| |
| |||||||
Log-Analyse und Auswertung: Unbekannte Fehlerquelle , VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.06.2011, 19:06
| #1 |
 |  Unbekannte Fehlerquelle , Virus Hallo , Ich habe folgendes Problem : Meine Browser spielen oft verrückt und Chrome den ich am meisten nutze funktioniert manchmal garnicht mehr. Im Moment funktioniert er überhaupt nicht mehr (icq geht immer)da hab ich Google um rate gefragt und alles ausprobiert nichts hat geholfen auch habe ich alles nach Malware durchsucht 2-3 Sachen wurden gefunden und escan gibt noch folgende Probleme : Objekt "Backdoor (IRCBot) Trojans Spyware/Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen. Objekt "AntiSpyware Pro XP Corrupted Adware/Spyware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen. Objekt "XP AntiMalware Spyware/Adware" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen. Objekt "Orifice2K.plugin Trojan" im Dateisystem gefunden! Maßnahme ergriffen: Keine Maßnahme ergriffen. Habe auch einen Hijackthis Bericht : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:53:09, on 10.06.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\ICQ7.5\ICQ.exe C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANToManager.exe C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_ActiveX.exe C:\totalcmd\TOTALCMD.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\David\Desktop\HiJackThis204.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=www.youtube.de R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4 O4 - Startup: FRITZ!DSL Startcenter.lnk = ? O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: FRITZ!DSL Protect.lnk = C:\Program Files\FRITZ!DSL\FwebProt.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Broken Internet access because of LSP provider '%programfiles%\fritz!dsl\\sarah.dll' missing O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) Extreme Tuning Utility (XTUService) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe -- End of file - 13334 bytes Bitte bitte ich brauche Hilfe , Ich würde mich riesieg über welche freuen ich weiß nicht mehr weiter  |
|
11.06.2011, 00:13
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Unbekannte Fehlerquelle , Virus Bitte beachten => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html
__________________ |
|
11.06.2011, 10:55
| #3 |
| | Unbekannte Fehlerquelle , Virus Danke, dann ergänz ich das mal hier :
__________________Defogger : defogger_disable by jpshortstuff (23.02.10.1) Log created at 11:39 on 11/06/2011 (David) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.06.2011 11:42:28 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 4,26 Gb Available Physical Memory | 71,20% Memory free 11,98 Gb Paging File | 10,21 Gb Available in Paging File | 85,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,05 Gb Total Space | 30,38 Gb Free Space | 20,38% Space Free | Partition Type: NTFS Drive D: | 7,73 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive R: | 1862,92 Gb Total Space | 1497,69 Gb Free Space | 80,39% Space Free | Partition Type: NTFS Computer Name: DAVE | User Name: David | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.11 11:36:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe PRC - [2011.05.29 12:16:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.05.16 14:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011.05.13 11:11:03 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.02.24 15:36:15 | 000,423,232 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PRC - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.12.16 19:19:34 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2010.09.16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2010.09.10 17:39:50 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe PRC - [2010.02.19 16:15:52 | 000,022,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe ========== Modules (SafeList) ========== MOD - [2011.06.11 11:36:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.07.28 17:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.06.03 10:58:50 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.05.29 12:16:53 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011.05.16 14:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.12.16 19:19:34 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2010.11.11 15:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010.09.16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 16:15:52 | 000,022,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe -- (XTUService) Intel(R) SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.04.29 12:12:00 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2011.02.18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.12.16 19:12:18 | 000,128,584 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt) DRV:64bit: - [2010.12.16 19:12:11 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc) DRV:64bit: - [2010.12.16 19:12:04 | 000,150,088 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC) DRV:64bit: - [2010.12.16 19:11:56 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile) DRV:64bit: - [2010.12.16 19:11:49 | 000,158,280 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt) DRV:64bit: - [2010.11.12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.04.07 16:04:00 | 000,290,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel(R) DRV:64bit: - [2010.01.20 12:27:20 | 000,036,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelsmb.sys -- (smbusp) Intel(R) DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008.06.17 10:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus) DRV - [2011.06.10 14:12:40 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2010.02.03 12:42:02 | 000,030,384 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBios.sys -- (IOCBIOS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F B8 7A D1 59 48 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=www.youtube.de ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.10 17:40:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.12.08 22:21:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.22 00:24:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.22 00:24:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\components [2011.05.14 17:20:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\plugins [2011.05.22 00:24:12 | 000,000,000 | ---D | M] [2011.03.31 20:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions [2011.01.30 14:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable [2011.05.10 14:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions [2011.04.20 22:15:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.10 14:18:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.02.12 22:31:28 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.10 14:18:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com [2011.03.04 17:22:31 | 000,001,131 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i0l7udn7.default\searchplugins\conduit.xml [2011.05.14 19:54:44 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i0l7udn7.default\searchplugins\icqplugin-1.xml [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i0l7udn7.default\searchplugins\icqplugin.xml File not found (No name found) -- [2010.12.08 22:21:24 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9} [2011.03.05 11:31:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 10\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\DAVID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I0L7UDN7.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk = C:\Users\David\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe () O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\FRITZ!DSL\\sarah.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\\sarah.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\\sarah.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\\sarah.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\FRITZ!DSL\\sarah.dll () O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll () O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.11 01:09:29 | 000,000,047 | -H-- | M] () - D:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.11 11:36:35 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2011.06.10 19:51:58 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\David\Desktop\HiJackThis204.exe [2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe [2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe [2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe [2011.06.10 19:33:15 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.06.10 18:36:11 | 000,000,000 | ---D | C] -- C:\totalcmd [2011.06.10 18:36:11 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\GHISLER [2011.06.10 17:25:17 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2011.06.10 17:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld [2011.06.10 17:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld [2011.06.10 17:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\ClearProg [2011.06.10 17:21:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClearProg [2011.06.10 14:12:41 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.06.10 13:56:00 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2011.06.10 13:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\Lavasoft [2011.06.10 13:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011.06.10 13:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011.06.10 13:39:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO [2011.05.24 16:23:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{334294B6-8746-4037-B8C3-E8CB5734FC8D} [2011.05.24 16:23:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{1C3614C5-40F9-4314-A6D6-271855DCF459} [2011.05.22 00:26:48 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\DDMSettings [2011.05.22 00:23:58 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\DivX [2011.05.22 00:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programme\DivX Plus [2011.05.22 00:23:42 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2011.05.22 00:23:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.05.22 00:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.05.22 00:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.05.14 17:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari [2011.05.14 15:20:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [1 C:\Users\David\*.tmp files -> C:\Users\David\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.11 11:38:24 | 000,000,000 | ---- | M] () -- C:\Users\David\defogger_reenable [2011.06.11 11:38:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.11 11:37:13 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.11 11:37:13 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.11 11:36:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2011.06.11 11:35:53 | 000,050,477 | ---- | M] () -- C:\Users\David\Desktop\Defogger.exe [2011.06.11 11:29:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.11 11:28:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.11 11:28:47 | 527,818,751 | -HS- | M] () -- C:\hiberfil.sys [2011.06.11 00:27:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2498949666-4130971900-2577889908-1000UA.job [2011.06.11 00:06:15 | 000,228,778 | ---- | M] () -- C:\Users\David\Documents\pinfect.zip [2011.06.10 21:27:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2498949666-4130971900-2577889908-1000Core.job [2011.06.10 19:52:08 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\David\Desktop\HiJackThis204.exe [2011.06.10 19:34:32 | 000,000,028 | ---- | M] () -- C:\Windows\Lic.xxx [2011.06.10 19:33:19 | 000,002,312 | ---- | M] () -- C:\Users\David\Desktop\Google Chrome.lnk [2011.06.10 18:36:12 | 000,000,632 | ---- | M] () -- C:\Users\David\Desktop\Total Commander.lnk [2011.06.10 17:25:16 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2011.06.10 17:21:33 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\ClearProg.lnk [2011.06.10 14:12:40 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.06.10 14:12:34 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2011.06.10 13:56:01 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2011.06.10 13:47:36 | 099,334,664 | ---- | M] () -- C:\Users\David\Desktop\mwav.exe [2011.06.09 22:34:09 | 001,611,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.09 22:34:09 