Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.08.2010, 23:18   #1
deni9
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Hallo erst mal

Ich hab das gefühl das etwas meine Internet explorer oder Firefox blockiert.

es braucht bis zu 10sek, bis eine saite geladen wurde.

Habe auch Bittdefender laufen lassen keine virus meldung, und Spybot mal die maleware gelöscht.

ich selber komme nicht mehr weiter da ich zimlich ein anfänger bin. nur was mir aufgefallen ist im Log. das unten viele file missing steht.

könnt ihr bitte mein Logfile ansehen,
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:10, on 28.08.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\danijel\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\QuickHelp2\QuickHelp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2010\antispam32\bdimguiaux.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\*****\Desktop\HiJackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://w*w.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] "C:\Program Files (x86)\QuickHelp2\QuickHelp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\danijel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: NETGEAR WN111v2 Setup-Assistent.lnk = C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - h**p://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - h**p://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - h**p://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_1/ActiveX/IfolorUploader_chkr.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - hxxp://w*w3.snapfish.ch/SnapfishActivia.cab
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - h**ps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - h**p://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - h**p://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - h**p://93.87.16.22/activex/AMC.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - h**p://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. h**://wWw.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 15780 bytes
         
--- --- ---

Alt 29.08.2010, 21:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Zitat:
und Spybot mal die maleware gelöscht.
Und was genau hats denn gelöscht?
__________________

__________________

Alt 30.08.2010, 13:41   #3
deni9
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Zitat:
Zitat von cosinus Beitrag anzeigen
Und was genau hats denn gelöscht?
Alles was mir spybot empfohlen hatt, denkst du ich hab da zuviel gelöscht.!
__________________

Alt 30.08.2010, 15:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Du musst schon schreiben was gelöscht wurde
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.08.2010, 18:02   #5
deni9
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



ok. jetzt hab ich hir mal den ersten bericht von Spybot: Fixes.



--- Report generated: 2010-03-20 19:44 ---

Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Einstellungen (Registrierungsdatenbank-Änderung, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Einstellungen (Registrierungsdatenbank-Änderung, fixed)
HKEY_USERS\S-1-5-21-3596129879-3677713911-3696476438-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

MediaPlex: Verfolgender Cookie (Internet Explorer: ***(Cookie, fixed)


Statcounter: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed)


Adviva: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed)


HitBox: Verfolgender Cookie (Internet Explorer: *****) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed)


FastClick: Verfolgender Cookie (Internet Explorer: ****) (Cookie, fixed)


BurstMedia: Verfolgender Cookie (Internet Explorer: *****) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Internet Explorer:***) (Cookie, fixed)


WebTrends live: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


DoubleClick: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


BlueStreak: Verfolgender Cookie (Internet Explorer:***) (Cookie, fixed)


Right Media: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


BurstMedia: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


HitBox: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Internet Explorer: ***) (Cookie, fixed)


Right Media: Verfolgender Cookie (Firefox: ***l (default)) (Cookie, fixed)


Right Media: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed)


BlueStreak: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed)


DoubleClick: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Firefox: ****(efault)) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Firefox: **** (default)) (Cookie, fixed)


WebTrends live: Verfolgender Cookie (Firefox:***l (default)) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Firefox: *** (default)) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


DoubleClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


HitBox: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


FastClick: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


HitsLink: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Zedo: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Statcounter: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Adviva: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


BlueStreak: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Adviva: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


Tradedoubler: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)


MediaPlex: Verfolgender Cookie (Chrome: Chrome) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-03-20 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-03-16 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-03-16 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-03-16 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-03-16 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-03-02 Includes\Malware.sbi (*)
2010-03-17 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-03-16 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-03-16 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-03-16 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi (*)
2010-03-16 Includes\TrojansC-02.sbi (*)
2010-03-16 Includes\TrojansC-03.sbi (*)
2010-03-16 Includes\TrojansC-04.sbi (*)
2010-03-17 Includes\TrojansC-05.sbi (*)
2010-03-16 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


Alt 30.08.2010, 18:04   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Das waren doch fast nur Cookies, völlig harmlos!
Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
--> IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,

Alt 30.08.2010, 21:25   #7
deni9
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4509

