| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Arbeitsplatz öffnet sich einfach automatischWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.01.2013, 19:05
| #1 |
 |  Arbeitsplatz öffnet sich einfach automatisch Hallo zusammen, seit heute öffnet sich mein Arbeitsplatz seltsamer automatisch während dem Surfen, bzw Zocken. Beim Start von Windows öffnet er sich NICHT. Anti Vir ist auf dem Rechner und auf dem neusten Stand, spuckte allerdings keine Meldung aus. Klemmende Tasten kann ich ausschließen, Tastatur wurde bereits ausgetauscht. Per Google konnte ich leider keinen ähnlichen Fall finden. So langsam geht's mir allmählich auf die Nerven. Koennte das Malware oder aehnliches sein? Oder befinde ich mich auf dem Holzweg? |
|
24.01.2013, 09:49
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Arbeitsplatz öffnet sich einfach automatisch Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ |
|
24.01.2013, 18:06
| #3 |
| | Arbeitsplatz öffnet sich einfach automatisch OTL.txt
__________________Code:
ATTFilter OTL logfile created on: 24.01.2013 18:54:05 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\m0\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,93 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 64,86% Memory free 11,86 Gb Paging File | 9,54 Gb Available in Paging File | 80,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1386,27 Gb Total Space | 1116,16 Gb Free Space | 80,52% Space Free | Partition Type: NTFS Drive D: | 702,82 Mb Total Space | 276,23 Mb Free Space | 39,30% Space Free | Partition Type: UDF Computer Name: M0-PC | User Name: m0 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\m0\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\program files (x86)\avira\antivir desktop\ipmGui.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\m0\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) PRC - C:\Users\m0\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.) PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Steam\SDL.dll () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Users\m0\AppData\Roaming\Spotify\Data\libcef.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () MOD - C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll () MOD - C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (RoxMediaDB10) -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{1FDBCE12-1BF3-41C7-80F6-68D9628AC2F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{B8E0BF51-4AD3-4956-87E8-CED1AF1B822E}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-873282114-2901205279-3470080578-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-873282114-2901205279-3470080578-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8 IE - HKU\S-1-5-21-873282114-2901205279-3470080578-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-873282114-2901205279-3470080578-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: YPlayer@yummy.net:1.0.0.15 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( ) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 16:50:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 16:50:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 16:50:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 16:50:45 | 000,000,000 | ---D | M] [2010.07.23 17:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\m0\AppData\Roaming\mozilla\Extensions [2012.10.24 18:21:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\m0\AppData\Roaming\mozilla\Firefox\Profiles\ea85r2lx.default\extensions [2012.10.16 18:51:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\m0\AppData\Roaming\mozilla\Firefox\Profiles\ea85r2lx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013.01.19 16:50:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.19 16:50:44 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files (x86)\mozilla firefox\extensions\YPlayer@yummy.net [2013.01.19 16:50:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2013.01.19 16:50:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013.01.19 16:50:46 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2012.02.25 17:19:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.17 17:47:41 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.25 17:19:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.25 17:19:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.25 17:19:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.25 17:19:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions) O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\Run: [DriverMax_RESTART] File not found O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\Run: [Spotify] C:\Users\m0\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\Run: [Spotify Web Helper] C:\Users\m0\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-873282114-2901205279-3470080578-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe (Adobe Systems, Inc.) O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found O4 - Startup: C:\Users\m0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O4 - Startup: C:\Users\m0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\m0\Desktop\PartyPoker.lnk File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\m0\Desktop\PartyPoker.lnk File not found O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CF0B0F1-95B3-4B77-89DB-E89C11D33AEA}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\fluxhttp - No CLSID value found O18:64bit: - Protocol\Handler\fluxhttp\0x00000007 - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax () O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.24 18:52:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\m0\Desktop\OTL.exe [2013.01.19 16:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.09 21:15:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.01.09 21:15:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.01.09 21:15:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.01.09 21:15:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.01.09 21:15:40 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013.01.09 21:15:40 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013.01.09 21:15:40 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013.01.09 21:15:40 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013.01.09 