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.06.09 22:34:09 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.06.09 22:34:09 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.06.09 22:34:09 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.05.30 13:56:42 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011.05.30 13:56:42 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.05.30 13:43:29 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011.05.29 12:16:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.05.14 19:52:39 | 000,000,600 | ---- | M] () -- C:\Users\David\AppData\Roaming\winscp.rnd [2011.05.14 14:32:18 | 000,004,826 | ---- | M] () -- C:\Users\David\Documents\cc_20110514_143212.reg [1 C:\Users\David\*.tmp files -> C:\Users\David\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.11 11:38:24 | 000,000,000 | ---- | C] () -- C:\Users\David\defogger_reenable [2011.06.11 11:35:53 | 000,050,477 | ---- | C] () -- C:\Users\David\Desktop\Defogger.exe [2011.06.10 19:33:19 | 000,002,312 | ---- | C] () -- C:\Users\David\Desktop\Google Chrome.lnk [2011.06.10 19:21:38 | 000,228,778 | ---- | C] () -- C:\Users\David\Documents\pinfect.zip [2011.06.10 18:36:12 | 000,000,632 | ---- | C] () -- C:\Users\David\Desktop\Total Commander.lnk [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2011.06.10 18:36:11 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2011.06.10 17:25:29 | 000,000,028 | ---- | C] () -- C:\Windows\Lic.xxx [2011.06.10 17:21:33 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\ClearProg.lnk [2011.06.10 17:03:34 | 000,016,432 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2011.06.10 13:56:01 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2011.06.10 13:47:36 | 099,334,664 | ---- | C] () -- C:\Users\David\Desktop\mwav.exe [2011.05.14 17:12:13 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk [2011.05.14 14:32:16 | 000,004,826 | ---- | C] () -- C:\Users\David\Documents\cc_20110514_143212.reg [2011.05.10 14:21:52 | 000,000,000 | ---- | C] () -- C:\Users\David\AppData\Local\{547DFA4E-F24F-4340-B3DE-7B55F1E517DA} [2011.02.20 16:12:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.02.10 19:29:13 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011.02.10 19:29:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011.02.10 19:29:13 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011.02.10 19:29:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011.02.10 19:29:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.12.09 16:29:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.11.13 18:59:32 | 000,000,600 | ---- | C] () -- C:\Users\David\AppData\Roaming\winscp.rnd [2010.10.11 13:55:43 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.10.11 13:43:16 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.10.11 13:43:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.10.11 13:43:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.09.05 21:52:37 | 000,099,932 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010.08.30 21:04:58 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.02.12 22:31:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.30 18:07:29 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Engelmann Media [2010.12.08 22:05:52 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Foxit Software [2011.06.07 06:20:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FRITZ! [2011.06.10 18:36:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GHISLER [2011.03.07 13:13:10 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GroovesharkDesktop.7F9BF17D6D9CB2159C78A6A6AB076EA0B1E0497C.1 [2010.12.14 20:17:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\gtk-2.0 [2011.01.25 18:34:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HTC [2011.01.25 18:32:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011.06.11 11:41:05 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ [2011.02.01 19:22:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ-Tools.de [2010.08.30 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\InterTrust [2010.09.06 06:19:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MobMapUpdater [2011.02.01 19:22:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OCS [2010.10.24 19:04:20 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org [2011.02.01 19:22:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera [2011.01.25 18:34:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Outlook [2010.12.09 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PACE Anti-Piracy [2010.08.30 18:12:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Panda Security [2010.09.14 04:34:30 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Philipp Winterberg [2010.12.09 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.12.27 18:03:08 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TS3Client [2010.12.08 21:53:55 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Virtual CD v10 [2010.10.21 22:39:53 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Wi-Fi Sync [2011.06.11 11:28:57 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.02.10 19:36:40 | 000,000,000 | ---D | M] -- C:\$RECYCLE.BIN [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.08.30 17:17:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2010.08.30 17:22:59 | 000,000,000 | ---D | M] -- C:\Intel [2010.12.02 16:20:32 | 000,000,000 | R--D | M] -- C:\MSOCache [2010.09.05 18:48:37 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.05.22 00:23:42 | 000,000,000 | R--D | M] -- C:\Programme [2011.06.10 17:21:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86) [2011.06.10 17:25:11 | 000,000,000 | ---D | M] -- C:\ProgramData [2010.08.30 17:17:01 | 000,000,000 | -HSD | M] -- C:\Programme [2011.02.10 19:40:52 | 000,000,000 | ---D | M] -- C:\Qoobox [2010.08.30 17:17:01 | 000,000,000 | ---D | M] -- C:\Recovery [2011.01.25 18:55:48 | 000,000,000 | ---D | M] -- C:\ruu_log [2011.06.11 11:43:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.08.30 18:57:40 | 000,000,000 | ---D | M] -- C:\TempEI4 [2011.06.10 18:36:16 | 000,000,000 | ---D | M] -- C:\totalcmd [2010.08.30 17:18:25 | 000,000,000 | R--D | M] -- C:\Users [2010.09.01 04:28:44 | 000,000,000 | ---D | M] -- C:\VLC [2011.06.10 19:35:32 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\ERDNT\cache86\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\ERDNT\cache64\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 1088 bytes -> C:\Users\David\AppData\Local\G8dHZFWb:bzoSicG2hszlPqL5DTm < End of report > extras.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.06.2011 11:42:28 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\David\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 4,26 Gb Available Physical Memory | 71,20% Memory free
11,98 Gb Paging File | 10,21 Gb Available in Paging File | 85,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 30,38 Gb Free Space | 20,38% Space Free | Partition Type: NTFS
Drive D: | 7,73 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive R: | 1862,92 Gb Total Space | 1497,69 Gb Free Space | 80,39% Space Free | Partition Type: NTFS
Computer Name: DAVE | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{27BAA191-CEB0-4F17-95FA-B44DD128375E}" = MobileMe Control Panel
"{2D5D9603-22CF-4B99-83F6-0CD20330F62E}" = FRITZ!DSL64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0407-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-Bit
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D5558268-0050-4B95-AD5E-426960E1EFE1}" = Intel(R) Network Connections 15.3.68.0
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PROSetDX" = Intel(R) Network Connections 15.3.68.0
"SMBus" = Intel(R) SMBus
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{680325D9-CF2A-494C-B1F5-46FBD2B8948A}" = Intel(R) Desktop Control Center
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B433B7D6-0A97-4ED4-BE64-863A0B3A0776}_is1" = YouFreeTV Version 0.02
"{B556929F-79D5-E843-27D4-60B1586C4773}" = Grooveshark
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EEA080A7-4331-4593-A071-D0862A8178B9}" = ASUS nVidia Driver
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ClearProg" = ClearProg 1.6.0 Final
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"GeoGebra" = GeoGebra
"GroovesharkDesktop.7F9BF17D6D9CB2159C78A6A6AB076EA0B1E0497C.1" = Grooveshark
"HyperSnap 6" = HyperSnap 6
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"MobMap_is1" = MobMap 4.04
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Plants vs. Zombies(TM)" = Plants vs. Zombies(TM) (remove only)
"PunkBusterSvc" = PunkBuster Services
"RarZilla Free Unrar" = RarZilla Free Unrar
"RealPlayer 12.0" = RealPlayer
"ST5UNST #1" = Kaminfeuer Titanium Edition II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"Steam App 43110" = Metro 2033
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.9
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.04.2011 09:04:30 | Computer Name = Dave | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\David\Downloads\SoftonicDownloader_fuer_free-powerpoint-templates.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 20.04.2011 06:50:45 | Computer Name = Dave | Source = Bonjour Service | ID = 100
Description = ERROR: accept: 10022 (Ein ungültiges Argument wurde angegeben.)
Error - 20.04.2011 06:50:45 | Computer Name = Dave | Source = Bonjour Service | ID = 100
Description = ERROR: accept: 10022 (Ein ungültiges Argument wurde angegeben.)
Error - 20.04.2011 06:50:45 | Computer Name = Dave | Source = Bonjour Service | ID = 100
Description = ERROR: accept: 10022 (Ein ungültiges Argument wurde angegeben.)
Error - 14.05.2011 10:11:05 | Computer Name = Dave | Source = Application Hang | ID = 1002
Description = Programm WinSCP.exe, Version 4.2.9.938 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1bd4 Startzeit:
01cc1240ab81a59e Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\WinSCP\WinSCP.exe
Berichts-ID:
ff8f057f-7e33-11e0-9c27-001cc0f3ab45
Error - 14.05.2011 10:56:39 | Computer Name = Dave | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 2.0.0.4051 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 19c4 Startzeit:
01cc1246cd4d2bde Endzeit: 21 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox
4.0 Beta 10\firefox.exe Berichts-ID: 5dc4cc62-7e3a-11e0-9c27-001cc0f3ab45
Error - 21.05.2011 18:28:55 | Computer Name = Dave | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 18c4 Startzeit:
01cc1805fc761c89 Endzeit: 5 Anwendungspfad: C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
Berichts-ID:
b504a921-83f9-11e0-833c-001cc0f3ab45
Error - 21.05.2011 19:28:32 | Computer Name = Dave | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DivX Plus Player.exe, Version: 10.2.1.20,
Zeitstempel: 0x4cdc8b7a Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x05f97e02 ID des fehlerhaften
Prozesses: 0x275c Startzeit der fehlerhaften Anwendung: 0x01cc180ec9f6d2cd Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus
Player.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 0a3fa5cf-8402-11e0-833c-001cc0f3ab45
Error - 24.05.2011 12:01:57 | Computer Name = Dave | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12f8 Startzeit:
01cc1a02ffb0bbfb Endzeit: 7 Anwendungspfad: C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
Berichts-ID:
25556f20-861f-11e0-8c5d-001cc0f3ab45
Error - 24.05.2011 12:05:37 | Computer Name = Dave | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 123c Startzeit:
01cc1a2c2af9df2b Endzeit: 3 Anwendungspfad: C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
Berichts-ID:
a88fbb77-861f-11e0-8c5d-001cc0f3ab45
[ System Events ]
Error - 16.03.2011 11:16:51 | Computer Name = Dave | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 23.03.2011 15:40:31 | Computer Name = Dave | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 23.03.2011 15:40:31 | Computer Name = Dave | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 23.03.2011 15:40:32 | Computer Name = Dave | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 23.03.2011 15:40:32 | Computer Name = Dave | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 28.03.2011 01:16:31 | Computer Name = Dave | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 28.03.2011 01:16:31 | Computer Name = Dave | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 10.04.2011 06:09:57 | Computer Name = Dave | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SearchAnonymizer erreicht.