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

30.08.2010 20:09:00
mbam-log-2010-08-30 (20-09-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 388595
Laufzeit: 1 Stunde(n), 31 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


und OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.08.2010 20:50:51 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\******\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 64.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.53 Gb Total Space | 320.62 Gb Free Space | 55.23% Space Free | Partition Type: NTFS
Drive D: | 15.64 Gb Total Space | 2.14 Gb Free Space | 13.65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: *****-PC
Current User Name: ******
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\**\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\***\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\BitDefender\BitDefender 2010\Antispam32\bdimguiaux.exe (BitDefender S.R.L.)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\QuickHelp2\QuickHelp.exe (Motive Communications, Inc.)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\danijel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_53\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found
SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV:64bit: - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. hxxp://www.bitdefender.com)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (scan) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (jswpsapi) -- C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (BdfNdisf) -- C:\Windows\SysNative\DRIVERS\BdfNdisf6.sys (BitDefender LLC)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender)
DRV:64bit: - (BDFM) -- C:\Windows\SysNative\DRIVERS\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (WN111v2) -- C:\Windows\SysNative\DRIVERS\WN111v2x.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys (Atheros Communications, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation                                            )
DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\Drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (BDVEDISK) -- C:\Programme\BitDefender\BitDefender 2010\bdvedisk.sys (BitDefender)
DRV - (bdftdif) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
DRV - (PCD5SRVC{8AAF211B-043E02A9-05040000}) -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms (PC-Doctor, Inc.)
DRV - (MREMP50) -- C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS (Printing Communications Assoc., Inc. (PCAUSA))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.bluewin.ch"
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.0.1
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.2.3
FF - prefs.js..network.proxy.ftp: ":"
FF - prefs.js..network.proxy.gopher: ":"
FF - prefs.js..network.proxy.http: ":"
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ":"
FF - prefs.js..network.proxy.ssl: ":"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.08.06 21:06:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.28 22:11:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.28 22:11:40 | 000,000,000 | ---D | M]
 
