#1 31. März 2011 Hallo, ich hab ein ein Problem mit dem Instlalieren von Datein, die ich aus dem Internet geladen hab (speziell Open Office). Fehlermeldung: "NSIS Error Installer intergrity check has failed. Common causes include incomplete download and damaged media. Contact the installer's author to obtain a new copy." Ein neu Installieren des NSIS Programm war nicht erfolgreich. Ebenfalls hab ich die Datei von 2 verschiedenen Anbeitern herunter geladen (openoffice.org und chip.de). Bei beiden Datein kam die Fehlermeldung. Raid-Rush und Google lieferten mir keine Konkreten Hinweise zu Behebung meines Problems. Ein Virenscan hat nichts gefunden und ein Deaktivieren von avira antivir (hab ich in einem Forum gelesen) war auch Erfolglos... Ich bin mit meinem Computerkenntnissen am Ende und hoffe das ihr mir helfen könnt. Mein System: Betriebsystemname Microsoft Windows 7 Home Premium Version 6.1.7600 Build 7600 Weitere Betriebsystembeschreibung Nicht verfügbar Betriebsystemhersteller Microsoft Corporation Systemhersteller FUJITSU SIEMENS Systemmodell MS-7379VP Systemtyp X86-basierter PC Prozessor Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz, 2403 MHz, 4 Kern(e), 4 logische(r) Prozessor(en) BIOS-Version/-Datum American Megatrends Inc. V9.0S, 18.07.2008 SMBIOS-Version 2.5 Startgerät \Device\HarddiskVolume2 Gebietsschema Deutschland Hardwareabstraktionsebene Version = "6.1.7600.16385" Bitte keine sinnlosen Antworten wie "google doch einfach mal" Links zu irgendwelchen Foren oder sonstige Antworten die mir nichts bringen posten. Ich bin schon bisschen angefressen und wollte es eigentlichen vermeiden mir hier Hilfe zu holen. Vielen Dank schonmal im vorraus + Multi-Zitat Zitieren
#2 31. März 2011 AW: NSIS Error Hi, hört sich ja interessant an . Was meinst du damit: Was genau hast du neuinstalliert? Den Windowsinstaller? Hast du auch schon mal versucht Avira während dem Download auszumachen? Cache gelöscht? Welcher Browser? Windows Sp1 drauf? Ansonsten is ein HJT Log immer hilfreich um eventuell "Thirdparty" Störer auszuschließen. http://www.trendmicro.com/ftp/products/hijackthis/beta/HijackThis.msi Log posten. + Multi-Zitat Zitieren
#3 31. März 2011 AW: NSIS Error NSIS hab ich neu geladen und installiert, ohne Erfolg. "Hast du auch schon mal versucht Avira während dem Download auszumachen?" Ja, brachte nichts. "Cache gelöscht?" Ja "Welcher Browser?" Firefox Weiß leider nicht was Thirdpartystörer ist. Aber hier der Log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:52:00, on 31.03.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\ICQ7.4\ICQ.exe C:\program files\avira\antivir desktop\avcenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll R3 - URLSearchHook: (no name) - - (no file) O1 - Hosts: ::1 localhost O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file) O2 - BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files\DIALux\DLXShellExtension.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: softonic-de3 - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file) O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (file missing) O3 - Toolbar: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe" O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Net Agent] "C:\Program Files\DAEMON Tools Net\DTAgent.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DTNetService - DT Soft Ltd - C:\Program Files\DAEMON Tools Net\DTNetSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe O23 - Service: lxdu_device - - C:\Windows\system32\lxducoms.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 9891 bytes + Multi-Zitat Zitieren
#4 1. April 2011 AW: NSIS Error Mhm, kürzlich Antivirensoftware gewechselt? Windows Sp1 installieren, ich hab weiß nicht obs drauf ist, hab jetzt keine Lust das aus dem Build rauszugooglen . Dann solltest du nochmal einen Scan mit OTL durchführen, Log bitte wieder hier posten. http://oldtimer.geekstogo.com/OTL.exe Ich kann das Problem im Moment leider auch noch nicht konkretisieren, mal sehen ob wir so weiter kommen Edith mein nach einiger Recherche das, dass eigentlich alles sein könnte..., deswegen kommen wir wohl wenn, dann nur so weiter. + Multi-Zitat Zitieren
#5 5. April 2011 Zuletzt von einem Moderator bearbeitet: 15. April 2017 AW: NSIS Error service pack 1 installiert. Problem besteht weiterhin.... Der Scan mit OTL: OTL logfile created on: 05.04.2011 17:07:35 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Tobihasi\Desktop\Download Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 197,10 Gb Total Space | 55,27 Gb Free Space | 28,04% Space Free | Partition Type: NTFS Drive D: | 596,16 Gb Total Space | 523,24 Gb Free Space | 87,77% Space Free | Partition Type: NTFS Drive E: | 390,28 Gb Total Space | 390,17 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Computer Name: TOBIHASI-PC | User Name: Tobihasi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.04.05 17:07:31 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobihasi\Desktop\Download\OTL(2).exe PRC - [2011.03.31 23:20:31 | 