Error - 10.04.2011 06:09:57 | Computer Name = Dave | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 15.04.2011 13:20:01 | Computer Name = Dave | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
< End of report >
|
|
11.06.2011, 17:10
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=www.youtube.de
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
[2011.04.20 22:15:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.10 14:18:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.02.12 22:31:28 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.10 14:18:12 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.11 01:09:29 | 000,000,047 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
[2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2011.06.10 19:35:32 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2011.05.24 16:23:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{334294B6-8746-4037-B8C3-E8CB5734FC8D}
[2011.05.24 16:23:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{1C3614C5-40F9-4314-A6D6-271855DCF459}
[2011.01.25 18:55:48 | 000,000,000 | ---D | M] -- C:\ruu_log
[2010.08.30 18:57:40 | 000,000,000 | ---D | M] -- C:\TempEI4
@Alternate Data Stream - 1088 bytes -> C:\Users\David\AppData\Local\G8dHZFWb:bzoSicG2hszlPqL5DTm
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.06.2011, 18:06
| #5 |
| | Unbekannte Fehlerquelle , Virus Danke , so hier der Log : ========== OTL ========== HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "ICQ Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://start.icq.com/" removed from browser.startup.homepage Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" removed from keyword.URL C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\searchplugin folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\META-INF folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\lib folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\DualPackage folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\defaults folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\components folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com\chrome folder moved successfully. C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\i0l7udn7.default\extensions\engine@conduit.com folder moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File move failed. D:\autorun.inf scheduled to be moved on reboot. C:\Windows\SysWow64\runouce.exe folder moved successfully. C:\Windows\rundll16.exe folder moved successfully. C:\Windows\logo_1.exe folder moved successfully. C:\Users\David\AppData\Local\{334294B6-8746-4037-B8C3-E8CB5734FC8D} folder moved successfully. C:\Users\David\AppData\Local\{1C3614C5-40F9-4314-A6D6-271855DCF459} folder moved successfully. C:\ruu_log folder moved successfully. C:\TempEI4 folder moved successfully. ADS C:\Users\David\AppData\Local\G8dHZFWb:bzoSicG2hszlPqL5DTm deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.23.0 log created on 06112011_190032 Files\Folders moved on Reboot... File move failed. D:\autorun.inf scheduled to be moved on reboot. Registry entries deleted on Reboot... |
|
11.06.2011, 18:46
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Unbekannte Fehlerquelle , Virus |
|
11.06.2011, 18:57
| #7 |
| | Unbekannte Fehlerquelle , Virus 2011/06/11 19:55:17.0098 17332 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48 2011/06/11 19:55:19.0108 17332 ================================================================================ 2011/06/11 19:55:19.0108 17332 SystemInfo: 2011/06/11 19:55:19.0108 17332 2011/06/11 19:55:19.0108 17332 OS Version: 6.1.7600 ServicePack: 0.0 2011/06/11 19:55:19.0108 17332 Product type: Workstation 2011/06/11 19:55:19.0108 17332 ComputerName: DAVE 2011/06/11 19:55:19.0108 17332 UserName: David 2011/06/11 19:55:19.0108 17332 Windows directory: C:\Windows 2011/06/11 19:55:19.0108 17332 System windows directory: C:\Windows 2011/06/11 19:55:19.0108 17332 Running under WOW64 2011/06/11 19:55:19.0108 17332 Processor architecture: Intel x64 2011/06/11 19:55:19.0108 17332 Number of processors: 8 2011/06/11 19:55:19.0108 17332 Page size: 0x1000 2011/06/11 19:55:19.0108 17332 Boot type: Normal boot 2011/06/11 19:55:19.0108 17332 ================================================================================ 2011/06/11 19:55:19.0878 17332 Initialize success 2011/06/11 19:56:09.0138 13096 ================================================================================ 2011/06/11 19:56:09.0138 13096 Scan started 2011/06/11 19:56:09.0138 13096 Mode: Manual; 2011/06/11 19:56:09.0138 13096 ================================================================================ 2011/06/11 19:56:10.0248 13096 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/06/11 19:56:10.0288 13096 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/06/11 19:56:10.0318 13096 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/06/11 19:56:10.0338 13096 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/06/11 19:56:10.0378 13096 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/06/11 19:56:10.0388 13096 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/06/11 19:56:10.0428 13096 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/06/11 19:56:10.0448 13096 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/06/11 19:56:10.0458 13096 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/06/11 19:56:10.0468 13096 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/06/11 19:56:10.0478 13096 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/06/11 19:56:10.0498 13096 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/06/11 19:56:10.0528 13096 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/06/11 19:56:10.0558 13096 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/06/11 19:56:10.0578 13096 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/06/11 19:56:10.0598 13096 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/06/11 19:56:10.0648 13096 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/06/11 19:56:10.0668 13096 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/06/11 19:56:10.0708 13096 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/11 19:56:10.0738 13096 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/06/11 19:56:10.0808 13096 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/06/11 19:56:10.0848 13096 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/06/11 19:56:10.0888 13096 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/06/11 19:56:10.0928 13096 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/06/11 19:56:10.0978 13096 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/11 19:56:11.0018 13096 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/06/11 19:56:11.0028 13096 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/06/11 19:56:11.0058 13096 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/06/11 19:56:11.0068 13096 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/06/11 19:56:11.0088 13096 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/06/11 19:56:11.0098 13096 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/06/11 19:56:11.0118 13096 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/06/11 19:56:11.0138 13096 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/11 19:56:11.0178 13096 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/11 19:56:11.0218 13096 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/11 19:56:11.0248 13096 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/06/11 19:56:11.0268 13096 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/11 19:56:11.0288 13096 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/06/11 19:56:11.0308 13096 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/06/11 19:56:11.0328 13096 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/11 19:56:11.0358 13096 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/06/11 19:56:11.0378 13096 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/06/11 19:56:11.0418 13096 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 2011/06/11 19:56:11.0458 13096 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/06/11 19:56:11.0478 13096 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/06/11 19:56:11.0498 13096 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/06/11 19:56:11.0548 13096 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/06/11 19:56:11.0588 13096 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/11 19:56:11.0648 13096 e1yexpress (1f20aeaad1be0121647257235b788224) C:\Windows\system32\DRIVERS\e1y62x64.sys 2011/06/11 19:56:11.0728 13096 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/06/11 19:56:11.0858 13096 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/06/11 19:56:11.0878 13096 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/06/11 19:56:11.0938 13096 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/06/11 19:56:11.0968 13096 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/06/11 19:56:11.0988 13096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/11 19:56:12.0018 13096 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/06/11 19:56:12.0028 13096 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/06/11 19:56:12.0038 13096 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/11 19:56:12.0068 13096 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/06/11 19:56:12.0098 13096 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/06/11 19:56:12.0118 13096 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/11 19:56:12.0168 13096 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/06/11 19:56:12.0318 13096 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/06/11 19:56:12.0378 13096 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/06/11 19:56:12.0448 13096 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/06/11 19:56:12.0488 13096 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/06/11 19:56:12.0528 13096 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/11 19:56:12.0548 13096 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/06/11 19:56:12.0558 13096 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/06/11 19:56:12.0578 13096 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/11 19:56:12.0628 13096 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/11 19:56:12.0678 13096 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/06/11 19:56:12.0748 13096 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 2011/06/11 19:56:12.0828 13096 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 2011/06/11 19:56:12.0898 13096 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/06/11 19:56:12.0928 13096 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/06/11 19:56:12.0988 13096 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/11 19:56:13.0018 13096 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/06/11 19:56:13.0078 13096 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/06/11 19:56:13.0148 13096 IntcAzAudAddService (4a725cdde1a0c3d1b1eaca0d9d0d95d0) C:\Windows\system32\drivers\RTKVHD64.sys 2011/06/11 19:56:13.0158 13096 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/06/11 19:56:13.0188 13096 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/11 19:56:13.0278 13096 IOCBIOS (d6ef3558d9a7e4024cf1cfb12d56e81d) C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys 2011/06/11 19:56:13.0288 13096 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/11 19:56:13.0318 13096 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/06/11 19:56:13.0328 13096 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/06/11 19:56:13.0378 13096 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/06/11 19:56:13.0398 13096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/06/11 19:56:13.0418 13096 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/11 19:56:13.0438 13096 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/11 19:56:13.0458 13096 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/11 19:56:13.0478 13096 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/11 19:56:13.0498 13096 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys 2011/06/11 19:56:13.0518 13096 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/06/11 19:56:13.0618 13096 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 2011/06/11 19:56:13.0668 13096 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys 2011/06/11 19:56:13.0718 13096 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/11 19:56:13.0758 13096 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/06/11 19:56:13.0768 13096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/06/11 19:56:13.0788 13096 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/06/11 19:56:13.0798 13096 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/06/11 19:56:13.0828 13096 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/06/11 19:56:13.0838 13096 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/06/11 19:56:13.0858 13096 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/06/11 19:56:13.0898 13096 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/06/11 