[2009.03.18 22:39:10 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Extensions
[2010.08.30 17:55:11 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions
[2010.08.12 20:40:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.26 21:37:20 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2010.08.12 20:23:27 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2009.06.01 09:50:37 | 000,000,000 | ---D | M] -- C:\Users\danijel\AppData\Roaming\mozilla\Firefox\Profiles\2yg65t76.default\extensions\DTToolbar@toolbarnet.com
[2009.06.01 09:50:32 | 000,002,399 | ---- | M] () -- C:\Users\danijel\AppData\Roaming\Mozilla\FireFox\Profiles\2yg65t76.default\searchplugins\daemon-search.xml
[2010.08.30 17:55:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.04.16 21:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}
[2009.04.16 21:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{8545daff-ad1e-493f-a37e-eed1ac79682b}
[2008.11.11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe File not found
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft)
O4 - HKLM..\Run: [QuickHelp2_McciTrayApp] C:\Program Files (x86)\QuickHelp2\QuickHelp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [CubeDesktop]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_1/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www3.snapfish.ch/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://93.87.16.22/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2477ba61-4e80-11de-8aad-00248c20f873}\Shell - "" = AutoRun
O33 - MountPoints2\{2477ba61-4e80-11de-8aad-00248c20f873}\Shell\AutoRun\command - "" = J:\SETUP.EXE -- File not found
O33 - MountPoints2\{b2c771dc-0292-11df-8e9b-00248c20f873}\Shell\AutoRun\command - "" = L:\Menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.30 18:27:54 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Roaming\Malwarebytes
[2010.08.30 18:27:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.30 18:27:44 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.30 18:27:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.30 18:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.30 18:23:10 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\danijel\Desktop\OTL.exe
[2010.08.29 18:34:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\telnet.exe
[2010.08.28 22:46:01 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\HiJackThis
[2010.08.28 18:07:37 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\19E+13E Don@ - E2 - 14.08.2010
[2010.08.27 22:07:01 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\2K Games
[2010.08.27 21:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010.08.22 16:31:21 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Zoo
[2010.08.15 19:36:04 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Eminem Recovery (Deluxe Edition)
[2010.08.12 20:18:12 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\fast_video_download__with_searchmenu_-3.2.3-fx
[2010.08.11 21:33:29 | 000,000,000 | ---D | C] -- C:\Users\danijel\Desktop\Iphone videos
[2010.08.11 21:28:44 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\HandBrake
[2010.08.11 21:28:40 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Roaming\HandBrake
[2010.08.11 21:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Handbrake
[2010.08.11 20:16:35 | 000,000,000 | ---D | C] -- C:\Users\danijel\AppData\Local\Geckofx
[2010.08.11 17:37:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 17:37:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.11 17:37:15 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.11 17:37:14 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 17:37:08 | 002,335,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.08.11 17:37:06 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010.08.11 17:37:06 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.08.11 17:37:06 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.08.11 17:37:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.08.11 17:37:06 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 17:37:06 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010.08.11 17:37:06 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.11 17:37:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.08.11 17:37:06 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010.08.11 17:37:05 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.08.11 17:37:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 17:37:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 17:37:05 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010.08.11 17:37:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.08.11 17:37:05 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010.08.11 17:37:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.08.11 17:37:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010.08.11 17:37:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.08.11 17:37:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010.08.11 17:37:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.08.11 17:37:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.11 17:37:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.07 12:55:17 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.07 12:55:14 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.07 12:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.30 20:50:25 | 004,456,448 | -HS- | M] () -- C:\Users\danijel\ntuser.dat
[2010.08.30 20:16:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.30 20:16:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.30 20:14:00 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.30 20:14:00 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.30 20:09:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596129879-3677713911-3696476438-1000UA.job
[2010.08.30 19:14:42 | 000,000,266 | ---- | M] () -- C:\Windows\system.ini
[2010.08.30 18:27:48 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 18:23:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\danijel\Desktop\OTL.exe
[2010.08.30 18:14:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.30 18:13:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.30 18:12:36 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv
[2010.08.30 18:12:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.08.30 18:12:29 | 000,524,288 | -HS- | M] () -- C:\Users\danijel\ntuser.dat{106f6a2b-344c-11df-87fb-00248c20f873}.TMContainer00000000000000000001.regtrans-ms
[2010.08.30 18:12:29 | 000,065,536 | -HS- | M] () -- C:\Users\danijel\ntuser.dat{106f6a2b-344c-11df-87fb-00248c20f873}.TM.blf
[2010.08.30 18:12:18 | 003,799,471 | -H-- | M] () -- C:\Users\danijel\AppData\Local\IconCache.db
[2010.08.30 17:16:08 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D6320D5-8AA7-448A-9B23-710690F541BD}.job
[2010.08.29 15:09:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3596129879-3677713911-3696476438-1000Core.job
[2010.08.28 23:19:04 | 000,000,607 | ---- | M] () -- C:\Users\danijel\Desktop\IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Trojaner-Board.url
[2010.08.28 11:31:14 | 000,045,568 | ---- | M] () -- C:\Users\danijel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.27 22:35:57 | 000,000,346 | ---- | M] () -- C:\Users\danijel\Desktop\Problemthread Mafia II - Seite 11 - ..Usenetrevolution...url
[2010.08.26 22:12:01 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.23 19:01:59 | 000,052,214 | ---- | M] () -- C:\Users\danijel\Desktop\Mirjanasisch (Automatisch gespeichert).docx
[2010.08.22 16:35:49 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.08.21 16:45:43 | 000,001,137 | ---- | M] () -- C:\Users\danijel\Desktop\CCcam.cfg
[2010.08.21 09:09:44 | 000,002,096 | ---- | M] () -- C:\Users\danijel\Desktop\Google Chrome.lnk
[2010.08.18 20:09:23 | 000,000,296 | ---- | M] () -- C:\Users\danijel\Desktop\Websaite für Sportübertragungen - dreambox.info - wir verbinden Dreambox Nutzer.url
[2010.08.12 21:26:58 | 000,416,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.11 21:28:37 | 000,000,860 | ---- | M] () -- C:\Users\danijel\Desktop\Handbrake.lnk
 