21:15:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013.01.09 21:15:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013.01.09 21:15:40 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013.01.09 21:15:40 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013.01.09 21:15:40 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013.01.09 21:15:40 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013.01.09 21:15:40 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013.01.09 21:15:40 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013.01.09 21:15:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013.01.09 21:15:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013.01.09 21:15:40 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013.01.09 21:15:40 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013.01.09 21:15:40 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013.01.09 21:15:40 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013.01.09 21:15:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013.01.09 21:15:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013.01.09 21:15:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013.01.09 21:15:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013.01.09 21:15:40 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013.01.09 21:15:40 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013.01.09 21:15:39 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013.01.09 21:15:39 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013.01.09 21:15:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013.01.09 21:15:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013.01.09 21:15:39 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013.01.09 21:15:39 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013.01.09 21:15:39 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013.01.09 21:15:39 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013.01.09 21:15:25 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013.01.09 21:15:25 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.01.09 21:15:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013.01.09 21:15:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013.01.09 21:15:24 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013.01.09 21:15:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.01.09 21:15:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013.01.09 21:15:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.01.09 21:15:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013.01.09 21:15:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013.01.09 21:15:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.01.09 21:15:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.01.09 21:15:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.01.09 21:15:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 21:15:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 21:15:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 21:15:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.01.09 21:15:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.01.09 21:15:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013.01.09 21:15:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 21:15:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013.01.09 21:15:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.01.09 21:15:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.01.09 21:15:17 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2010.07.06 19:11:19 | 814,143,398 | ---- | C] (GOA ) -- C:\Program Files\loleusetup.exe [2 C:\Users\m0\AppData\Roaming\*.tmp files -> C:\Users\m0\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.24 18:56:46 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.24 18:56:46 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.24 18:53:44 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.24 18:53:44 | 000,654,602 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.24 18:53:44 | 000,616,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.24 18:53:44 | 000,130,216 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.24 18:53:44 | 000,106,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.24 18:52:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\m0\Desktop\OTL.exe [2013.01.24 18:49:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.24 18:49:23 | 479,522,815 | -HS- | M] () -- C:\hiberfil.sys [2013.01.10 19:12:47 | 000,007,598 | ---- | M] () -- C:\Users\m0\AppData\Local\Resmon.ResmonCfg [2013.01.10 19:00:35 | 000,339,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2 C:\Users\m0\AppData\Roaming\*.tmp files -> C:\Users\m0\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.03 14:29:21 | 000,007,598 | ---- | C] () -- C:\Users\m0\AppData\Local\Resmon.ResmonCfg [2011.10.19 22:14:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.10.02 18:59:30 | 000,008,297 | ---- | C] () -- C:\Users\m0\AppData\Roaming\UserTile.png [2011.03.29 17:47:20 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.03.29 17:47:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.08.11 14:37:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2012.06.16 16:50:01 | 000,000,000 | -HSD | M] -- C:\Users\m0\AppData\Local\{bb09ef47-aa30-43e2-e1ea-842bc72bd87d}\U [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "ThreadingModel" = Both "" = C:\Users\m0\AppData\Local\{bb09ef47-aa30-43e2-e1ea-842bc72bd87d}\n. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2010.07.06 19:45:37 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\LolClient [2011.03.10 18:31:43 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Miranda [2011.01.10 19:02:43 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\OpenOffice.org [2011.11.11 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Origin [2012.10.01 21:16:16 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Party [2011.10.02 18:59:30 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\PeerNetworking [2010.10.05 19:20:42 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\ProtectDisc [2011.03.29 17:47:04 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\PunkBuster [2011.03.21 21:06:13 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Rift [2012.08.24 00:23:37 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\SoftGrid Client [2013.01.24 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Spotify [2010.10.04 18:17:40 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\TP [2012.11.04 15:03:08 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\TS3Client [2012.05.21 20:30:15 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\ts3overlay [2011.03.29 18:40:39 | 000,000,000 | ---D | M] -- C:\Users\m0\AppData\Roaming\Ubisoft ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.01.2013 18:54:05 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\m0\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,93 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 64,86% Memory free
