![]() |
Log-Analyse und Auswertung: Win7 spinnt nach FreezeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
![]() ![]() | ![]() Win7 spinnt nach Freeze Hi. Leider hab ich mal wieder Probleme :S Gestern als ich meinen PC heruntergefahren habe hat er noch runtergeladene Updates installiert (9stk) bevor er sich ausschaltete. Heute Abend als ich den PC startete hatte er anscheinend die Updates konfiguriert, neugestartet und anscheinend nochmal kurz konfiguriert O.o Dann lief der PC ca. 20 Minuten völlig ok. Dann fing aufeinmal an mein ICQ Chat fenster nichtmehr zu reagieren. Dachte erst das muss mal wieder irgendwie lange zwischenladen. Dann hing aufeinmal Firefox und nach ein wenig rumklicken auf nichts funktionierenden hing dann auch mein Winamp mit laufenden Livestream. Schlussendlich hing alles, bis auf der hörbar laufende Livestream und ich drückte den reset Knopf. Dann fing alles an. nach der Willkommensmeldung von Windows hat alles ziemlich lange geladen und es kamen zich Fehlermeldungen wie "Windows muss jetzt neu gestartet werden da der Dienst Stromversorgung unerwartet beendet wurde" oder Minianwendungen haben einen Fehler festgestellt und müssen beendet werden. Oder meine Webcam Software wurde aufeinmal angeprangert Ausserdem hat sich dann ständig das Design geändert von meinem normalen Schwarz auf das Aero Design, der Windows Explorer hängt sich auf usw. Schluss endlich hatte ich den Taskmanager mal offen und habe meine Prozesse beobachtet. Es wurde überhauptnichts am PC gemacht und aufeinmal verschwunden viele Prozesse und Windows meldete dass das Sicherheitscenter ausgeschaltet ist uargggh -_- Dann habe ich aufjedenfall den PC sofort eiskalt ausgemacht bevor noch schlimmeres passiert. Jetzt habe ich über Nacht Avira Rescue System live CD laufen lassen (13Stunden lang!!!) und da passierte anscheinend nun nichtsmehr. Ich kann auch nicht die Log abspeichern weil dort nichtsmehr reagiert (Power und HDD LED dauerhaft am leuchten O.o) Es gab ca ca 450 Warnungen aber keine Funde. PC gerade wieder hochgefahren und wieder einige Fehlermeldungen, Designänderungen und Explorer abstürze hinter mir gehabt. Aber wenn diese Welle erstmal vorbei ist läuft alles normal. Nur ich merke das der PC ziemlich langsam reagiert und Arbeitet. Ich habe hier mal ein Bild von den laufenden Prozessen (Mit gesetzen Haken bei "Alle Benutzer" auch wenn nur ich einen habe): hxxp://img828.imageshack.us/img828/8315/74094456.jpg Was mir schonmal aufgefallen ist das wenn ich Teamviewer_Service.exe schliessen möchte öffnet diese sich sofort wieder selber. Ich habe zwar Teamviewer installiert aber nicht geöffnet. Hier nochmal ein paar Fehlermeldungen auf einem Blick hxxp://img10.imageshack.us/img10/3791/84709223.jpg Malwarebytes hat auch nichts gefunden (Vollständiger Suchlauf) Wenn ich nützliche Logs ätte würde ich diese posten. Bitte um Hilfe. MfG |
![]() | #2 |
![]() ![]() | ![]() Win7 spinnt nach Freeze Scan mit OTL:
__________________OTL.txt: Code:
ATTFilter OTL logfile created on: 18.02.2012 21:44:39 - Run 1 OTL by OldTimer - Version Folder = C:\Users\*****\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 48,63% Memory free 8,00 Gb Paging File | 5,79 Gb Available in Paging File | 72,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1862,92 Gb Total Space | 1588,36 Gb Free Space | 85,26% Space Free | Partition Type: NTFS Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\EDIMAX\Common\RaUI.exe (Edimax Technology Co., Ltd.) PRC - C:\Program Files (x86)\TerraTec\Snap!\TerraTecSnap.exe (TerraTec Electronic GmbH) PRC - C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko10\WINNT_x86-msvc\SSSLauncher.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax () MOD - C:\Program Files (x86)\TerraTec\Snap!\TTUSB.dll () MOD - C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe () MOD - C:\Program Files (x86)\ScanWizard 5\SFRes.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (JetDrive WindowsClosingService) -- C:\Windows\SysWow64\WindowsClosingService.exe () SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (VMparport) -- C:\Windows\SysNative\drivers\VMparport.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (jetdrive) -- C:\Windows\SysNative\drivers\jddrv.sys (Abelssoft GmbH) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (rt61x64) -- C:\Windows\SysNative\drivers\netr6164.sys (Ralink Technology, Corp.) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.) DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) DRV - (ISODisk) -- C:\Windows\SysWow64\drivers\ISODisk.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 4F FE D2 05 F5 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.03.04 17:15:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 13:40:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.05 00:00:13 | 000,000,000 | ---D | M] [2011.02.08 21:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2011.02.08 22:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5pahtyzq.default\extensions [2011.02.08 22:14:58 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5pahtyzq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.01.31 21:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions [2011.02.16 17:49:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2011.12.08 18:17:25 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012.01.31 21:05:21 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2011.02.16 17:49:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.12.01 22:48:36 | 000,000,000 | ---D | M] (WOT) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.02.16 17:49:02 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rre2b24q.