19:56:13.0928 13096 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/11 19:56:13.0948 13096 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/11 19:56:13.0978 13096 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/11 19:56:13.0988 13096 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/06/11 19:56:14.0008 13096 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/06/11 19:56:14.0038 13096 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/11 19:56:14.0048 13096 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/06/11 19:56:14.0068 13096 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/11 19:56:14.0088 13096 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/11 19:56:14.0108 13096 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/11 19:56:14.0138 13096 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/06/11 19:56:14.0158 13096 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/06/11 19:56:14.0188 13096 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/06/11 19:56:14.0198 13096 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/06/11 19:56:14.0208 13096 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/06/11 19:56:14.0248 13096 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/11 19:56:14.0248 13096 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/11 19:56:14.0268 13096 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/06/11 19:56:14.0298 13096 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/06/11 19:56:14.0308 13096 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/11 19:56:14.0328 13096 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/06/11 19:56:14.0338 13096 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/06/11 19:56:14.0368 13096 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/06/11 19:56:14.0418 13096 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/11 19:56:14.0448 13096 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/06/11 19:56:14.0468 13096 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/06/11 19:56:14.0488 13096 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/11 19:56:14.0498 13096 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/11 19:56:14.0518 13096 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/11 19:56:14.0528 13096 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/06/11 19:56:14.0548 13096 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/11 19:56:14.0568 13096 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/11 19:56:14.0618 13096 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/06/11 19:56:14.0638 13096 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/06/11 19:56:14.0648 13096 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/11 19:56:14.0688 13096 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/06/11 19:56:14.0748 13096 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/06/11 19:56:14.0788 13096 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys 2011/06/11 19:56:15.0078 13096 nvlddmkm (f12c5f17d48d9f5c70e4408b3ccb5443) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/06/11 19:56:15.0208 13096 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/06/11 19:56:15.0238 13096 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/06/11 19:56:15.0258 13096 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/06/11 19:56:15.0278 13096 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/11 19:56:15.0358 13096 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/06/11 19:56:15.0378 13096 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/06/11 19:56:15.0418 13096 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/06/11 19:56:15.0438 13096 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/06/11 19:56:15.0458 13096 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/06/11 19:56:15.0478 13096 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/06/11 19:56:15.0508 13096 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/06/11 19:56:15.0598 13096 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/11 19:56:15.0618 13096 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/06/11 19:56:15.0668 13096 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/11 19:56:15.0708 13096 PSINAflt (118603a97cd639d25f4448dd25273173) C:\Windows\system32\DRIVERS\PSINAflt.sys 2011/06/11 19:56:15.0748 13096 PSINFile (bf625c0afaf796c80e3b75be2284fde8) C:\Windows\system32\DRIVERS\PSINFile.sys 2011/06/11 19:56:15.0778 13096 PSINKNC (18487175ba65c66acc6f94354f0552de) C:\Windows\system32\DRIVERS\psinknc.sys 2011/06/11 19:56:15.0808 13096 PSINProc (44f40ccaca74dcb1915398712fad8342) C:\Windows\system32\DRIVERS\PSINProc.sys 2011/06/11 19:56:15.0838 13096 PSINProt (38474fbd900a9e3199438fb372db8e36) C:\Windows\system32\DRIVERS\PSINProt.sys 2011/06/11 19:56:15.0918 13096 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/06/11 19:56:15.0968 13096 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/06/11 19:56:15.0998 13096 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/06/11 19:56:16.0028 13096 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/11 19:56:16.0038 13096 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/11 19:56:16.0078 13096 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/06/11 19:56:16.0098 13096 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/11 19:56:16.0108 13096 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/11 19:56:16.0128 13096 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/11 19:56:16.0158 13096 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/11 19:56:16.0178 13096 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/06/11 19:56:16.0198 13096 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/11 19:56:16.0208 13096 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 2011/06/11 19:56:16.0228 13096 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/11 19:56:16.0248 13096 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/06/11 19:56:16.0268 13096 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/06/11 19:56:16.0288 13096 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/06/11 19:56:16.0338 13096 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/11 19:56:16.0368 13096 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/06/11 19:56:16.0388 13096 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/06/11 19:56:16.0418 13096 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/06/11 19:56:16.0458 13096 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/06/11 19:56:16.0488 13096 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/06/11 19:56:16.0498 13096 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/06/11 19:56:16.0508 13096 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/06/11 19:56:16.0538 13096 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/06/11 19:56:16.0548 13096 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/06/11 19:56:16.0558 13096 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/06/11 19:56:16.0568 13096 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/06/11 19:56:16.0598 13096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/06/11 19:56:16.0608 13096 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/06/11 19:56:16.0638 13096 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/06/11 19:56:16.0668 13096 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys 2011/06/11 19:56:16.0698 13096 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/06/11 19:56:16.0738 13096 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys 2011/06/11 19:56:16.0778 13096 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/11 19:56:16.0828 13096 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/11 19:56:16.0878 13096 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/06/11 19:56:16.0908 13096 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/06/11 19:56:16.0928 13096 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 2011/06/11 19:56:16.0948 13096 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/11 19:56:17.0038 13096 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys 2011/06/11 19:56:17.0088 13096 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/11 19:56:17.0118 13096 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/11 19:56:17.0148 13096 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/06/11 19:56:17.0158 13096 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/06/11 19:56:17.0178 13096 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/11 19:56:17.0208 13096 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/11 19:56:17.0248 13096 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/11 19:56:17.0268 13096 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/11 19:56:17.0278 13096 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/06/11 19:56:17.0318 13096 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/11 19:56:17.0348 13096 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/06/11 19:56:17.0368 13096 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/11 19:56:17.0378 13096 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/06/11 19:56:17.0418 13096 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys 2011/06/11 19:56:17.0438 13096 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/11 19:56:17.0458 13096 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/06/11 19:56:17.0478 13096 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/11 19:56:17.0498 13096 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/11 19:56:17.0508 13096 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/06/11 19:56:17.0528 13096 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/11 19:56:17.0548 13096 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/11 19:56:17.0568 13096 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/11 19:56:17.0618 13096 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys 2011/06/11 19:56:17.0668 13096 vcd10bus (f0faf3fb9b138f8cafb65ecffe9f4ab6) C:\Windows\system32\DRIVERS\vcd10bus.sys 2011/06/11 19:56:17.0698 13096 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/06/11 19:56:17.0718 13096 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/11 19:56:17.0728 13096 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/06/11 19:56:17.0758 13096 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/06/11 19:56:17.0768 13096 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/06/11 19:56:17.0788 13096 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 2011/06/11 19:56:17.0798 13096 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/06/11 19:56:17.0818 13096 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/06/11 19:56:17.0838 13096 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/06/11 19:56:17.0858 13096 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/06/11 19:56:17.0888 13096 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/06/11 19:56:17.0908 13096 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/06/11 19:56:17.0918 13096 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/06/11 19:56:17.0958 13096 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/11 19:56:17.0968 13096 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/11 19:56:17.0988 13096 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/06/11 19:56:18.0008 13096 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/11 19:56:18.0048 13096 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/06/11 19:56:18.0058 13096 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/06/11 19:56:18.0118 13096 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/06/11 19:56:18.0158 13096 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/11 19:56:18.0188 13096 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/11 19:56:18.0208 13096 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/06/11 19:56:18.0248 13096 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/11 19:56:18.0458 13096 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/06/11 19:56:18.0478 13096 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 2011/06/11 19:56:18.0478 13096 ================================================================================ 2011/06/11 19:56:18.0478 13096 Scan finished 2011/06/11 19:56:18.0478 13096 ================================================================================ 2011/06/11 19:56:18.0488 16960 Detected object count: 0 2011/06/11 19:56:18.0488 16960 Actual detected object count: 0 |
|
11.06.2011, 19:26
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.06.2011, 20:50
| #9 |
| | Unbekannte Fehlerquelle , Virus Vielen Dank Arne , dass du dir hier die Zeit nimmst mir bei meinem Problem zu helfen dafür bin ich dir wirklich dankbar Hier der Log Bericht von Combofix : Combofix Logfile: Code:
ATTFilter ComboFix 11-06-11.01 - David 11.06.2011 21:42:06.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.6132.4364 [GMT 2:00]
ausgeführt von:: c:\users\David\Desktop\cofi.exe
AV: Lavasoft Ad-Watch Live! Virenschutz *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-05-11 bis 2011-06-11 ))))))))))))))))))))))))))))))
.