11,86 Gb Paging File | 9,54 Gb Available in Paging File | 80,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1386,27 Gb Total Space | 1116,16 Gb Free Space | 80,52% Space Free | Partition Type: NTFS
Drive D: | 702,82 Mb Total Space | 276,23 Mb Free Space | 39,30% Space Free | Partition Type: UDF
Computer Name: M0-PC | User Name: m0 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-873282114-2901205279-3470080578-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0277341E-183E-4E13-A842-266A4F24DACD}" = lport=137 | protocol=17 | dir=in | app=system |
"{035E09AC-BC4C-4594-A9CD-145FBF8DF5FB}" = lport=6942 | protocol=17 | dir=in | name=league of legends launcher |
"{0391ED4A-273F-4CDB-97E8-8BD3068D54E9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{058F7869-EDF3-46D6-874A-BBB37A90E863}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0598E703-7C01-46A7-8309-D436A97FE24D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08882CAE-B247-4A49-9862-2A2279D736A0}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher |
"{09737564-0E03-4E00-A997-20F271B0C329}" = lport=6902 | protocol=6 | dir=in | name=league of legends launcher |
"{0B22F6D5-FDC8-4368-8101-5641CDF53DE3}" = lport=6952 | protocol=6 | dir=in | name=league of legends launcher |
"{0B992644-5B75-4E89-A915-971992C050BB}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{0CC20AD2-FB68-4F1B-B371-40F8E2C32E79}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher |
"{0D5E00E0-F16A-4576-BE00-7D4EDA437B63}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{0ED0E951-0015-4DAD-9809-737BE0BAA317}" = lport=6970 | protocol=6 | dir=in | name=league of legends launcher |
"{12F0B9DD-8855-4732-9E70-E41005F9C351}" = lport=6938 | protocol=6 | dir=in | name=league of legends launcher |
"{1309EF8C-FBE8-4A26-B6B8-4C2EEE96ADB3}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher |
"{1342D56F-6BD3-410D-865B-B84A655454E2}" = lport=6970 | protocol=17 | dir=in | name=league of legends launcher |
"{1608779D-107E-4AA5-A403-A711CF295112}" = lport=6952 | protocol=17 | dir=in | name=league of legends launcher |
"{1A99646C-B8E8-43FB-AE27-CE846B00E03F}" = lport=6942 | protocol=6 | dir=in | name=league of legends launcher |
"{1CD869CE-C28E-438A-BBA3-30922E3E0974}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{1F082140-2EEC-421F-B0AC-44D1B4683F0E}" = lport=6983 | protocol=6 | dir=in | name=league of legends launcher |
"{2057BA5A-F645-4B68-81A3-D0468041D404}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{20AFFF8E-3A7C-4758-9771-356B7B66B8C7}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{21588AB5-7555-4FE4-85B1-58CEE364D8DD}" = lport=6914 | protocol=6 | dir=in | name=league of legends launcher |
"{24694FC8-F6E9-4968-A893-ACD9682DE58F}" = lport=6989 | protocol=6 | dir=in | name=league of legends launcher |
"{266E8054-6B21-4C87-B9B4-2009E1B7A691}" = lport=138 | protocol=17 | dir=in | app=system |
"{29F2E344-3D30-4181-BD4E-D8EC66BAD84A}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{2A23A29C-8CB6-4EE8-AABE-C76C3B2FD55A}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher |
"{2A6A2549-2D2D-44C7-91CB-DD4264E47895}" = rport=137 | protocol=17 | dir=out | app=system |
"{2CEAE754-B959-4E47-940D-6E5178281601}" = lport=6970 | protocol=17 | dir=in | name=league of legends launcher |
"{30499FCC-0D21-4D74-B9BC-8260546828B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37A43577-5275-4F7E-8FC1-777138318C23}" = lport=6965 | protocol=17 | dir=in | name=league of legends launcher |
"{390C32F2-C00A-4ECC-BCDD-F1350E76E229}" = lport=6939 | protocol=17 | dir=in | name=league of legends launcher |
"{4046C17B-24E0-42E8-844E-9931E6F10492}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{42FA413E-2A7A-42FC-BEBC-12B20A07C626}" = lport=6887 | protocol=17 | dir=in | name=league of legends launcher |
"{44A5730C-5DD3-4C70-A575-F2EB4D3079D6}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{45E9FC7A-CAA4-46BA-8A99-B4878CE7C1FD}" = lport=6913 | protocol=17 | dir=in | name=league of legends launcher |
"{4A560F6D-7CA2-4EF2-B91F-402AF80D0B81}" = lport=6931 | protocol=6 | dir=in | name=league of legends launcher |
"{4CF3600E-7271-4106-9FF8-42B415790F9A}" = lport=6970 | protocol=6 | dir=in | name=league of legends launcher |
"{4D7D68D5-09FD-4442-B766-362B64F07A88}" = lport=6973 | protocol=6 | dir=in | name=league of legends launcher |
"{52604D98-5AB2-4F04-A6AA-976B3B722607}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{54832405-707B-4E40-822B-85B0AE7ED86B}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher |
"{57E89C76-D7B3-4600-A132-0517226BD79F}" = lport=6971 | protocol=17 | dir=in | name=league of legends launcher |
"{5969C4A1-340E-4579-80EF-4EA080896E01}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher |
"{5AB304EB-4F41-4063-8C63-D81541C232A3}" = lport=6937 | protocol=17 | dir=in | name=league of legends launcher |
"{5DE63646-FE03-4A75-8457-8E01ED0C8359}" = lport=6913 | protocol=6 | dir=in | name=league of legends launcher |
"{5FBF2AE9-548F-4198-A0CC-4BDF3355D948}" = lport=10243 | protocol=6 | dir=in | app=system |
"{622A122C-B97D-4925-8C30-490A1936E99C}" = lport=6939 | protocol=6 | dir=in | name=league of legends launcher |
"{62BCAC14-213A-4071-AD6E-2C9060C4DECA}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{633BF8DD-69E6-4155-9E6D-19E1DB5D4A8D}" = lport=6990 | protocol=6 | dir=in | name=league of legends launcher |
"{6506391D-759B-4E42-AB8B-1F061DF8BD43}" = rport=138 | protocol=17 | dir=out | app=system |