========== Files Created - No Company Name ==========
 
[2010.08.30 18:27:48 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.28 23:19:04 | 000,000,607 | ---- | C] () -- C:\Users\danijel\Desktop\IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Trojaner-Board.url
[2010.08.27 22:35:53 | 000,000,346 | ---- | C] () -- C:\Users\danijel\Desktop\Problemthread Mafia II - Seite 11 - ..Usenetrevolution...url
[2010.08.18 20:09:23 | 000,000,296 | ---- | C] () -- C:\Users\danijel\Desktop\Websaite für Sportübertragungen - dreambox.info - wir verbinden Dreambox Nutzer.url
[2010.08.11 21:28:37 | 000,000,860 | ---- | C] () -- C:\Users\danijel\Desktop\Handbrake.lnk
[2010.08.07 12:55:42 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.03.26 20:51:47 | 000,000,025 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\bdfvconp.ini
[2010.03.26 20:34:25 | 000,352,264 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistMSI0B37.txt
[2010.03.26 20:34:25 | 000,011,486 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistUI0B37.txt
[2010.03.26 20:34:13 | 000,430,476 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistMSI0B10.txt
[2010.03.26 20:34:13 | 000,011,374 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_vcredistUI0B10.txt
[2010.01.01 20:48:35 | 000,001,222 | ---- | C] () -- C:\Users\danijel\AppData\Local\03F67F67.il
[2010.01.01 20:48:35 | 000,000,280 | ---- | C] () -- C:\Users\danijel\AppData\Local\IndexIE_03F67F67.il
[2009.11.14 10:55:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.11.14 10:55:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.11.08 12:40:49 | 000,000,015 | ---- | C] () -- C:\Windows\SysWow64\asdrawim.ini
[2009.10.15 22:19:45 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009.09.22 21:07:40 | 000,004,096 | -H-- | C] () -- C:\Users\danijel\AppData\Local\keyfile3.drm
[2009.06.17 21:27:46 | 000,000,000 | ---- | C] () -- C:\ProgramData\leverage.drm.log
[2009.06.05 21:24:31 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
[2009.05.03 22:45:00 | 000,000,131 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\default.rss
[2009.05.03 15:49:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.04.17 22:42:26 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009.04.01 12:37:17 | 000,812,148 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_NET_Framework35_LangPack_MSI0C4A.txt
[2009.04.01 12:37:10 | 000,036,088 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009.04.01 12:37:07 | 000,001,604 | ---- | C] () -- C:\Users\danijel\AppData\Local\uxeventlog.txt
[2009.04.01 12:37:07 | 000,000,002 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_dotnetfx35error_lp.txt
[2009.04.01 12:37:05 | 000,076,490 | ---- | C] () -- C:\Users\danijel\AppData\Local\dd_dotnetfx35install_lp.txt
[2009.03.30 19:35:57 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.03.28 00:19:34 | 000,017,043 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\UserTile.png
[2009.03.25 23:45:09 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.03.23 22:31:16 | 000,045,568 | ---- | C] () -- C:\Users\danijel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.22 11:22:02 | 000,007,160 | ---- | C] () -- C:\Users\danijel\AppData\Local\d3d9caps.dat
[2009.03.21 15:52:18 | 000,000,652 | ---- | C] () -- C:\Users\danijel\AppData\Roaming\wklnhst.dat
[2009.03.14 22:34:53 | 001,626,960 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.01.27 17:45:07 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2009.01.27 17:45:07 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008.02.07 11:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.10.16 07:58:14 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\aspolyzt.dll
[2006.06.29 12:44:32 | 001,826,304 | ---- | C] () -- C:\Windows\SysWow64\asconv3d.dll
[2006.03.23 09:24:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\as_tree2.dll
[2005.07.06 11:59:58 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\asdrawli.dll
[2005.07.04 14:17:30 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\ASDRAWMA.DLL
[2004.08.17 16:34:52 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\AS_SORT.DLL
[2003.05.22 11:31:44 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\ASDRAW32.DLL
[2002.07.12 15:29:28 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AS_MDB32.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 973 bytes -> C:\Users\danijel\Desktop\1aHosting.ch - Technische Daten zum Account mdmedia.ch.eml:OECustomProperty
@Alternate Data Stream - 925 bytes -> C:\Users\danijel\Desktop\[#146352] einlogen auf FTp oder control panel  .eml:OECustomProperty
@Alternate Data Stream - 853 bytes -> C:\Users\danijel\Desktop\Besten Dank für Ihre Bestellung.eml:OECustomProperty
< End of report >
         