000,119,608 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.4\ICQ.exe PRC - [2011.03.24 18:29:46 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.11.20 04:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.09.08 10:09:02 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- C:\Riot Games\League of Legends\air\LolClient.exe PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.05.05 01:34:58 | 000,421,888 | ---- | M] (Solid State Networks) -- C:\Riot Games\League of Legends\lol.launcher.exe PRC - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.08.05 20:57:24 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.04.30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008.08.04 01:02:20 | 000,036,352 | ---- | M] () -- C:\Programme\Winamp\winampa.exe PRC - [2008.07.03 11:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.05.30 03:04:45 | 000,676,520 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumon.exe PRC - [2008.05.30 03:04:41 | 000,025,256 | ---- | M] () -- C:\Programme\Lexmark 5600-6600 Series\lxdumsdmon.exe PRC - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxducoms.exe PRC - [2008.04.25 14:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe ========== Modules (SafeList) ========== MOD - [2011.04.05 17:07:31 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobihasi\Desktop\Download\OTL(2).exe MOD - [2010.11.20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.07.29 13:19:46 | 000,394,560 | ---- | M] (DT Soft Ltd) [Auto | Stopped] -- C:\Programme\DAEMON Tools Net\DTNetSrv.exe -- (DTNetService) SRV - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.08.05 20:57:24 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.04.30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.12.28 21:17:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device) SRV - [2008.05.24 02:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService) SRV - [2008.04.25 14:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2007.11.06 22:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2006.12.14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) ========== Driver Services (SafeList) ========== DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 01:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.09.15 09:28:20 | 000,201,280 | ---- | M] (Disc-Soft) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtcdrom.sys -- (dtcdrom) DRV - [2010.09.15 09:22:57 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.01.26 00:55:25 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010.01.26 00:55:25 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2009.12.07 18:43:27 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009.07.07 11:42:14 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.07.07 11:42:14 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.06.10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.30 22:56:32 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928) DRV - [2009.04.30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008.05.02 13:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.04.03 14:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID) DRV - [2008.01.18 06:43:16 | 000,016,128 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lycosa.sys -- (LycoFltr) DRV - [2007.11.08 01:52:10 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RxFilter.sys -- (RxFilter) DRV - [2007.11.06 22:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2007.07.03 17:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007.07.03 17:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007.07.03 17:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = board. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://board.raidrush.ws/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.2.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.29 23:22:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 18:29:46 | 000,000,000 | ---D | M] [2010.01.06 19:20:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Extensions [2011.04.05 15:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions [2010.09.09 20:57:01 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010.04.28 09:23:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.31 23:21:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.29 23:21:08 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011.03.29 23:21:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.01.08 18:14:25 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8} [2011.03.29 23:21:08 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\engine@conduit.com [2010.05.15 18:53:01 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Users\Tobihasi\AppData\Roaming\mozilla\Firefox\Profiles\1cm4i8m2.default\extensions\searchrecs@veoh.com [2011.04.04 08:55:16 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-1.xml [2009.12.18 17:38:12 | 000,000,961 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-10.xml [2010.01.06 19:49:02 | 000,000,961 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-11.xml [2010.01.23 15:46:57 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-12.xml [2010.03.24 07:46:37 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-13.xml [2010.04.02 19:12:27 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-14.xml [2010.06.25 00:05:23 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-15.xml [2010.06.27 18:43:35 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-16.xml [2010.07.21 15:54:18 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-17.xml [2010.07.25 20:00:40 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-18.xml [2010.09.08 18:52:52 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-19.xml [2009.04.24 16:13:57 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-2.xml [2010.09.16 12:02:21 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-20.xml [2010.09.16 12:25:30 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-21.xml [2010.10.28 21:50:34 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-22.xml [2010.12.11 01:56:49 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-23.xml [2011.03.03 15:41:45 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-24.xml [2011.03.05 20:16:17 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-25.xml [2011.03.24 18:29:56 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-26.xml [2011.03.31 23:21:28 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-27.xml [2009.04.30 18:08:50 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-3.xml [2009.06.13 18:44:10 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-4.xml [2009.07.22 23:10:31 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-5.xml [2009.08.05 09:08:13 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-6.xml [2009.09.13 07:15:43 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-7.xml [2009.10.28 21:58:00 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-8.xml [2009.11.13 21:48:51 | 000,000,950 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin-9.xml [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\icqplugin.xml [2008.09.23 09:31:50 | 000,001,196 | ---- | M] () -- C:\Users\Tobihasi\AppData\Roaming\Mozilla\Firefox\Profiles\1cm4i8m2.default\searchplugins\winamp-search.xml [2011.04.05 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.01.06 19:10:24 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.02.06 15:56:42 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{B13721C7-F507-4982-B2E5-502A71474FED} [2010.01.06 19:10:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2010.06.25 00:05:15 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.25 00:05:15 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.25 00:05:15 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.25 00:05:15 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.25 00:05:15 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.07.21 17:39:23 | 000,000,987 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DIALux 3.1 ULDBrowserHelper Class) - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Programme\DIALux\DLXShellExtension.dll (DIAL GmbH, Germany) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - File not found O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe () O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe () O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKCU..\Run: [DAEMON Tools Net Agent] C:\Program Files\DAEMON Tools Net\DTAgent.exe (DT Soft Ltd) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Users\Tobihasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Programme\DIALux\DLXToolBox.dll (DIAL GmbH, Germany) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4b90a9b1-f9f6-11de-ae25-001d92962224}\Shell - "" = AutoRun O33 - MountPoints2\{4b90a9b1-f9f6-11de-ae25-001d92962224}\Shell\AutoRun\command - "" = G:\NPSAI.exe O33 - MountPoints2\{d3bc4a09-4b05-11df-bfb1-001d92962224}\Shell - "" = AutoRun O33 - MountPoints2\{d3bc4a09-4b05-11df-bfb1-001d92962224}\Shell\AutoRun\command - "" = M:\autorun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AUTOSTARTER.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== Den ganzen Log gibts hier: http://rapidshare.com/files/456018161/OTL.Txt OTL hat über 10.000 Zeichen gebraucht und das ist zu groß für einen Beitrag in RR + Multi-Zitat Zitieren
#6 7. April 2011 AW: NSIS Error Besteht das Problem noch? Ich muss leider sagen, dass ich absolut keine Ahnung hab... Die Logs sind eigentlich sauber, zumindest ist nichts wirklich schädliches oder auffälliges drin. Das einzige das mir wirklich in beiden ins Augesticht ist, das du scheinbar Überreste von zwei verschiedenen Antivirenlösungen hast. Ich hab da schon das verrückteste erlebt. Ich kann dir jetzt echt nur noch irgendwelche Abgefertigungsantworten geben: 1. System zurück setzen 2. Antivir komplett deinstallieren 3. Registry säubern 4. Evtl. auch das SP deinstallieren (geht über Windowskomponeten in Systemsteuerung) hm? xD Gehts wirklich so einfach den "Kopierschutz" zu umgehen, oder welchen Sinn hat das? + Multi-Zitat Zitieren