"{66230879-A4CB-484A-9509-DE9C332CD1B3}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{6B3DAEC9-5BF1-4D64-AA4E-C223C70256C7}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{6B841990-BD13-4C0D-AC8A-390401EB8837}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6BDC1A3B-AED7-4CC3-ABA4-66AED29351B1}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{6DF71E4A-743D-457E-BAAD-7424F3580C95}" = lport=6971 | protocol=6 | dir=in | name=league of legends launcher |
"{6F684E54-72BB-48C7-8A3D-5EB072696DFC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6FA0E722-DC61-498F-BB4F-B7B78E8B96F0}" = lport=6901 | protocol=17 | dir=in | name=league of legends launcher |
"{70089BE2-86A5-4D06-ADAC-5A93E37A265A}" = lport=6936 | protocol=6 | dir=in | name=league of legends launcher |
"{755DC4D6-DEBD-4A26-91C1-E50034D0B9C0}" = lport=6936 | protocol=17 | dir=in | name=league of legends launcher |
"{7664E17C-E285-47FE-85DC-0A1CBC83B150}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{7954CCB9-A9F1-4EFB-B001-470140D66EA5}" = lport=6979 | protocol=17 | dir=in | name=league of legends launcher |
"{7AB247DE-8C0D-4566-B9E0-444A8D0C4667}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{7ACD6459-77CE-44B7-93C1-363FA733A363}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher |
"{7C023302-5C10-43E4-9491-CB9056ACCD28}" = rport=10243 | protocol=6 | dir=out | app=system |
"{808E83F1-0A87-4ED9-A209-090128658B38}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{8343A277-56D6-473C-BFD7-37994289F670}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{835E39C9-F9F2-476D-9A5E-B782C4F47BC9}" = lport=6967 | protocol=6 | dir=in | name=league of legends launcher |
"{84DF79F8-8128-4DAE-9984-8E078A51A417}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85ED37D7-BA94-4965-93C2-EB8B0C24AE57}" = lport=6958 | protocol=6 | dir=in | name=league of legends launcher |
"{8B194616-675A-4084-8D6F-D154D703F980}" = lport=6995 | protocol=6 | dir=in | name=league of legends launcher |
"{8CC7CD74-BECA-4707-A112-7926E7B559C6}" = lport=6933 | protocol=6 | dir=in | name=league of legends launcher |
"{8F23511A-8B66-4695-86E1-FDEDFD325F0C}" = lport=6941 | protocol=17 | dir=in | name=league of legends launcher |
"{8F906673-A502-4BA7-8898-E847AC01A6A2}" = lport=6958 | protocol=17 | dir=in | name=league of legends launcher |
"{8FD25186-0B72-417A-A8C9-CE477C08A205}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{9059327B-C899-4D8C-9B2F-76243829623C}" = lport=6989 | protocol=17 | dir=in | name=league of legends launcher |
"{91C3ABBA-1CC6-4123-8AB0-74C3E15F60CA}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{961191BC-EBA1-4EA8-A8F5-FEA0D1D30F71}" = lport=445 | protocol=6 | dir=in | app=system |
"{96287789-07C8-41D3-8C5A-74CDABF09FDE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{96CEBEB8-0262-46D9-AD00-AACDE34B4967}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{9C95857B-7539-4588-942F-4AECED26A8E0}" = lport=6979 | protocol=6 | dir=in | name=league of legends launcher |
"{9DFC4407-4FA4-445D-B10B-7BDA24D58782}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{A02484F7-7F9D-49DD-8D8F-772EE71E7F42}" = rport=445 | protocol=6 | dir=out | app=system |
"{A100074F-D7D2-4E35-9317-C3FAA5B8DAB2}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{A1A74D76-EA85-4BBB-A803-FFC315C0E8B7}" = lport=6938 | protocol=17 | dir=in | name=league of legends launcher |
"{A1C5588B-E4E8-4744-A40F-7C4EBF1D0A77}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{A4AE4088-31E3-4E86-B2ED-D58A6134940B}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher |
"{A61947F0-2C7C-46E8-8E9F-C6ADAE76983B}" = lport=6995 | protocol=17 | dir=in | name=league of legends launcher |
"{A69D297F-A31B-450A-A8B7-ED4957D28A07}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{A835674C-CE82-414C-973B-0E719BA79540}" = rport=139 | protocol=6 | dir=out | app=system |
"{A974D154-FF20-418B-8A9E-28CC2227A88B}" = lport=6990 | protocol=17 | dir=in | name=league of legends launcher |
"{A9AA1DB2-97B4-4E23-B054-229A2AD5CCA9}" = lport=6937 | protocol=6 | dir=in | name=league of legends launcher |
"{AACC362A-DEA0-4028-87B3-C2ED6050AD13}" = lport=6965 | protocol=6 | dir=in | name=league of legends launcher |
"{AAE7EE66-AF2E-4F3C-8C51-9CC5E4CA88AD}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{AB643774-4407-456E-A5AD-B772CB53DEE2}" = lport=6967 | protocol=17 | dir=in | name=league of legends launcher |
"{ACDB06EE-54B5-403A-8455-3B48CDFCEEAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1D5764D-1E7C-4769-A1BD-ACA236AD29A0}" = lport=6994 | protocol=17 | dir=in | name=league of legends launcher |
"{B33AC23E-85F1-4FCB-A3BE-3C0D355A60AD}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{B5F98194-2AAB-4BF3-9C20-537F6D43CAE6}" = lport=6932 | protocol=6 | dir=in | name=league of legends launcher |
"{B67DA6E8-53E2-4EE6-BEB6-C978DA5B0D69}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{BAA17A64-E776-4197-8C28-4F9A60FB362F}" = lport=6986 | protocol=17 | dir=in | name=league of legends launcher |
"{BB593EE8-21AB-4392-A3F5-F010BF353D8F}" = lport=6902 | protocol=17 | dir=in | name=league of legends launcher |
"{BC8DF044-69E5-44FF-8374-5278621A6EAC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C1D7CA02-7304-4808-8730-79AE86A4E5EA}" = lport=6932 | protocol=17 | dir=in | name=league of legends launcher |
"{C2C4737F-EB85-4BEB-A612-BC4FA0D94BC0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C504B20B-EEFA-4DB2-887C-AF13A6BBFF5C}" = lport=6931 | protocol=17 | dir=in | name=league of legends launcher |
"{CAD02FBE-F145-4FF6-A0A2-7851EB2DF276}" = lport=6901 | protocol=6 | dir=in | name=league of legends launcher |
"{D82E5413-D50F-4AB0-96D0-2F08372C7633}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{D99633F6-4505-418F-A26E-5A5231DF88C7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DE69488C-05A1-45E4-887F-0C0746011F92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4F6E86F-530D-4671-AACD-6C06793B35FA}" = lport=6933 | protocol=17 | dir=in | name=league of legends launcher |
"{E5CD96C8-06C7-4E45-9F03-288E1F3134CC}" = lport=6887 | protocol=6 | dir=in | name=league of legends launcher |
"{E673C5E2-0786-43DA-83CA-D2269180121B}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{E6E22AB2-6024-4AD7-8571-82A664A66663}" = lport=139 | protocol=6 | dir=in | app=system |