.
2011-06-11 19:46 . 2011-06-11 19:46 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-11 19:46 . 2011-06-11 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-11 17:00 . 2011-06-11 17:00 -------- d-----w- C:\_OTL
2011-06-10 16:36 . 2011-06-10 16:36 -------- d-----w- C:\totalcmd
2011-06-10 16:36 . 2011-06-10 16:36 -------- d-----w- c:\users\David\AppData\Roaming\GHISLER
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-06-10 16:36 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-06-10 15:25 . 2011-06-10 15:25 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2011-06-10 15:25 . 2011-06-10 15:25 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2011-06-10 15:25 . 2011-06-10 15:25 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2011-06-10 15:25 . 2011-06-10 15:25 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2011-06-10 15:25 . 2011-06-10 15:25 -------- d-----w- c:\programdata\MicroWorld
2011-06-10 15:21 . 2011-06-10 15:21 -------- d-----w- c:\program files (x86)\ClearProg
2011-06-10 15:03 . 2011-06-10 12:12 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-06-10 12:12 . 2011-06-10 12:12 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-10 11:56 . 2011-04-29 10:12 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-06-10 11:55 . 2011-06-10 11:55 -------- d-----w- c:\program files (x86)\Lavasoft
2011-06-10 11:55 . 2011-06-10 11:55 -------- d-----w- c:\programdata\Lavasoft
2011-06-10 11:39 . 2011-06-10 11:39 -------- d-----w- c:\windows\system32\IO
2011-05-21 22:26 . 2011-05-21 22:26 -------- d-----w- c:\users\David\AppData\Local\DDMSettings
2011-05-21 22:23 . 2011-05-21 23:28 -------- d-----w- c:\users\David\AppData\Roaming\DivX
2011-05-21 22:23 . 2011-05-21 22:23 -------- d-----w- c:\program files\DivX
2011-05-21 22:23 . 2011-05-21 22:23 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-05-21 22:17 . 2011-05-21 22:24 -------- d-----w- c:\program files (x86)\DivX
2011-05-21 22:16 . 2011-05-21 22:24 -------- d-----w- c:\programdata\DivX
2011-05-14 15:12 . 2011-05-14 15:12 -------- d-----w- c:\program files (x86)\Safari
2011-05-14 13:20 . 2011-05-14 13:20 -------- d-----w- c:\windows\system32\Macromed
2011-05-14 13:09 . 2011-06-10 17:26 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-30 11:56 . 2010-10-11 18:12 280768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-05-30 11:56 . 2010-10-11 11:43 280768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-05-30 11:43 . 2010-10-11 11:43 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-05-29 10:16 . 2010-10-11 11:43 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-04-06 14:26 . 2011-04-06 14:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:26 . 2011-04-06 14:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 14:26 . 2011-04-06 14:26 237856 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 14:26 . 2011-04-06 14:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-03-26 18:55 . 2011-03-26 18:55 53760 ----a-w- c:\windows\system32\wow3232.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-02-10_17.36.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-14 07:10 . 2011-01-18 19:44 29696 c:\windows\SysWOW64\VB5StKit.dll
+ 2011-03-14 07:10 . 2011-01-18 19:44 99866 c:\windows\SysWOW64\VB5DE.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 57960 c:\windows\SysWOW64\OpenCL.dll
- 2010-12-20 15:32 . 2010-10-22 06:23 57960 c:\windows\SysWOW64\OpenCL.dll
+ 2011-03-14 07:10 . 2011-01-18 19:44 34816 c:\windows\SysWOW64\MCIDE.dll
+ 2010-11-12 00:44 . 2010-11-12 00:44 94208 c:\windows\SysWOW64\dpl100.dll
- 2010-12-02 20:41 . 2011-02-10 17:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-12-02 20:41 . 2011-06-11 17:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2011-06-11 17:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-02-10 17:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-11 17:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-10 17:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-10 17:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-11 17:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-30 15:26 . 2011-06-11 17:04 43524 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-11 17:04 30426 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-08-30 15:20 . 2011-06-11 17:04 10498 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2498949666-4130971900-2577889908-1000_UserData.bin
- 2010-12-20 15:32 . 2010-10-22 06:23 67176 c:\windows\system32\OpenCL.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 67176 c:\windows\system32\OpenCL.dll
- 2010-12-20 15:32 . 2010-09-07 20:09 29288 c:\windows\system32\nvhdap64.dll
+ 2011-03-17 12:36 . 2010-11-11 23:10 29288 c:\windows\system32\nvhdap64.dll
+ 2011-06-10 11:56 . 2011-04-29 10:12 69376 c:\windows\system32\DRVSTORE\lbd_483F0BF7A3AD4ED71EB7FC6065CFD6B9C37DEB69\Lbd.sys
+ 2009-07-14 05:30 . 2011-04-03 17:59 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-02-01 14:47 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-02-18 15:36 . 2011-02-18 15:36 51712 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c169b6211f782a21\usbaapl64.sys
+ 2011-03-17 12:36 . 2010-11-11 23:10 29288 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_1a8ed05a8ff84461\nvhdap64.dll
+ 2011-03-17 12:36 . 2010-11-11 23:10 70760 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_1a8ed05a8ff84461\nvapo64v.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 67176 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\OpenCL64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 57960 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\OpenCL.dll
- 2010-09-28 14:44 . 2010-09-28 14:44 51712 c:\windows\system32\drivers\usbaapl64.sys
+ 2011-02-18 15:36 . 2011-02-18 15:36 51712 c:\windows\system32\drivers\usbaapl64.sys
+ 2010-12-08 20:17 . 2010-07-12 18:36 55856 c:\windows\system32\drivers\PxHlpa64.sys
+ 2010-08-30 21:12 . 2011-06-11 12:43 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-30 21:12 . 2011-02-05 12:16 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-30 21:12 . 2011-02-05 12:16 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-30 21:12 . 2011-06-11 12:43 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-02-05 12:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-11 12:43 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-14 07:10 . 2011-01-18 19:44 72704 c:\windows\ST5UNST.EXE
- 2010-08-30 15:25 . 2011-02-10 17:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-30 15:25 . 2011-06-11 17:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-02-20 18:18 73256 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-03-30 15:40 . 2011-06-11 17:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-03-30 15:40 . 2011-06-11 17:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2011-03-30 15:40 . 2011-06-11 17:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2010-08-30 15:25 . 2011-06-11 17:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-30 15:25 . 2011-02-10 17:37 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-30 15:25 . 2011-06-11 17:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-08-30 15:25 . 2011-02-10 17:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-30 15:25 . 2011-06-11 17:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-30 15:25 . 2011-02-10 17:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-30 15:25 . 2011-06-11 17:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-08-30 15:25 . 2011-02-10 17:38 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-07 11:13 . 2011-03-07 11:13 23040 c:\windows\Installer\75095b.msi
+ 2011-06-01 19:33 . 2011-06-01 19:33 25088 c:\windows\Installer\139cd5a.msi
- 2010-12-20 15:35 . 2010-12-20 15:35 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
+ 2011-03-17 12:37 . 2011-03-17 12:37 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
+ 2011-05-15 11:42 . 2011-05-15 11:42 89440 c:\windows\Installer\{95140000-007F-0407-1000-0000000FF1CE}\OLCIcon.exe
+ 2011-06-11 17:02 . 2011-06-11 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-02-10 17:35 . 2011-02-10 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-02-10 17:35 . 2011-02-10 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-11 17:02 . 2011-06-11 17:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-10 17:26 . 2011-06-10 17:26 240288 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10s_ActiveX.exe
+ 2011-06-10 17:26 . 2011-06-10 17:26 321184 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10s_ActiveX.dll
+ 2011-04-15 11:01 . 2011-04-15 11:01 235168 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe
+ 2011-03-05 09:31 . 2011-02-02 20:40 157472 c:\windows\SysWOW64\javaws.exe
- 2011-01-27 17:46 . 2010-11-12 17:53 157472 c:\windows\SysWOW64\javaws.exe
- 2011-01-27 17:46 . 2010-11-12 17:53 145184 c:\windows\SysWOW64\javaw.exe
+ 2011-03-05 09:31 . 2011-02-02 20:40 145184 c:\windows\SysWOW64\javaw.exe
- 2011-01-27 17:46 . 2010-11-12 17:53 145184 c:\windows\SysWOW64\java.exe
+ 2011-03-05 09:31 . 2011-02-02 20:40 145184 c:\windows\SysWOW64\java.exe
+ 2010-02-19 19:27 . 2010-02-19 19:27 843776 c:\windows\SysWOW64\divx_xx16.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 839680 c:\windows\SysWOW64\divx_xx11.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx0c.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 847872 c:\windows\SysWOW64\divx_xx0a.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx07.dll
+ 2010-02-19 19:27 . 2010-02-19 19:27 720384 c:\windows\SysWOW64\DivX.dll
+ 2010-08-30 18:11 . 2011-02-02 20:40 472808 c:\windows\SysWOW64\deployJava1.dll
- 2010-08-30 18:11 . 2010-11-12 17:53 472808 c:\windows\SysWOW64\deployJava1.dll
+ 2010-09-01 02:09 . 2011-06-06 16:09 269080 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2011-06-09 20:34 651450 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-02-10 14:50 651450 c:\windows\system32\perfh009.dat
- 2009-07-14 17:58 . 2011-02-10 14:50 696132 c:\windows\system32\perfh007.dat
+ 2009-07-14 17:58 . 2011-06-09 20:34 696132 c:\windows\system32\perfh007.dat
- 2009-07-14 02:36 . 2011-02-10 14:50 120382 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-06-09 20:34 120382 c:\windows\system32\perfc009.dat
- 2009-07-14 17:58 . 2011-02-10 14:50 147428 c:\windows\system32\perfc007.dat