--- --- ---


Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = A1 9C 99 61 36 7B CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F2E8F3-A961-4B81-A5F9-D21E9902BB10}" = lport=138 | protocol=17 | dir=in | app=system |
"{0464CF28-525E-4A06-8CC8-5C2E1E03E170}" = rport=137 | protocol=17 | dir=out | app=system |
"{0D4B4315-4F49-4F80-AB53-61818A161199}" = rport=139 | protocol=6 | dir=out | app=system |
"{22A636B2-E221-4286-A943-866406F06789}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{233D42F9-BBAB-442F-B08C-426FD3D4E581}" = lport=139 | protocol=6 | dir=in | app=system |
"{32488D63-1CF1-43E9-8252-2912150B5F40}" = rport=445 | protocol=6 | dir=out | app=system |
"{3DE75F91-8CD6-43BE-A628-1258B5AE3215}" = lport=445 | protocol=6 | dir=in | app=system |
"{45C33AED-58C9-4198-B7BD-01B71F1FFAF7}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{4FE6F474-DEE1-4869-8914-FBAD762CD535}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{509C216C-BC13-4F00-9AE0-43600B011A09}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{53359306-6D47-4CDA-A73D-579C4CB099A3}" = lport=12238 | protocol=17 | dir=in | name=bitcomet 12238 udp |
"{811338A3-B8B2-4139-B749-8FF175D95735}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{85A9FE3A-45D4-4B24-A4EA-9ED3F494C367}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8B3BC178-32CA-4A68-A21E-4584B5275C53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B789F2B-8716-4C0D-8A8C-F1AF1C82D539}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8E1EEBF9-E6DE-4E05-8B49-25BBC8BDA040}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FB6C2E0-50EF-4BC0-ADF1-D3163D39638A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{937200F7-7C1A-4B76-BC90-45ADF7A9A3FC}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C31E28E8-D830-4CDB-933A-65831A51F8EF}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{C64DA018-C606-49E4-8680-1EAED9182473}" = lport=12238 | protocol=6 | dir=in | name=bitcomet 12238 tcp |
"{D633AB54-167E-4053-87DB-093813863ACD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D804C87B-FDE8-405C-9405-ED603CC45A15}" = rport=138 | protocol=17 | dir=out | app=system |
"{DE174FDE-9F4E-4E7B-9016-8F22119E4A77}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E58F2AB6-8F80-4F75-8B2A-D565F9C6996C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FC3E993F-EB3F-4403-8F11-EE8AB442CA9D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FC4A5A13-F3AD-48E8-84E4-30C9550661A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FE44A28F-96DD-4B8C-BD63-94661B745684}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00554A68-EF62-40F9-8324-196311B4316B}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{1DD8DAF4-B977-4CC0-ADC0-0992EC06326E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1F266FAB-1A6C-4F48-8F81-683198899228}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1F898823-5C84-4C9C-91CA-DD6101C1A818}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{26385C7F-D9B7-43A1-843A-0FD939855856}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2B77DF79-F1CF-4E3A-A097-2FD5FDD25733}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{316D7A1D-D660-4904-B62E-CC9C41D88518}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3377049A-1728-4139-8F4F-CB4FA1C15D31}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{33FCDAC0-19E5-4613-B8EE-CF87944F98FE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{3663605A-8645-41C7-88D7-F2841890CCE4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{3EE35B05-A8CF-4229-8573-C24480319427}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{40D90DCE-F69C-4A51-A6E5-5756A6AF5979}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{40D91720-DF70-4D09-B2A4-908DB1983331}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4164527C-88A6-4C6D-BF26-372718F4B9B8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{4ADF9C16-28FE-445C-8A28-482B8E6ADE11}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{4DD96368-EB85-4EC9-9E8E-FD0DF6A577E7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{527210C4-56B7-48C6-BB84-E2A8FA34D791}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{53C06F27-2D65-4550-BB53-4ED9FC0A15FF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{56E8113D-7B3C-4F28-AB15-28279713FB91}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{58F30875-95CE-4A13-A79B-484CB8349F8A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{5A89CD26-98ED-4A29-93E0-64AC0D95AA71}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6387254A-AC09-4AC8-9708-5092B35D8343}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6A72E79D-CB25-4688-910E-8BC123EC35BC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{6D5B76AF-F9B4-46A2-B3DC-5FB256B0C16B}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6FB35625-2E60-4914-9676-455EBF967EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{72C52872-A304-49ED-A5EF-1456E859594D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{733CB5DE-C814-48CA-A8B5-12A27F22179A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A0D340A-404D-4C10-9026-BF7B98668901}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7DFEFFFD-D2F5-4812-A47C-3CD690FD2E74}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\heroes in the sky\his.exe |
"{7F97B64B-E281-4CAE-BD7E-EBC137C30BBD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |
"{7FB55A1B-82FC-4269-B231-65154F8A3FF8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{81DAEFB0-CED4-4B4D-8EDC-3C6F237FAD10}" = protocol=17 | dir=in | app=c:\windows\temp\cablecom_installer.exe |
"{83B09E3F-DDA9-4C40-9EEB-752CF20FAD84}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{853872A6-01DB-41EC-BF67-C95A096D2A42}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{866B3611-5BEE-4EFE-8D8A-B4DE0016B43E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{8916826A-EF86-484C-AFA5-3F3C41D91BFC}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\heroes in the sky\his.exe |
"{8DC33A91-B7B6-4B87-9FF9-AC0504CFF058}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{90887AA8-808A-4211-9416-1DF9CA58D9F5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{919325CA-64E9-41AC-94C8-B3952E1DDA61}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{93AA0B34-2074-415C-A4E6-A643EA7DBCE1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{9E1EFFFC-00DF-439F-89AF-BE6B703F1E91}" = protocol=6 | dir=in | app=c:\windows\temp\cablecom_installer.exe |
"{A0B14BFF-1B14-47B2-A427-B479B657EFA3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A4D224A3-F266-4F45-8334-08707C91D080}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A4E19757-E49B-4395-AE29-5928C15CBCF7}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{A97CBF72-EEE1-4C7B-ABAA-E55A66A6C114}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AE82C85B-C0A2-4D8F-A8C8-1C6FF8827155}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BFF9F1EB-E2E6-4290-89C4-AC1422A4728E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{C0FE75F3-CD27-47D5-9FBB-6479BA6E6F36}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{C17944D6-3F00-436C-82CB-B2F044714710}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DA4663DF-FCC0-40D5-A5C5-6C568575F57F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DB5187FA-3735-4276-B156-D818877D0D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DD580B3C-29D9-4A77-A8D1-45E51C35CFF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{E5886BFD-372D-4466-95BE-E8D722C61256}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EB181D22-9FDE-497F-AA17-07CD4327C177}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EB5A02CD-805D-4F6B-B9BD-88FDFBC5D2AB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{EDE52EF5-E030-4F48-965C-87B7647A4E07}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F5F21D0C-E838-47D8-8D4D-FF1CA3DE00F1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FBFFD5A5-4D0E-4EF7-84C1-11F630E9CAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FFAD39A7-B610-4611-AF65-992E65B931E4}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"TCP Query User{39929532-5EE3-479A-B4E0-1E225469867A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{D46ECFB4-9F17-4836-A40D-2475D340FA0C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88EB92AB-ABD3-E13C-3AEE-B7518354B55A}" = ATI Catalyst Install Manager
"{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A149E33D-74B9-4033-9B53-A5DE82864850}" = BitDefender Internet Security 2010
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"OfficeTrial" = Testversion von Microsoft Office Home and Student 2007
"PC-Doctor for Windows" = Hardware Diagnose Tools