"{E88A1F8C-C6F3-421B-B7A3-6BB6D9D4E723}" = lport=6983 | protocol=17 | dir=in | name=league of legends launcher |
"{EAE44139-A633-4555-BB3F-EEF460B805EC}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{EB8B8C4E-9BB6-42B6-8678-C3A675E4101F}" = lport=6994 | protocol=6 | dir=in | name=league of legends launcher |
"{EBFA2FFD-8D0E-4325-AE75-97644D37F814}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{ECC864D9-8018-4335-8D4F-B209B18F97B8}" = lport=6978 | protocol=17 | dir=in | name=league of legends launcher |
"{EF970251-BD7A-4F0F-8980-7B2F9D6F2AA7}" = lport=6941 | protocol=6 | dir=in | name=league of legends launcher |
"{F5AB716B-C045-4F12-9496-59D0088B866A}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{F645C657-BA3B-4980-B3D7-AF9245B38D83}" = lport=6978 | protocol=6 | dir=in | name=league of legends launcher |
"{F87324DA-7EB4-4FD2-9DB8-2E1925AF6276}" = lport=6986 | protocol=6 | dir=in | name=league of legends launcher |
"{F994CFFF-9D70-45C1-89B6-1C15807B19B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FB862C0B-80C5-451C-B8B3-C5A3F8769C06}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE74217B-D18E-409D-BC54-59C4AA9BE6BC}" = lport=6973 | protocol=17 | dir=in | name=league of legends launcher |
"{FF5A1043-22CB-4DBB-8DFD-D8B223C6BDA7}" = lport=6914 | protocol=17 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020C8DF2-2A19-4270-BCB8-C27D0998EC12}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{03FD7FCD-5068-4E33-84A3-1CFBB385CF82}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0642FBF6-2F83-4336-8844-86A81BFAD6D1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe |
"{065DE7F6-91BE-4691-B40B-CA44ED61D85C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{0691F7EB-69BF-48DE-B7BF-8D02A8EDBDD4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{0BE5CEFD-DD0F-454B-ACA7-F6DB78C8FC2C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D8F29D4-B0F7-48F5-99A7-5C4675994F50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1162FC16-B6D7-4192-9D68-8108B58DB3B6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{11F77002-E77D-4AA5-BBBB-055210E4D837}" = protocol=6 | dir=out | app=system |
"{13A11FFF-A303-474E-84B2-A791D1A1A06D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{14EE56DB-DBCB-4D72-881A-F5527B35500F}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe |
"{1534DB62-B076-4065-BC4D-398FBFBF52AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{16624475-CB70-495B-9D69-7D7F0E51592D}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{173DB832-94C4-44BB-9C54-E1A716EB043F}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{1AC71392-257A-4D48-B3C9-2628E12CDE19}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\ambixdextrous89\counter-strike source\hl2.exe |
"{1FCF012E-23C9-4E53-91EC-B373AF674F1C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{20CFBE1F-CED2-42F5-B831-5781719A3687}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{22BD153F-8092-484C-8F5A-7ADF56A14713}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{231CC129-AA0A-45F1-ADEE-6B4D9695B1F1}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{233D89E3-C8FA-43B7-8E47-6E7B3E822751}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{24971B0F-C507-44E2-B9E4-654BA4D1CFE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\ambixdextrous89\counter-strike source\hl2.exe |
"{26D579B5-3CCD-4780-9D49-D29093E0BA1A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{28B34D77-182F-4E80-9DE2-95B4D2D5A74F}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{29A59924-8B0A-4837-8C85-D9D377003CF9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{35D1CCEC-37AE-4671-83BC-6563705C8E5B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{3A1488D7-F84C-4D14-9E62-10B794EB5F3C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{3E25A255-1784-440C-A6F6-2039A857988F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E5E20C7-E41B-43DC-913E-16202A9D301A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{41F4955E-02AD-4CBC-AE73-5F9AE6414AED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{42DF9710-42FE-4D16-A6A8-DDD69692AB6F}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{4378378C-26A3-48C6-9C6D-793E58684396}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{50E71632-026B-4E1C-A823-8200DED87569}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{52AAC907-3587-47D5-A218-42C2F15D9DD4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe |
"{5520D415-E908-4484-AA62-C75F4F46D9B5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{56BF5AAD-528D-4E13-B23F-43FA0229C76E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{5A5EF913-008D-4973-9940-11E585BDED57}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{5C47B69E-4C11-4E6B-B73B-554B3CAA1141}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5ECBCDA6-7A5E-4DA1-9A1D-60D7DD40B556}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{62F58EB1-9F72-49EE-A889-9BAFB4B2D826}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63176C0A-00C0-4595-A9ED-9D93364F5768}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63EA772D-4472-4E1E-BABF-178450E479DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63F19385-FF89-4948-AB0E-AD7EAAA3B069}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{646AEAB3-9475-4278-9B6E-5D024DE478F0}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{67BA897A-EC45-4AA6-B70D-C185AAC89671}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6BFA611C-6D60-4095-BDBF-19DB11D998EB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{6C81741C-83A0-4ADA-B817-0FAC0C1FC791}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{6DDDBA07-1824-42B3-949F-B119255A8707}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6EE308B4-3655-458C-8EBB-70855A73D828}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe |
"{6F232B44-28F4-4FDD-A623-16AD0A2A4F6B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6F589925-A0C2-4B33-B07A-415F27F70A9E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe |
"{71A3EBC0-AE0D-42A3-8E68-7754DC3CEED9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{72EE931E-18F9-4821-B09B-31B509F7B966}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7473113E-4DE7-47FB-8E7C-E409EED38A45}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{7D826F9F-3346-4D3A-9621-6EE598235AD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{7D885D94-AE3C-4827-8A7B-E8DA244608FE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{8C43518B-5375-4C39-A051-03643CCB7EC7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{97A66429-36F1-41D2-A0CC-3B5A0257FD5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen\bin\risen.exe |
"{97F280CE-3523-4B11-BE44-042046BF2256}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{9A214B41-FCF0-4A4C-9EDD-DB920C0F98EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{9C14FDA8-F67D-49BB-B14B-D5BCDA3225F9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{9D91DEF0-3CAF-473F-8466-343DA416FFEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9EAB5A2C-0C3C-416A-9056-A3043F02F39F}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe |
"{9F4F323C-4315-4406-9B8A-E4F1512D2690}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{9FFF1D16-C223-42D4-AC79-9057AE0B3C2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0BD4A80-060A-493A-A270-BCDD421BE123}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A2E4DC49-02A5-4879-A98C-BC58A922CD43}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{AA75B106-93C5-41BF-904C-11A686B19114}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{AAA71BA1-777A-4437-B6E0-55A6CD7F8AA2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{AF16AD5A-9754-47FB-9923-A2D9ED825C36}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{B6C99562-392E-4D04-8AEB-853A2FCC1212}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BCBA5996-172B-464D-A5DA-C77F02049E28}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BCF6A850-1AFB-49C6-8C1A-B291D7819C21}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{C048400B-A891-43D9-8A0C-0262087FB57C}" = protocol=17 | dir=in | app=c:\program files (x86)\league of legends\game\league of legends.exe |
"{C2808D21-A4B5-4FBB-8F4F-75A4739FDF1B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{C2E96C87-8EB2-4676-8CBD-1E3CC69A1CAF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{CD4AF1CE-D58C-41F0-B60B-EF0DB1ABC863}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\air\lolclient.exe |
"{CE2C1889-DF70-436C-B024-B49CA12D0B5A}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{CEB98207-4056-42A9-A05A-B5FB09B37831}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CEF33104-615E-4061-AA38-B0D8E0AA29A2}" = protocol=58 | dir=in | app=system |
"{CFD6AB7C-8A5C-430C-B31D-557215153D53}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{D16A034A-4371-4405-A3E7-7D6CC58063B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{D244C177-8C3E-4B51-8047-18305C23D17D}" = protocol=6 | dir=in | app=c:\program files (x86)\league of legends\lol.launcher.exe |
"{D37A72F8-81FF-4F94-87CB-B3FF016D419A}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DAF5BF3A-9E8D-4C59-A6F3-C9DEE5180C5C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DB807868-84BB-4A52-BE61-3DCA4B4A99E4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{DE5B6C1A-5807-45E1-9EA8-E22ACC471624}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{E07D1E99-0F95-413D-B083-8928AFF49FD7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rift\riftpatchlive.exe |
"{E2EFCC1A-C27E-4CAF-9464-67BB93298D04}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{E6111E12-DB45-4D2D-8597-D847C2ABBC4D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{E71D5D8B-7E74-4855-858C-61CEED8CBDB0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{E8567D3F-6460-4854-B99B-E8145B18A2F8}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E88DF666-0688-43B2-B31B-01DAE59E42FD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E8E0574D-2CAB-4CF0-9244-1691646E42A9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{ECF3BF60-34EB-45CE-86A2-9E5BAA5207BD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F209D34B-A4AE-4FD2-A335-DDE0CB72F20B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rift\riftpatchlive.exe |
"{F2F5A384-8A4C-4764-A182-795C0C0C929B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F3A8E467-EA58-4B94-A0F6-4059299290BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{F59B88B8-D7AB-424F-8055-A21866C13DCA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F7991CD3-25BE-440C-9950-0DA47F5524F3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{FA528623-07FF-4475-8923-8441569CA795}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{FD6D77B2-2A7A-4206-A1C0-47153B1289DF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{FFACEB47-071F-4E91-B74B-F576F3921E72}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{6EC38A2A-A71D-4CD9-8D39-031FC22F238C}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{73AAE93B-368C-4FD2-97AE-666091B4405B}C:\users\m0\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\m0\appdata\roaming\spotify\spotify.exe |
"TCP Query User{C32541E6-2A78-4222-BD27-1AE433FFA270}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{591FA81A-57C1-4DE4-85A5-1F23770E477D}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{A15A3BBD-3172-45F8-930C-1F86B2578F71}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{CEF5F955-9802-4F8D-A5A6-02F343275D2F}C:\users\m0\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\m0\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0031FC73-643E-19DB-0A34-F7FF70B2F1E7}" = ccc-utility64
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{401E03EC-1644-1B0A-B8D3-C40477ADCEC4}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6681A016-C62A-DD7B-7F56-25B1A55CE12A}" = AMD Media Foundation Decoders
"{72DECC0F-58E0-0618-C857-43B4D3DB7B75}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C6B8BF9C-A28E-0219-4E93-DF7925DEA793}" = ccc-utility64
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{106F1DCB-F20C-A6B9-A130-4664B9A0F708}" = Catalyst Control Center Graphics Previews Vista
"{13557DA4-3AB0-DB9B-B746-1BE901DEC60D}" = Catalyst Control Center
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{167E3C11-FB97-F320-DC34-73A6C5F50E88}" = CCC Help German
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA2AC5F-2B16-A21B-E46D-AE14F5A3E8DB}" = CCC Help Czech
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{29787541-F210-AD16-5B75-AC7CC0968472}" = CCC Help Hungarian
"{299BE3A5-6281-482F-5CB0-BBFE939E5E4F}" = CCC Help English
"{2B3DFAE1-AA77-4901-C4AB-6616D6B1E3DD}" = CCC Help Swedish