+ 2009-07-14 17:58 . 2011-06-09 20:34 147428 c:\windows\system32\perfc007.dat
+ 2011-01-07 19:49 . 2011-01-07 19:49 117864 c:\windows\system32\nvmctray.dll
+ 2011-05-14 13:20 . 2011-05-14 13:20 261584 c:\windows\system32\Macromed\Flash\FlashUtil64_10_3_162_Plugin.exe
+ 2011-05-14 13:21 . 2011-05-14 13:21 261584 c:\windows\system32\Macromed\Flash\FlashUtil64_10_3_162_ActiveX.exe
+ 2011-05-14 13:21 . 2011-05-14 13:21 349136 c:\windows\system32\Macromed\Flash\FlashUtil64_10_3_162_ActiveX.dll
+ 2011-01-07 19:50 . 2011-01-07 19:50 795752 c:\windows\system32\easyUpdatusAPIU64.dll
- 2009-07-14 05:30 . 2011-02-01 14:47 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-04-03 17:59 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-02-01 14:47 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-03-17 12:37 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-03-17 12:36 . 2010-11-11 23:10 155752 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_1a8ed05a8ff84461\nvhda64v.sys
+ 2011-03-17 12:36 . 2010-11-11 23:10 129640 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_1a8ed05a8ff84461\nvhda64.sys
+ 2011-03-17 12:36 . 2011-01-08 03:27 197224 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvidia-smi.exe
+ 2011-03-17 12:36 . 2011-01-08 03:27 281380 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvdrsdb.bin
+ 2011-03-17 12:36 . 2011-01-08 03:27 191080 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\dbInstaller.exe
+ 2011-03-17 12:36 . 2010-11-11 23:10 155752 c:\windows\system32\drivers\nvhda64v.sys
- 2010-12-20 15:32 . 2010-09-07 20:08 155752 c:\windows\system32\drivers\nvhda64v.sys
- 2009-07-14 05:12 . 2010-12-21 18:35 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-06-11 12:43 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-06-11 17:01 531824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-02-10 17:34 531824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-03-05 09:31 . 2011-03-05 09:31 183808 c:\windows\Installer\85f79.msi
+ 2011-03-08 19:28 . 2011-03-08 19:28 405504 c:\windows\Installer\2e80505.msp
+ 2011-02-20 14:10 . 2011-02-20 14:10 371272 c:\windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
+ 2011-05-14 15:12 . 2011-05-14 15:12 897024 c:\windows\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe
+ 2011-03-08 23:31 . 2011-03-08 23:31 339968 c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
- 2011-02-02 17:10 . 2011-02-02 17:10 339968 c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-04-19 19:42 . 2011-04-19 19:42 380928 c:\windows\Installer\{16DDB3D1-5C27-4599-9C63-E583287191CC}\iTunesIco.exe
+ 2011-03-17 12:36 . 2011-01-08 03:27 5653096 c:\windows\SysWOW64\nvwgf2um.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2895976 c:\windows\SysWOW64\nvcuvid.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2251368 c:\windows\SysWOW64\nvcuvenc.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 4941928 c:\windows\SysWOW64\nvcuda.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1965672 c:\windows\SysWOW64\nvapi.dll
+ 2011-03-14 07:10 . 2011-01-18 19:44 1355776 c:\windows\SysWOW64\MSVBVM50.dll
+ 2010-08-30 16:09 . 2011-04-15 11:01 6053536 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-02-18 15:36 . 2011-02-18 15:36 4184352 c:\windows\system32\usbaaplrc.dll
- 2010-09-28 14:44 . 2010-09-28 14:44 4184352 c:\windows\system32\usbaaplrc.dll
+ 2009-07-14 02:34 . 2011-06-11 18:57 9699328 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-02-05 12:30 9699328 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-12-20 15:32 . 2011-01-08 03:27 7729256 c:\windows\system32\nvwgf2umx.dll
+ 2011-01-07 19:49 . 2011-01-07 19:49 1005160 c:\windows\system32\nvvsvc.exe
+ 2011-01-07 19:49 . 2011-01-07 19:49 2558568 c:\windows\system32\nvsvcr.dll
+ 2011-01-07 19:49 . 2011-01-07 19:49 3156072 c:\windows\system32\nvsvc64.dll
+ 2011-03-17 12:36 . 2010-12-02 09:12 1359976 c:\windows\system32\nvgenco64hda.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1359976 c:\windows\system32\nvgenco642040.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1614440 c:\windows\system32\nvdispco642090.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 3112040 c:\windows\system32\nvcuvid.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2479720 c:\windows\system32\nvcuvenc.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 6604904 c:\windows\system32\nvcuda.dll
+ 2011-01-07 19:50 . 2011-01-07 19:50 6143080 c:\windows\system32\nvcpl.dll
+ 2010-12-20 15:32 . 2011-01-08 03:27 2200680 c:\windows\system32\nvapi64.dll
+ 2011-05-14 13:20 . 2011-05-14 13:20 8451072 c:\windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll
+ 2011-02-18 15:36 . 2011-02-18 15:36 4184352 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c169b6211f782a21\usbaaplrc.dll
+ 2011-03-17 12:36 . 2010-12-02 09:12 1359976 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_1a8ed05a8ff84461\nvgenco64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 7729256 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvwgf2umx.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 5653096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvwgf2um.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1359976 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvgenco64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1614440 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvdispco64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2895976 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuvid32.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 3112040 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuvid.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2479720 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuvenc64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2251368 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuvenc.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 4941928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuda32.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 6604904 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcuda.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 2200680 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvapi64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 1965672 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvapi.dll
+ 2011-03-14 07:10 . 2011-01-18 19:44 8549376 c:\windows\Kaminfeuer Titanium Edition II.scr
+ 2011-02-20 14:11 . 2011-02-20 14:11 2881536 c:\windows\Installer\b42fd7.msi
+ 2011-04-13 13:39 . 2011-04-13 13:39 3527168 c:\windows\Installer\a53b1b.msi
+ 2010-03-08 17:59 . 2010-03-08 17:59 1619968 c:\windows\Installer\2e866d1.msi
+ 2011-04-19 19:31 . 2011-04-19 19:31 2528256 c:\windows\Installer\189d61e.msi
+ 2011-03-17 12:36 . 2011-01-08 03:27 15047272 c:\windows\SysWOW64\nvoglv32.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 10078312 c:\windows\SysWOW64\nvd3dum.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 13011560 c:\windows\SysWOW64\nvcompiler.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 20471912 c:\windows\system32\nvoglv64.dll
+ 2010-12-20 15:32 . 2011-01-08 03:27 12859496 c:\windows\system32\nvd3dumx.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 18580072 c:\windows\system32\nvcompiler.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 20471912 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvoglv64.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 15047272 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvoglv32.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 12961640 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvlddmkm.sys
+ 2011-03-17 12:36 . 2011-01-08 03:27 12859496 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvd3dumx.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 10078312 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvd3dum.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 56396024 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\NvCplSetupInt.exe
+ 2011-03-17 12:36 . 2011-01-08 03:27 13011560 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcompiler32.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 18580072 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_7901346b3649171a\nvcompiler.dll
+ 2011-03-17 12:36 . 2011-01-08 03:27 12961640 c:\windows\system32\drivers\nvlddmkm.sys
+ 2010-09-04 23:36 . 2011-06-11 17:01 11991874 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2498949666-4130971900-2577889908-1000-8192.dat
+ 2011-02-20 14:10 . 2011-02-20 14:10 18307072 c:\windows\Installer\b42fd0.msi
+ 2011-03-21 18:25 . 2011-03-21 18:25 17975296 c:\windows\Installer\9eb60b.msi
+ 2011-03-05 10:18 . 2011-03-05 10:18 10654208 c:\windows\Installer\39516e.msi
+ 2011-04-29 10:12 . 2011-04-29 10:12 13471744 c:\windows\Installer\284965.msi
+ 2011-04-19 19:40 . 2011-04-19 19:40 40141312 c:\windows\Installer\189dff8.msi
+ 2011-04-19 19:31 . 2011-04-19 19:31 17837568 c:\windows\Installer\189d5e7.msi
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-18 1242448]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 908160]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-05-01 124216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-02-24 423232]
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-09-10 202256]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Startcenter.lnk - c:\users\David\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe [2010-12-5 80896]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 245120]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Protect.lnk - c:\program files\FRITZ!DSL\FwebProt.exe [2009-4-17 1105208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-05-16 2151128]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [2009-07-28 88888]
S2 IOCBIOS;IOCBIOS;c:\programdata\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [2010-02-03 30384]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S2 XTUService;Intel(R) Extreme Tuning Utility;c:\program files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2010-02-19 22280]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 27716906
*Deregistered* - 27716906
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 16:23]
.
