rport=10243 | protocol=6 | dir=out | app=system | "{28C757C9-1AB6-47CA-986C-D7A705A91DE1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{343DD658-D4B9-4468-9D0F-D731072C9BF3}" = lport=138 | protocol=17 | dir=in | app=system | "{428C8C5D-464B-4897-8918-16FA0C75A837}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4491A980-FD76-43FF-8FC2-0F7E675C51DE}" = rport=139 | protocol=6 | dir=out | app=system | "{493BF350-A34D-42D6-A7C9-CFE58DE6A1E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4C7934C1-5F9E-4435-B899-496240B326EB}" = lport=59108 | protocol=17 | dir=in | name=pando media booster | "{56A48B0D-3AEE-474D-B2D6-E33298C01EF5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5CC1678B-E38F-4FE5-BE60-6CA8B4B869C6}" = lport=10243 | protocol=6 | dir=in | app=system | "{7617C67A-8746-4C32-8765-C096D70EDB5D}" = lport=2869 | protocol=6 | dir=in | app=system | "{8251F135-F7C6-4C74-BE7B-9ECBF54206A0}" = lport=59108 | protocol=6 | dir=in | name=pando media booster | "{858FBB9E-38C1-4F1B-A41F-FF1428A46566}" = rport=445 | protocol=6 | dir=out | app=system | "{8DB0E6CC-9E74-4036-8A9B-AE5EBCA5D3AB}" = lport=59108 | protocol=6 | dir=in | name=pando media booster | "{98468F54-B702-44C0-94A6-149DF9EEE40D}" = lport=139 | protocol=6 | dir=in | app=system | "{A1C6F9C7-28AD-433A-829C-7A1DB368C373}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A84F1452-5EE2-4556-8A27-EA04D566FE68}" = rport=137 | protocol=17 | dir=out | app=system | "{BC71B3B2-5A10-4CE3-827A-5C8122D38F8D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{D268DFEE-DAC9-4AEE-AD16-EB8F0FCCCB88}" = rport=138 | protocol=17 | dir=out | app=system | "{D4E58E43-76C2-4661-A985-B15A9F377F78}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D7287DE4-71D5-476D-84C1-E7ED4D860E1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D7E153E8-84F0-4A42-9EE0-0217CF690BDF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D8F414BA-E0AB-4859-9287-7652F120AB7A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DCA15568-1B5E-4E38-AFAE-6043074560A9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E59A7B25-F6D1-4F3D-BA0B-AB33B9ADAD73}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F1F31826-A379-4509-A344-6D1DAF85589D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{F6850387-C3E8-452E-B12D-E32883B883D9}" = lport=445 | protocol=6 | dir=in | app=system | "{F76E4470-DA8B-499F-A338-8A5280EB046A}" = lport=59108 | protocol=17 | dir=in | name=pando media booster | "{F9CAFC71-9107-462B-B1F6-3E287CA48E53}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01FF99C8-0811-4D1D-A727-73B4C52E6901}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{0377B6CE-6594-4E7C-A505-939F2A330C19}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{04FE6104-9E8C-4DE2-9823-C6071A552DCF}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe | "{0A24AEB8-BD0D-4364-B824-411F5A0CDD79}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\brawl busters\bin\pbclient.exe | "{0C79407D-67E0-481A-99F8-786B20A08ABA}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{100962BF-E0B4-4E69-A9FC-5BA0528E830A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{170AACD7-8A3B-43D9-B8F2-2F8E66045326}" = protocol=6 | dir=out | app=system | "{1A612120-DAE0-420F-94BC-824BBD392669}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{1DDE0BDD-9D60-4CAC-A086-E146EA71D58E}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\brawl busters\bin\pblauncher.exe | "{1F251CFE-E818-43FC-BB46-7606441E1237}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{21948FED-E377-4EE9-9D90-85C4185F3FD5}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{230D6DAE-3CCC-483A-A4E5-224880BB816F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{26F070EF-76EC-4979-9B8A-B3EA2162569B}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{27D1BEFB-4667-47B0-83CC-950FD0D21ED3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{296B628B-0DA2-4BE7-902F-577040F16DB5}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{2A04C8C0-7E7C-4386-8F84-59C585674F89}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{2A46F8B8-B9F2-431C-A9B3-93C7E9DFEEDF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{35B916CF-FA8C-4A0A-85D3-A2A5FFFF285B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{360169DF-6556-400E-88E3-2124939BF86F}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{3AD2DD9A-BDD8-4F16-9512-EE3F44FC60A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3C3AC370-7815-40D2-A371-9B56EBBEE992}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{3EC50041-17B8-4CB5-8046-E312D42FF695}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{3F1257AB-684F-4D41-AADC-C880F434531E}" = protocol=6 | dir=in | app=e:\james cameron´s avatar\bin\avatar.exe | "{4209B56A-8D37-47CC-88D6-38CC76F7B954}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\rage\rage.exe | "{46DE3EA6-E80A-4BC2-B650-364B0C089BF2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{4748456B-0956-40EC-B7FE-397F6299FAA3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{475041C6-0D80-4128-B5FA-3E468F90B10E}" = protocol=6 | dir=in | app=e:\star wars-the old republic\swtor\retailclient\swtor.exe | "{48240238-B680-4B6A-9099-19DB47940B18}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{49C20EAC-F5B7-4312-A595-A606872521D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{49F3C06A-A79C-483A-86DE-57E8D441D3CF}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{4BBAE182-66F8-4076-AAB6-8D2C1F690841}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\brawl busters\bin\pbclient.exe | "{4F192640-B567-415D-B17F-A05BD4D11626}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{4F415C6C-9337-49E9-BC59-1C16CC48CA28}" = protocol=17 | dir=in | app=e:\assassin's creed brotherhood\acbmp.exe | "{4FAE8967-0211-42B7-8645-821BA6EAAB5E}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{52A29F85-0E03-4331-9504-2AB8DE16A3C6}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{52F1392A-5D05-4AA6-B98E-576BA64CF221}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{53AB8F1E-5C20-4921-AEBF-1ED362AE9A7B}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\brawl busters\bin\pblauncher.exe | "{559F3B52-B891-4AC9-80E7-4D4122177992}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{584379C3-435F-4A6B-8B4C-7E3B807B0A8F}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{591BE595-CDF1-41EF-AC85-11E547775831}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | "{5A47DB83-B836-4431-9C3A-326058361BBD}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{5A8D1B9F-D9A4-4A90-902F-431C6651AEB7}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{5AAE9BDD-1280-4203-A6B5-8082D0C579B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5AEFA447-7127-4210-BBF7-6FB66BB5FA12}" = protocol=6 | dir=in | app=e:\assassin's creed revelations\acrmp.exe | "{5DF53476-F77F-4559-8350-C716D5B78C58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5E3145F1-2AA4-4139-8BC9-33C58A9A0CAF}" = protocol=6 | dir=in | app=e:\diablo iii\diablo iii.exe | "{5E6E5B8F-DFF9-42E8-B013-FA8F2579CBD1}" = protocol=6 | dir=in | app=d:\expressfiles\expressfiles.exe | "{65A95FB9-FD66-4580-8F81-2B1556BF2A7B}" = protocol=6 | dir=in | app=e:\assassin's creed brotherhood\acbmp.exe | "{66B696A0-88E6-4577-8634-42060ECCA5BF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{66EABC4F-2B96-42E0-9098-B2BEC85D68B9}" = protocol=17 | dir=in | app=d:\bittorrent\bittorrent.exe | "{6761FCD6-DCDC-488B-9075-75BC47A5E36D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6BB7EAC7-A165-4AF9-878E-5A7A19C8C79F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{6D85D9EE-B9F6-4480-88D2-17F078DC25AA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{6ED9094A-C3AD-4919-98A9-8A315B887898}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{70DC4B55-032A-420C-91FE-BDDA01CB589D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{77D80033-21F7-4299-A919-D8E7596E3F1A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "{790EDF77-EE4B-422C-8E0B-819A86B4C206}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "{791498C9-0ABE-467E-AFE6-B0C48665FD33}" = protocol=17 | dir=in | app=e:\assassin's creed revelations\acrmp.exe | "{7D68FD1E-049B-44B1-BC6E-E59ABC3265CD}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe | "{82233457-4B4D-4720-AD83-8258AB3F9AA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{82C640D4-D12F-4671-9847-494F0D42F7E3}" = protocol=6 | dir=in | app=e:\james cameron´s avatar\bin\avatarlauncher.exe | "{86F164A4-28CC-43B5-A8D7-7C339BAEDA9F}" = protocol=6 | dir=in | app=d:\program\steam\steam.exe | "{8815FB5E-0FC8-4AEB-8492-AF8533A31000}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{8E77EC6E-5C38-463E-A9A8-4291912ADDAE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{9239F5D4-7B9C-4203-BCE5-7582D069A805}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe | "{928A6209-7C6F-45D5-A971-A74B2023DB60}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\rage\rage.exe | "{92B312DD-59D7-4E47-9145-B455D692DC6D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{945F87A4-75DF-4A8C-966A-C6E54341D390}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{947F7241-05C7-41A8-AFFB-09FEC4DB1B72}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\rage\rage.exe | "{97C78A4D-CC1A-47CB-ABF3-B9CAFCE1E315}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{9889DCF6-7EDD-4025-9846-A72966514B44}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{98A8D17A-5B5E-4244-B7A7-402FBE7CAB0C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{998D707E-D199-42EA-B27B-FC158295E902}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{9AA5F936-2FB3-4C09-B920-7F116ED89F2A}" = protocol=17 | dir=in | app=e:\star wars-the old republic\swtor\retailclient\swtor.exe | "{9D7257DA-F845-4E41-84DA-714DF3C1F911}" = protocol=6 | dir=in | app=d:\expressfiles\expressdl.exe | "{9FDF82BF-E0B8-45A2-8615-715C4EEDB3F4}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{A1F4010D-58DA-4B29-B7AE-061ACB40F718}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{A60BDFA6-8E13-4E36-B0F4-57E976A965B6}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{A615FD00-B3FB-4617-AB2C-4F3AE742600C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{A8ED451A-D9D6-49D8-88AA-2AA6897C2FDF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{A905B752-A183-4394-87C3-33353522E2C5}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{AA7FBD30-306C-405F-8A35-397923D8B627}" = protocol=17 | dir=in | app=e:\james cameron´s avatar\bin\avatarlauncher.exe | "{AE3FF41E-8CDA-4EA7-A0FA-9F374B864BF8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{AF5D2F13-A44F-46B7-B224-06D04E8E74D5}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 3\bf3.exe | "{B0938A68-425D-428E-9108-7AD84B2A656A}" = protocol=17 | dir=in | app=e:\diablo iii\diablo iii.exe | "{B7B9399D-7B0C-45E1-9F1F-DA0FAB3DAEE9}" = protocol=58 | dir=in | app=system | "{B99BBCA9-A85B-402E-8755-A88E2C225C27}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "{BAEA8D94-6EB9-4786-89B9-962D038EE0D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB7E4836-982D-433B-A9E9-9E5002FC8E32}" = protocol=17 | dir=in | app=e:\james cameron´s avatar\bin\avatar.exe | "{BBCA1004-51AB-4956-831C-356B2E3446E5}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{C6DA45B6-71E0-4C0D-B61E-0155251DC6C0}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{C90090FF-755C-4EBE-B39D-8BBDD51B67A1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CA580074-7469-4E97-B6C4-0789FECF3817}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{CC8158BE-04CE-4F4C-A498-1268CF08D48F}" = protocol=17 | dir=in | app=d:\expressfiles\expressdl.exe | "{CF22FDF5-EF66-4DE7-BE67-0AFC6222FD70}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{D0ACF05A-E70E-4FFF-91F0-2D70446377F3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "{D159374B-246B-4892-9FBD-18765CB4DBAE}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | "{D1B88CE8-1093-4A45-9719-6FF876769AE5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{DBDAAFB8-139A-4380-B18F-2B0AF616DFE7}" = protocol=17 | dir=in | app=d:\program\steam\steam.exe | "{DC78C40C-1931-4755-866B-773CB7251B15}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\rage\rage.exe | "{DCD859A3-0FA8-45AA-AD90-F9DCF04956A9}" = protocol=6 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{DDF645A7-E2CD-4C47-AD86-46BED68F07F2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{DEC559D9-EDA2-40BF-A07F-C77EB468F515}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{E30E15A5-6664-4BF3-A9D1-AE40DE5A2D0C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E47B100B-8919-420D-B386-B972BCDEA941}" = protocol=6 | dir=in | app=e:\star wars-the old republic\launcher.exe | "{E4B71BC7-4DE5-44A4-B043-6ABF8AB4FEBF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E6D04A01-2D20-4198-A25D-912AEFD8F0C1}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{E715D155-8269-41F0-9131-396A946E0888}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{F5C7AC97-B7A9-4BD1-981B-DA73BA6F51E0}" = protocol=17 | dir=in | app=d:\expressfiles\expressfiles.exe | "{F6932936-871A-4E1C-9A32-F9AE24094E8E}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{F7081AD1-91A7-4491-845D-FFBF22D50EAA}" = protocol=17 | dir=in | app=e:\star wars-the old republic\launcher.exe | "{F806D75B-70C7-40B9-B4D2-AC790B0E0254}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{FACD7AED-2BB0-4C2E-913A-3FF22B19A265}" = protocol=17 | dir=in | app=d:\program\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{FD364F2F-A10F-4E5E-954F-13376B745B13}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FDB9B935-27D2-49C7-A15E-E7A48880B81D}" = protocol=6 | dir=in | app=d:\bittorrent\bittorrent.exe | "TCP Query User{12F8E8D4-1777-4C6B-9205-B8219BFECE06}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | "TCP Query User{79B5FE5D-3B9D-4EAB-9BE2-A0C63E3945C8}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe | "UDP Query User{4FCBD8AF-CB0C-4CE8-9394-77ECEC47843A}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | "UDP Query User{6DA93DEE-DBD0-4668-BD4E-F872E4450A67}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{0FF3D021-5ED4-11E1-8FD8-F04DA23A5C58}" = Vegas Pro 11.0 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series "{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}" = MSVCRT Redists "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.455 "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4183178B-4D4E-48A7-9257-454BA90A760E}" = SweetPacks Toolbar for Internet Explorer 4.6 "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{59279982-86E2-4C2A-8060-A3E77575CD8B}" = Logitech G35 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL "{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source "{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0 "{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE) "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D08A2A29-5606-4FFE-BA05-7495314B42CB}" = Nitro PDF Reader 2 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DAC69A3A-89E6-4B70-B486-B974C2C95BE9}" = HD Writer AE 4.0 "{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.20 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Audacity_is1" = Audacity 1.2.6 "BabylonToolbar" = Babylon toolbar on IE "Battlelog Web Plugins" = Battlelog Web Plugins "BitTorrent" = BitTorrent "CANONIJINBOXADDON200" = Canon Inkjet Printer Driver Add-On Module V2.00 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "DealBulldog Toolbar" = DealBulldog Toolbar "Diablo II" = Diablo II "Diablo III" = Diablo III "Digsby" = Digsby "Easy-WebPrint EX" = Canon Easy-WebPrint EX "ESN Sonar-0.70.4" = ESN Sonar "Fraps" = Fraps (remove only) "Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508 "Google Chrome" = Google Chrome "iLivid" = iLivid "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Killing Floor_is1" = Killing Floor "LogMeIn Hamachi" = LogMeIn Hamachi "lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Minecraft (Beta v1.3) Beta v1.3" = Minecraft (Beta v1.3) "Minecraft Cracked" = Minecraft Cracked "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NIS" = Norton Internet Security "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Opera 11.62.1347" = Opera 11.62 "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server "Steam App 9200" = RAGE "TuneUp Utilities 2012" = TuneUp Utilities 2012 "uTorrent" = µTorrent "vfd-ob" = VideoFileDownload "VLC media player" = VLC media player 1.1.11 "Wajam" = Wajam "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.01 (32-Bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3889063066-599459775-2845031126-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "ExpressFiles" = ExpressFiles "SOE-Bullet Run Beta" = Bullet Run Beta "TeamSpeak 3 Client" = TeamSpeak 3 Client "YourFileDownloader" = YourFileDownloader ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03.08.2012 08:02:03 | Computer Name = Alexabder-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: BabylonToolbarsrv.exe, Version: 1.5.29.0, Zeitstempel: 0x4fe97fbc Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x61636f4c ID des fehlerhaften Prozesses: 0x166c Startzeit der fehlerhaften Anwendung: 0x01cd716fc9c4154e Pfad der fehlerhaften Anwendung: C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarsrv.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 093e2399-dd63-11e1-a942-00248c3f98d6 Error - 03.08.2012 15:32:14 | Computer Name = Alexabder-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 12.0.3600.73, Zeitstempel: 0x4fc4ad81 Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b9a2 Ausnahmecode: 0xc0020043 Fehleroffset: 0x000622d3 ID des fehlerhaften Prozesses: 0x928 Startzeit der fehlerhaften Anwendung: 0x01cd71ae14ff2ee5 Pfad der fehlerhaften Anwendung: C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\RPCRT4.dll Berichtskennung: ed1ae806-dda1-11e1-8377-00248c3f98d6 Error - 03.08.2012 17:42:25 | Computer Name = Alexabder-PC | Source = Application Hang | ID = 1002 Description = Programm _iu14D2N.tmp, Version 51.49.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fd4 Startzeit: 01cd71c05c8d38c7 Endzeit: 3 Anwendungspfad: C:\Users\ALEXAN~1\AppData\Local\Temp\_iu14D2N.tmp Berichts-ID: Error - 03.08.2012 18:34:21 | Computer Name = Alexabder-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 12.0.3600.73, Zeitstempel: 0x4fc4ad81 Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b9a2 Ausnahmecode: 0xc0020043 Fehleroffset: 0x000622d3 ID des fehlerhaften Prozesses: 0x9a0 Startzeit der fehlerhaften Anwendung: 0x01cd71c00ebe7c80 Pfad der fehlerhaften Anwendung: C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\RPCRT4.dll Berichtskennung: 5dd880eb-ddbb-11e1-a86b-00248c3f98d6 [ System Events ] Error - 26.04.2012 09:27:17 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 26.04.2012 09:27:17 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 26.04.2012 09:27:18 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 27.04.2012 17:47:43 | Computer Name = Alexabder-PC | Source = BROWSER | ID = 8032 Description = Error - 28.04.2012 13:03:56 | Computer Name = Alexabder-PC | Source = bowser | ID = 8003 Description = Error - 01.05.2012 16:08:29 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 01.05.2012 16:08:30 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 01.05.2012 16:08:30 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 01.05.2012 16:08:31 | Computer Name = Alexabder-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden. Error - 05.05.2012 20:56:14 | Computer Name = Alexabder-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: %%1115 < End of report > [/SPOILER] |
|
06.08.2012, 09:58
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Incredibar-Toolbar dauerhaft entfernenCode:
ATTFilter O1 - Hosts: 127.0.0.1 activate.adobe.com
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
Der o.g. O1-Hosts-Eintrag dienen hauptsächlich dazu, die Nutzung gecrackter Software Adobe zu ermöglichen!  Siehe auch => http://www.trojaner-board.de/95393-c...-software.html Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!! Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein! In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________ |
|
| Themen zu Incredibar-Toolbar dauerhaft entfernen |
| 7-zip, audacity, autorun, babylon toolbar, babylontoolbar, battle.net, bho, canon, converter, device driver, document, entfernen, error, firefox, flash player, format, helper, install.exe, langs, launch, logfile, lws.exe, mozilla, mp3, msiexec.exe, msvcrt, nvidia update, pando media booster, plug-in, registry, rundll, scan, search the web, security, senden, software, svchost.exe, sweetim, sweetpacks, symantec, tarma, taskhost.exe, teamspeak, udp, updates, usb, wajam, windows, yontoo |
Linear-Darstellung