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EA5D881-A648-B489-F113-3A7D99EC936F}" = Catalyst Control Center InstallProxy
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{44BC30A3-B5F1-4CAF-8B06-BB7D26991FDC}" = Falk Navi-Manager
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DA6A5F7-96AA-417B-AE77-9EB531236F80}" = cablecom Starten
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{704B9286-2D14-41C2-AF38-C5674465A6E3}" = cablecom Kundencenter
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8ecbef82-fdf0-4a47-803d-9aedab7cd800}" = Nero 9 Trial
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{97099A77-2CD0-4C2C-8931-7F0B73CFE0FA}" = SoftMCE Encoder
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCE2F68-FAFC-4826-9951-E38232406CDF}" = Falk Navi-Manager
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCFFA267-43EE-163C-C892-799C2037BECB}" = Catalyst Control Center InstallProxy
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light
"{EB2340D4-21DF-54B3-4C52-6C4F4B19F46D}" = ccc-core-static
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F1D2C6EA-3382-440C-BBEC-8A2B18CAB1DF}" = Registry Optimierer 2.0
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F868BD32-1CD0-42A8-A813-A53CEA8882CD}" = Falk Navi-Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Alt.Binz" = Alt.Binz 0.25.0
"Any Video Converter_is1" = Any Video Converter 2.7.5
"AviSynth" = AviSynth 2.5
"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.20
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"AVS4YOU Video ReMaker_is1" = AVS Video ReMaker 2.4
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"bwin Poker_is1" = bwin Poker
"cablecom Kundencenter" = cablecom Kundencenter
"cablecom Starten" = cablecom Starten
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileZilla Client" = FileZilla Client 3.2.2.1
"HaaliMkx" = Haali Media Splitter
"Handbrake" = Handbrake 0.9.4
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26268)
"HijackThis" = HijackThis 2.0.2
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"IsoBuster_is1" = IsoBuster 2.7
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Net TV Plus Player" = Net TV Plus Player 1.81
"nettvplayer2.0" = nettvplayer2.0
"Notepad++" = Notepad++
"Nvu_is1" = Nvu 1.0
"Quick Help 2.1" = Quick Help 2.1
"QuickPar" = QuickPar 0.9
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Sweet Home 3D_is1" = Sweet Home 3D version 2.0
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.3
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Geändert von deni9 (30.08.2010 um 21:32 Uhr)