2011-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-02 16:23]
.
2011-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2498949666-4130971900-2577889908-1000Core.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-25 15:13]
.
2011-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2498949666-4130971900-2577889908-1000UA.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-25 15:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 17:17 473408 ----a-w- c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 17:17 473408 ----a-w- c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-07-24 6452256]
"Skytel"="Skytel.exe" [2008-07-24 1833504]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Free YouTube to Mp3 Converter - c:\users\David\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
LSP: %ProgramFiles%\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i0l7udn7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2498949666-4130971900-2577889908-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:4b,ec,51,49,8d,26,74,1c,56,25,fa,73,f3,2e,93,77,48,6a,82,97,c1,19,a2,
bd,cc,d3,62,a4,3d,3c,cf,2b,0b,80,82,c2,db,fb,01,68,0a,27,83,e4,73,a9,12,d4,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-2498949666-4130971900-2577889908-1000\Software\SecuROM\License information*]
"datasecu"=hex:74,58,26,60,2c,22,27,6a,ea,a6,f8,c1,86,43,7e,83,ee,c1,f2,2e,6c,
0e,7b,89,09,4d,cb,d9,c5,aa,ac,93,b6,a0,4d,ec,8c,4f,bc,a7,69,0f,c7,98,13,ab,\
"rkeysecu"=hex:7e,4e,f1,3f,67,ad,cf,fc,6d,24,0f,8a,14,76,7c,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-06-11 21:47:51
ComboFix-quarantined-files.txt 2011-06-11 19:47
ComboFix2.txt 2011-02-10 17:40
.
Vor Suchlauf: 15 Verzeichnis(se), 32.302.821.376 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 32.180.686.848 Bytes frei
.
- - End Of File - - E4836C2041D54B4A04B5667DC0C930E6
|
|
11.06.2011, 22:45
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.06.2011, 22:51
| #11 |
| | Unbekannte Fehlerquelle , Virus MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Ultimate Edition Windows Information: (build 7600), 64-bit Base Board Manufacturer: Intel Corporation BIOS Manufacturer: Intel Corp. System Manufacturer: System Product Name: Logical Drives Mask: 0x0002000c Kernel Drivers (total 156): 0x0301B000 \SystemRoot\system32\ntoskrnl.exe 0x035F8000 \SystemRoot\system32\hal.dll 0x00BD3000 \SystemRoot\system32\kdcom.dll 0x00C3B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00C7F000 \SystemRoot\system32\PSHED.dll 0x00C93000 \SystemRoot\system32\CLFS.SYS 0x00CF1000 \SystemRoot\system32\CI.dll 0x00ED5000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F79000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F88000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x00FDF000 \SystemRoot\system32\DRIVERS\WMILIB.SYS 0x00FE8000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys 0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x00E40000 \SystemRoot\System32\drivers\partmgr.sys 0x00E55000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x00E6A000 \SystemRoot\System32\drivers\volmgrx.sys 0x00EC6000 \SystemRoot\system32\DRIVERS\pciide.sys 0x00DB1000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x00DC1000 \SystemRoot\System32\drivers\mountmgr.sys 0x00FF2000 \SystemRoot\system32\DRIVERS\atapi.sys 0x00C00000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x00C2A000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x010A2000 \SystemRoot\system32\drivers\fltmgr.sys 0x010EE000 \SystemRoot\system32\drivers\fileinfo.sys 0x01102000 \SystemRoot\system32\DRIVERS\Lbd.sys 0x01117000 \SystemRoot\System32\Drivers\PxHlpa64.sys 0x01243000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01124000 \SystemRoot\System32\Drivers\msrpc.sys 0x013E6000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01182000 \SystemRoot\System32\Drivers\cng.sys 0x01200000 \SystemRoot\System32\drivers\pcw.sys 0x01211000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01451000 \SystemRoot\system32\drivers\ndis.sys 0x01543000 \SystemRoot\system32\drivers\NETIO.SYS 0x015A3000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01602000 \SystemRoot\System32\drivers\tcpip.sys 0x01400000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x015CE000 \SystemRoot\system32\DRIVERS\vmstorfl.sys 0x01000000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x015DE000 \SystemRoot\System32\Drivers\spldr.sys 0x0104C000 \SystemRoot\System32\drivers\rdyboost.sys 0x015E6000 \SystemRoot\System32\Drivers\mup.sys 0x0121B000 \SystemRoot\System32\drivers\hwpolicy.sys 0x0187D000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x018B7000 \SystemRoot\system32\DRIVERS\disk.sys 0x018CD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x01933000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x0195D000 \SystemRoot\System32\Drivers\Null.SYS 0x01966000 \SystemRoot\System32\Drivers\Beep.SYS 0x0196D000 \SystemRoot\System32\drivers\vga.sys 0x0197B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x019A0000 \SystemRoot\System32\drivers\watchdog.sys 0x019B0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x019B9000 \SystemRoot\system32\drivers\rdpencdd.sys 0x019C2000 \SystemRoot\system32\drivers\rdprefmp.sys 0x019CB000 \SystemRoot\System32\Drivers\Msfs.SYS 0x019D6000 \SystemRoot\System32\Drivers\Npfs.SYS 0x01800000 \SystemRoot\system32\DRIVERS\tdx.sys 0x0181E000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x02CD5000 \SystemRoot\system32\drivers\afd.sys 0x02D5F000 \SystemRoot\System32\DRIVERS\netbt.sys 0x02DA4000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x02DAF000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x02DB8000 \SystemRoot\system32\DRIVERS\pacer.sys 0x02DDE000 \SystemRoot\system32\DRIVERS\netbios.sys 0x02C00000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x02C1B000 \SystemRoot\system32\DRIVERS\termdd.sys 0x02C2F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x02C80000 \SystemRoot\system32\DRIVERS\psinknc.sys 0x02CA9000 \SystemRoot\system32\drivers\nsiproxy.sys 0x02CB5000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x02CC0000 \SystemRoot\System32\drivers\discache.sys 0x040F3000 \SystemRoot\system32\drivers\csc.sys 0x04176000 \SystemRoot\System32\Drivers\dfsc.sys 0x04194000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x041A5000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x041CB000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x0FE15000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x10A70000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x10A72000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x10B66000 \SystemRoot\System32\drivers\dxgmms1.sys 0x10BAC000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x04000000 \SystemRoot\system32\DRIVERS\e1y62x64.sys 0x10BD0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x0404A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x10BDD000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x040A0000 \SystemRoot\system32\DRIVERS\1394ohci.sys 0x10BEE000 \SystemRoot\system32\DRIVERS\intelsmb.sys 0x0FE00000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x10BF7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x040DE000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x041E1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x0182B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x02DED000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x044BB000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x044EA000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x04505000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x04526000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04540000 \SystemRoot\system32\DRIVERS\rdpbus.sys 0x0454B000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x0455A000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x04569000 \SystemRoot\system32\DRIVERS\swenum.sys 0x0456B000 \SystemRoot\system32\DRIVERS\ks.sys 0x045AE000 \SystemRoot\system32\DRIVERS\umbus.sys 0x04400000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x0445A000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x0446F000 \SystemRoot\system32\drivers\nvhda64v.sys 0x045C0000 \SystemRoot\system32\drivers\portcls.sys 0x04498000 \SystemRoot\system32\drivers\drmk.sys 0x0FE0D000 \SystemRoot\system32\drivers\ksthunk.sys 0x05250000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x00070000 \SystemRoot\System32\win32k.sys 0x053BA000 \SystemRoot\System32\drivers\Dxapi.sys 0x053C6000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x053D4000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x053ED000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x053F6000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x02AC7000 \SystemRoot\system32\DRIVERS\udfs.sys 