*****-Benutzer\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.12.24 19:51:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.10.15 13:19:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.02.18 13:40:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TerraTec Snap!] C:\Program Files (x86)\TerraTec\Snap!\TerraTecSnap.exe (TerraTec Electronic GmbH) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0632106-16B6-4CDC-BA22-BAD9AB0CCA0B}: DhcpNameServer = O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{5110b439-33b1-11e0-9b38-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5110b439-33b1-11e0-9b38-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.18 21:43:11 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2012.02.16 23:40:58 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.02.16 23:40:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.02.16 23:40:56 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.02.16 23:40:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.02.16 23:40:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.02.16 23:40:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.02.16 23:40:55 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.02.16 23:40:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.02.16 23:40:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.02.16 23:40:54 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.02.16 23:40:54 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.02.16 17:33:33 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012.02.16 17:33:15 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012.02.16 17:33:15 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012.02.16 17:32:58 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012.02.10 17:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012.02.10 17:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012.01.29 22:14:14 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll [2012.01.24 16:51:30 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.24 16:51:29 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.24 16:51:29 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.24 16:51:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.24 16:51:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.24 16:51:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.22 19:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Take2 [2012.01.22 19:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Take2 [2012.01.22 17:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix MP Demo [2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\*****\AppData\Local\CDRip.dll [2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\*****\AppData\Local\No23 Recorder.exe [2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\*****\AppData\Local\basscd.dll [2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\*****\AppData\Local\bass.dll ========== Files - Modified Within 30 Days ========== [2012.02.18 21:43:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2012.02.18 21:10:15 | 002,498,175 | ---- | M] () -- C:\Users\*****\Desktop\sydney samson lets go.mp3 [2012.02.18 21:00:45 | 004,824,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.02.18 21:00:45 | 001,892,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.02.18 21:00:45 | 001,480,226 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.02.18 21:00:45 | 001,327,836 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.02.18 21:00:45 | 000,005,848 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.02.18 20:58:43 | 000,201,141 | ---- | M] () -- C:\Users\*****\Desktop\DSCI0279.JPG [2012.02.18 12:03:26 | 000,018,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.18 12:03:26 | 000,018,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.18 11:55:03 | 000,404,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.02.18 11:53:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.18 11:52:53 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys [2012.02.15 21:32:15 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.02.13 23:25:47 | 000,000,035 | ---- | M] () -- C:\Windows\Ulead32.INI [2012.02.05 22:42:03 | 003,734,934 | ---- | M] () -- C:\Users\*****\Documents\clip0004.avi [2012.01.29 22:17:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2012.01.28 14:17:22 | 000,000,132 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.01.22 19:04:25 | 008,667,809 | ---- | M] () -- C:\Users\*****\usb_driver_MT65xx_Android_ZTE_v821.rar [2012.01.22 02:00:01 | 000,040,696 | ---- | M] () -- C:\Users\*****\Documents\Cover497.jpg ========== Files Created - No Company Name ========== [2012.02.18 21:02:27 | 002,498,175 | ---- | C] () -- C:\Users\*****\Desktop\sydney samson lets go.mp3 [2012.02.18 20:58:01 | 000,201,141 | ---- | C] () -- C:\Users\*****\Desktop\DSCI0279.JPG [2012.02.05 22:41:53 | 003,734,934 | ---- | C] () -- C:\Users\*****\Documents\clip0004.avi [2012.01.29 22:17:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf [2012.01.22 19:01:02 | 008,667,809 | ---- | C] () -- C:\Users\*****\usb_driver_MT65xx_Android_ZTE_v821.rar [2012.01.22 02:00:01 | 000,040,696 | ---- | C] () -- C:\Users\*****\Documents\Cover497.jpg [2011.12.26 17:32:10 | 000,009,216 | ---- | C] () -- C:\Windows\SysWow64\WindowsClosingService.exe [2011.12.19 23:41:55 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2011.12.19 23:41:55 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2011.12.19 23:41:55 