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{34962E5E-FAC1-D8DF-7070-AA2B58971E31}" = Catalyst Control Center Graphics Previews Common
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C15B204-0CAF-DADE-1B5B-B5759AE296E9}" = CCC Help Dutch
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EBDD093-09D3-E08C-61DD-B0FF37CF69F7}" = CCC Help Russian
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41894DC2-C8F4-F60A-9518-076D35EF4929}" = Catalyst Control Center InstallProxy
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4314A52E-9094-B391-137E-CEA1536F7484}" = CCC Help Spanish
"{45B612A4-253E-6634-AD5C-42249E420D57}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{641CD0A3-8B54-37CA-ED94-2C1798D69D6F}" = Catalyst Control Center Core Implementation
"{65CCD116-79BD-84B0-C3C3-C6B31BC0D572}" = CCC Help Polish
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7D5BAF1B-68D7-58D9-29E2-85984483450A}" = CCC Help Norwegian
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7ED42F7A-7F2F-C401-4A91-7F4EB0EF5C10}" = CCC Help Turkish
"{818F867D-1764-9A66-0D8E-33C485380390}" = Catalyst Control Center Graphics Full New
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8843048B-2293-26DE-7941-4903008191C9}" = Catalyst Control Center Graphics Full Existing
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97CC5CA6-F18E-9630-7E19-CC161A65376D}" = CCC Help Greek
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"{9FD13268-D5D9-DCBD-C5F7-8B1B1D52B36C}" = CCC Help Korean
"{9FF20193-B992-17A0-DB1E-8865399EE534}" = ccc-core-static
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A94C1B62-1FE3-2725-EEC5-F24C1016C650}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BB34F0B3-8CDD-873A-4DB6-3CA826243680}" = CCC Help Chinese Traditional
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C8637C61-3CC5-2D59-3D6D-B5F180F001AB}" = Catalyst Control Center Graphics Light
"{D20FA72C-492D-B478-10BF-4BA756560BA9}" = CCC Help Thai
"{D3A3F5C5-E95B-456D-952B-DDEC3AF68319}_is1" = Metaboli Player
"{D450F41E-2705-36D6-D423-AEA1058D4095}" = Catalyst Control Center Localization All
"{D619FD79-6AE6-18D1-48B9-B03030D2B0D0}" = Skins
"{DAABB60F-D2CB-ADC0-6FA7-8B2BB0A78CDA}" = Catalyst Control Center InstallProxy
"{DE2A98B9-D5F8-F508-750E-5AFDC2492D40}" = CCC Help Danish
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E07AE041-06B3-64A7-3C79-A0F8DDE76BB8}" = CCC Help Portuguese
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E19B61A8-F114-7A00-9DF4-18E5BA7A31AA}" = CCC Help French
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED498060-2CB2-5288-23D4-19DFAFF3F1DB}" = CCC Help Italian
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{EFABB945-0D32-C208-897A-F611F63A19D4}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBD5D039-FE03-910E-C9E5-3F98B6A6BAB6}" = CCC Help Japanese
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9F797D-1C39-1E96-7030-F5A36A6402C6}" = CCC Help Finnish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Dell Dock" = Dell Dock
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX-Setup
"DMX5_is1" = DriverMax 5
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Guild Wars 2" = Guild Wars 2
"hon" = Heroes of Newerth
"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Miranda IM" = Miranda IM 0.9.17
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Origin" = Origin
"PartyPoker" = PartyPoker
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"PokerStars.net" = PokerStars.net
"PunkBusterSvc" = PunkBuster Services
"Steam App 214560" = Mark of the Ninja
"Steam App 240" = Counter-Strike: Source
"Steam App 39120" = RIFT
"Steam App 40300" = Risen
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 49520" = Borderlands 2
"Steam App 55100" = HOMEFRONT
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-873282114-2901205279-3470080578-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.12.2012 09:24:06 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 30.12.2012 18:39:35 | Computer Name = m0-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 30.12.2012 18:40:23 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 01.01.2013 13:49:14 | Computer Name = m0-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.01.2013 13:50:01 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 04.01.2013 18:32:26 | Computer Name = m0-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.01.2013 18:33:15 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 06.01.2013 11:06:20 | Computer Name = m0-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 06.01.2013 11:07:10 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 08.01.2013 16:57:49 | Computer Name = m0-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 08.01.2013 16:58:29 | Computer Name = m0-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
[ System Events ]
Error - 21.01.2013 13:08:37 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 21.01.2013 13:08:45 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 22.01.2013 11:45:24 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 22.01.2013 11:45:33 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 23.01.2013 13:08:12 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 23.01.2013 13:08:22 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 23.01.2013 13:35:12 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 23.01.2013 13:35:24 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 24.01.2013 13:49:30 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 24.01.2013 13:49:38 | Computer Name = m0-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
< End of report >
|
|
24.01.2013, 21:34
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsplatz öffnet sich einfach automatisch Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
25.01.2013, 18:08
| #5 |
| | Arbeitsplatz öffnet sich einfach automatisch 1. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.25.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
m0 :: M0-PC [administrator]
25.01.2013 18:51:57
mbar-log-2013-01-25 (18-51-57).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29049
Time elapsed: 9 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 4
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} (Trojan.Zaccess) -> Delete on reboot.