0x02B1B000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x02B28000 \SystemRoot\system32\DRIVERS\monitor.sys 0x02B36000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x02B53000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x00440000 \SystemRoot\System32\TSDDD.dll 0x02B61000 \SystemRoot\System32\Drivers\crashdmp.sys 0x02B6F000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x02B7B000 \SystemRoot\System32\Drivers\dump_atapi.sys 0x02B84000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x006D0000 \SystemRoot\System32\cdd.dll 0x008D0000 \SystemRoot\System32\ATMFD.DLL 0x02B97000 \SystemRoot\system32\drivers\luafv.sys 0x02BBA000 \SystemRoot\system32\DRIVERS\PSINAflt.sys 0x02A00000 \SystemRoot\system32\DRIVERS\PSINProt.sys 0x02A23000 \SystemRoot\system32\DRIVERS\PSINFile.sys 0x02A42000 \SystemRoot\system32\DRIVERS\PSINProc.sys 0x02A63000 \SystemRoot\system32\drivers\WudfPf.sys 0x02A84000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x02A99000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x056AB000 \SystemRoot\system32\drivers\HTTP.sys 0x05773000 \SystemRoot\system32\DRIVERS\bowser.sys 0x05791000 \SystemRoot\System32\drivers\mpsdrv.sys 0x057A9000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x05600000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x0564D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x05670000 \??\C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys 0x05EEF000 \SystemRoot\system32\drivers\peauth.sys 0x05F95000 \SystemRoot\System32\Drivers\secdrv.SYS 0x05FA0000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x05FCD000 \SystemRoot\System32\drivers\tcpipreg.sys 0x05E00000 \SystemRoot\System32\DRIVERS\srv2.sys 0x064E8000 \SystemRoot\System32\DRIVERS\srv.sys 0x06400000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0x0642B000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS 0x76FD0000 \Windows\System32\ntdll.dll 0x47AC0000 \Windows\System32\smss.exe 0xFF2F0000 \Windows\System32\apisetschema.dll Processes (total 76): 0 System Idle Process 4 System 444 C:\Windows\System32\smss.exe 608 csrss.exe 684 C:\Windows\System32\wininit.exe 704 csrss.exe 740 C:\Windows\System32\services.exe 760 C:\Windows\System32\lsass.exe 768 C:\Windows\System32\lsm.exe 872 C:\Windows\System32\svchost.exe 948 C:\Windows\System32\winlogon.exe 976 C:\Windows\System32\nvvsvc.exe 1016 C:\Windows\System32\svchost.exe 616 C:\Windows\System32\svchost.exe 812 C:\Windows\System32\svchost.exe 1000 C:\Windows\System32\svchost.exe 1188 C:\Windows\System32\svchost.exe 1284 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1296 C:\Windows\System32\nvvsvc.exe 1360 C:\Windows\System32\svchost.exe 1612 C:\Windows\System32\spoolsv.exe 1640 C:\Windows\System32\svchost.exe 1720 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1784 C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1852 C:\Windows\System32\taskhost.exe 1932 C:\Program Files\FRITZ!DSL\IGDCTRL.EXE 1348 C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe 1860 C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 1708 C:\Windows\SysWOW64\PnkBstrA.exe 2068 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2100 C:\Windows\System32\svchost.exe 2168 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 2212 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2544 C:\Windows\explorer.exe 2660 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2904 C:\Windows\System32\dwm.exe 2232 WmiPrvSE.exe 3992 C:\Windows\System32\svchost.exe 1092 C:\Windows\System32\svchost.exe 3896 C:\Windows\System32\SearchIndexer.exe 3324 C:\Windows\RAVCpl64.exe 4092 C:\Program Files\Windows Sidebar\sidebar.exe 4208 C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE 4420 C:\Program Files\FRITZ!DSL\FwebProt.exe 4796 C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe 4816 C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe 4896 C:\Windows\System32\svchost.exe 3548 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3144 C:\Program Files (x86)\iTunes\iTunesHelper.exe 1528 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2848 C:\Program Files\Windows Media Player\wmpnetwk.exe 5204 C:\Program Files\iPod\bin\iPodService.exe 5748 dllhost.exe 6292 C:\Windows\System32\svchost.exe 6696 C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe 12616 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 6316 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 764 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 15064 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 6792 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 11232 C:\Windows\SysWOW64\rundll32.exe 6712 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 7448 C:\Program Files (x86)\ICQ7.5\ICQ.exe 11900 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 11032 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 11056 C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.6.0.0_0\plugin\ClickClean.exe 11140 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 7564 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 9636 C:\Windows\System32\audiodg.exe 11640 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 12512 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe 17768 C:\Windows\System32\SearchProtocolHost.exe 11836 C:\Windows\System32\SearchFilterHost.exe 19236 C:\Users\David\Desktop\MBRCheck.exe 18908 C:\Windows\System32\conhost.exe 10752 C:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS) \\.\R: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS) PhysicalDrive1 Model Number: SAMSUNGHD161GJ, Rev: 1AC01118 PhysicalDrive0 Model Number: WDCWD20EADS-00R6B0, Rev: 01.00A01 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive1 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 1863 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done! |
|
11.06.2011, 22:52
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.06.2011, 17:05
| #13 |
| | Unbekannte Fehlerquelle , Virus Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6840 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12.06.2011 14:56:05 mbam-log-2011-06-12 (14-56-05).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|R:\|) Durchsuchte Objekte: 391141 Laufzeit: 1 Stunde(n), 1 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 06/12/2011 at 03:42 PM Application Version : 4.53.1000 Core Rules Database Version : 7254 Trace Rules Database Version: 5066 Scan type : Complete Scan Total Scan Time : 01:52:03 Memory items scanned : 678 Memory threats detected : 0 Registry items scanned : 15358 Registry threats detected : 0 File items scanned : 232182 File threats detected : 4 Adware.Tracking Cookie C:\Users\David\AppData\Roaming\Microsoft\Windows\Cookies\david@tracking.quisma[2].txt s0.2mdn.net [ C:\Users\David\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\F3LQJTWE ] www.adservercentral.info [ C:\Users\David\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\F3LQJTWE ] www.naiadsystems.com [ C:\Users\David\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\F3LQJTWE ] ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255) # OnlineScanner.ocx=1.0.0.6526 # api_version=3.0.2 # EOSSerial=0a7ebd6150e30d4087bd07a08c3e366d # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-06-12 03:57:58 # local_time=2011-06-12 05:57:58 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1538 16774142 20 3 8266363 136439327 0 0 # compatibility_mode=5893 16776573 100 94 16501205 60295508 0 0 # compatibility_mode=8192 67108863 100 0 534 534 0 0 # scanned=234519 # found=2 # cleaned=0 # scan_time=4446 C:\Users\David\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\396b96f9-2042ed7e multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\David\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\412e85be-72eeab9e multiple threats (unable to clean) 00000000000000000000000000000000 I Browser spinnen jedoch immer noch gestern nachdem ich mbr check gemacht ging alles. Heute Morgen aber wieder nicht mehr . |
|
13.06.2011, 19:00
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Fehlerquelle , Virus Nur Cookies und Überreste. Kann weg. Rechner jetzt wieder im Lot?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2011, 21:10
| #15 |
| | Unbekannte Fehlerquelle , Virus Nein Chrome funktioniert immer noch nicht und die anderen Browser sind lahm und spinnen . Ich bin am verzweifeln hab schon sämtliches probiert .Aber danke Arne |
|
| Themen zu Unbekannte Fehlerquelle , Virus |
| ad-aware, antivirus, backdoor, bho, bonjour, browser, chrome, cloud, converter, dateisystem, desktop, dsl, google, hijack, hijackthis, hijackthis bericht, icq geht, internet, internet explorer, malware, maßnahme, mp3, object, performance, plug-in, problem, security, senden, software, spielen, syswow64, virus, windows |
Linear-Darstellung