Alt 30.08.2010, 21:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



Ist unauffällig.
Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.08.2010, 21:37   #9
deni9
 
IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Standard

IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,



ich wollte den beitrag editiren, aber erst nach par mal F5 drucken wurde es übernohmen.
die saite braucht sehr lange zum laden.

ob wohl bei mir alles mit dem adsl stimmt.

Antwort

Themen zu IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,
0 bytes, adobe, bho, bonjour, browser, cdburnerxp, defender, desktop, explorer, firefox, google, hijack, hijackthis, internet, internet explorer, logfile, maleware, netgear, object, rundll, safer networking, security, senden, software, symantec, syswow64, virus, virus meldung, vista, windows



Ähnliche Themen: IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,


  1. Seiten brauchen lange zum Laden, Programme melden keine Verbindung, PC etwas langsam
    Plagegeister aller Art und deren Bekämpfung - 12.09.2015 (18)
  2. Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild
    Log-Analyse und Auswertung - 08.09.2015 (18)
  3. svchost.exe(netsvcs) und Firefox brauchen nahezu 100% CPU, und belegen sämtlichen freien Arbeitsspeicher
    Log-Analyse und Auswertung - 21.11.2014 (7)
  4. Firefox und Thunderbird brauchen 2 Minuten zum starten, keine Internetverbindung trotz WLAN-Empfang
    Log-Analyse und Auswertung - 28.08.2014 (3)
  5. Windows7 : sämtliche Browser brauchen sehr lange um eine seite aufzubauen
    Log-Analyse und Auswertung - 31.03.2014 (11)
  6. PWS:Win32/Zbot.gen!AJ schon gelöscht oder versteckt er sich noch?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (9)
  7. Programme brauchen lange zum starten
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (27)
  8. Lange ladezeit bei firefox, opera & ie
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (1)
  9. Spyware.zbot von malwarebytes gefunden und angeblich entfernt - bin ich sicher oder versteckt es sich nur?
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (5)
  10. Trojaner oder so etwas . Help .
    Plagegeister aller Art und deren Bekämpfung - 27.05.2011 (25)
  11. Dateien brauchen lange um zu starten
    Plagegeister aller Art und deren Bekämpfung - 20.02.2011 (1)
  12. Firefox braucht ewig lange zum Öffnen von Seiten
    Log-Analyse und Auswertung - 14.12.2010 (6)
  13. Exe Dateien brauchen lange zum Starten
    Log-Analyse und Auswertung - 01.06.2009 (3)
  14. Irgend etwas auffällig?
    Mülltonne - 25.06.2008 (0)
  15. programme brauchen lange zum laden oder bleiben hängen
    Plagegeister aller Art und deren Bekämpfung - 23.06.2008 (3)
  16. Trojanerverdacht bei expolrer!
    Log-Analyse und Auswertung - 06.03.2008 (8)
  17. programme brauchen sehr lange zum öffnen und schliessen!
    Log-Analyse und Auswertung - 02.06.2006 (3)

Zum Thema IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, - Hallo erst mal Ich hab das gefühl das etwas meine Internet explorer oder Firefox blockiert. es braucht bis zu 10sek, bis eine saite geladen wurde. Habe auch Bittdefender laufen lassen - IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt,...
Archiv
Du betrachtest: IE expolrer oder Firefox , brauchen lange, irgend etwas ist da versteckt, auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.