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} (Trojan.Zaccess) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1} (Trojan.Zaccess) -> Delete on reboot.
Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32| (Trojan.Zaccess) -> Data: C:\Users\m0\AppData\Local\{bb09ef47-aa30-43e2-e1ea-842bc72bd87d}\n. -> Delete on reboot.
Registry Data Items Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32| (Trojan.Zaccess) -> Bad: (C:\Users\m0\AppData\Local\{bb09ef47-aa30-43e2-e1ea-842bc72bd87d}\n.) Good: (%SystemRoot%\system32\shdocvw.dll) -> Delete on reboot.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.25.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
m0 :: M0-PC [administrator]
25.01.2013 19:06:13
mbar-log-2013-01-25 (19-06-13).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29060
Time elapsed: 10 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
26.01.2013, 18:25
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsplatz öffnet sich einfach automatisch Du hast ein Rootkit (ZeroAccess) im System  Machst du Onlinebanking? Wenn ja willst du dann wirklich bereinigen? 
__________________ --> Arbeitsplatz öffnet sich einfach automatisch |
|
26.01.2013, 19:17
| #7 |
| | Arbeitsplatz öffnet sich einfach automatisch Hi, nein - Onlinebanking wird damit nicht betrieben. Bekommt man das richtig entfernt oder empfiehlst du eher die Neuaufsetzung des Systems? |
|
26.01.2013, 21:08
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsplatz öffnet sich einfach automatisch Besser wäre Neuinstallation aber wenn du unbedingt willst können wir eine Bereinigung probieren
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
26.01.2013, 21:22
| #9 |
| | Arbeitsplatz öffnet sich einfach automatisch Ich werde das System dann wohl lieber morgen neu aufsetzen |
|
26.01.2013, 22:13
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsplatz öffnet sich einfach automatisch Ok  ich poste dann nochmal das hier falls du noch Daten sichern musst:Zum Thema Datensicherung von infizierten Systemen; mach das über ne Live-CD wie Knoppix, Ubuntu (zweiter Link in meiner Signatur) oder über PartedMagic. Grund: Bei einem Live-System sind keine Schädlinge des infizierten Windows-Systems aktiv, damit ist dann auch eine negative Beeinflussung des Backups durch Schädlinge ausgeschlossen. Du brauchst natürlich auch ein Sicherungsmedium, am besten dürfte eine externe Platte sein. Sofern du nicht allzuviel sichern musst, kann auch ein USB-Stick ausreichen. Hier eine kurze Anleitung zu PartedMagic, funktioniert prinzipiell so aber fast genauso mit allen anderen Live-Systemen auch.
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
28.01.2013, 13:14
| #11 |
| | Arbeitsplatz öffnet sich einfach automatisch Hallo, habe die Daten dementsprechend gesichert und auch das System neu aufgesetzt. Rennt wie 'ne eins. Allerdings besteht das Arbeitsplatz Problem immer noch, öffnet sich sporadisch und wirft mich dann immer sofort auf den Desktop zurück. Habe mal mit Hilfe des Fixes von Microsoft die Windows Taste deaktiert, das führte allerdings nicht gerade zum krönenden Erfolgt. Kann das System in dem Fall immer noch verseucht sein, oder is das was anderes? |
|
28.01.2013, 13:26
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsplatz öffnet sich einfach automatisch Wird wohl was anderes sein. Mach für dieses Problem bitte einen neuen Strang in unserer Windows-Ecke auf. Schädlinge kann man jetzt auschließen, da du alles neu installiert hast
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
| Themen zu Arbeitsplatz öffnet sich einfach automatisch |
| anti, anti vir, arbeitsplatz, automatisch, bereits, einfach, google, hallo zusammen, heute, konnte, langsam, malware, meldung, nerve, neuste, rechner, seltsamer, start, start von windows, surfe, surfen, tastatur, taste, windows, zusammen, öffnet |