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2011.11.15 23:33:27 | 000,008,704 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.08.26 17:00:03 | 000,000,132 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011.08.26 16:57:39 | 000,000,132 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.08.25 00:47:59 | 000,000,132 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.06.13 23:22:48 | 000,000,092 | ---- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2011.06.04 23:06:18 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI [2011.06.04 23:04:38 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys [2011.06.04 23:04:38 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys [2011.04.11 10:31:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.04.01 16:13:58 | 000,005,788 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.01 22:08:15 | 000,001,597 | ---- | C] () -- C:\Users\*****\AppData\Local\RecConfig.xml [2011.02.16 17:24:46 | 000,000,785 | ---- | C] () -- C:\Users\*****\AppData\Local\RT61_{C0632106-16B6-4CDC-BA22-BAD9AB0CCA0B}_sta [2011.02.16 17:23:41 | 000,001,565 | ---- | C] () -- C:\Users\*****\AppData\Local\RT61_{C0632106-16B6-4CDC-BA22-BAD9AB0CCA0B}_prof [2011.02.09 12:48:26 | 000,007,605 | ---- | C] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg [2011.02.08 23:43:41 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.02.08 23:43:40 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.02.08 23:43:39 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.02.08 23:43:39 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.02.08 23:43:38 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.02.08 23:27:20 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.02.08 23:26:38 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.02.08 22:26:31 | 000,009,600 | ---- | C] () -- C:\Windows\SysWow64\drivers\ISODisk.sys [2011.02.08 22:01:47 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.02.08 21:08:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.02.08 20:03:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.12.15 20:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Users\*****\AppData\Local\lame_enc.dll [2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbisenc.dll [2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbisfile.dll [2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbis.dll [2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Users\*****\AppData\Local\ogg.dll [2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Users\*****\AppData\Local\no23xwrapper.dll ========== LOP Check ========== [2011.12.19 23:42:10 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\concept design [2012.02.11 18:07:25 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoft [2011.02.08 22:14:56 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.20 00:47:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\FileZilla [2011.11.27 16:28:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\FireShot [2012.01.06 21:53:49 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\gtk-2.0 [2012.02.17 19:19:14 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2011.02.19 18:25:09 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\InfraRecorder [2011.02.08 23:03:20 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\IrfanView [2011.12.24 19:07:15 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\MAGIX [2011.12.16 00:25:09 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\MyPhoneExplorer [2011.12.01 00:45:23 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Nik Software [2011.03.04 17:17:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Nokia [2011.04.09 12:44:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org [2011.03.04 17:17:32 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PC Suite [2011.02.21 11:25:26 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PhotoScape [2011.08.24 01:53:14 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Publish Providers [2011.10.23 12:11:01 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\SA-MP Audio Plugin [2011.08.24 01:53:11 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Sony [2011.02.26 15:05:33 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TeamViewer [2011.10.23 18:03:23 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TS3Client [2012.02.17 19:55:54 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.11.10 00:21:42 | 000,000,127 | ---- | M] ()(C:\Users\*****\Desktop\??? FM.asx) -- C:\Users\*****\Desktop\ХИТ FM.asx [2011.11.10 00:21:41 | 000,000,127 | ---- | C] ()(C:\Users\*****\Desktop\??? FM.asx) -- C:\Users\*****\Desktop\ХИТ FM.asx < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.02.2012 21:44:39 - Run 1 OTL by OldTimer - Version Folder = C:\Users\****\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 48,63% Memory free 8,00 Gb Paging File | 5,79 Gb Available in Paging File | 72,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1862,92 Gb Total Space | 1588,36 Gb Free Space | 85,26% Space Free | Partition Type: NTFS Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ****-PC | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{73BA9A8F-6B40-BF79-541E-464156FBA764}" = ccc-utility64 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A2422B02-0D41-43F5-B62E-C7A5E55FCBA8}" = Vegas Pro 9.0 (64-bit) "{B361F88B-D513-9D45-E7F2-871B61C46D32}" = WMV9/VC-1 Video Playback "{C2E0D3FE-12C4-BF5B-FC4E-052CB8833424}" = AMD Fuel "{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{EE269999-1AB7-7B39-7944-513CF3426CB8}" = AMD Drag and Drop Transcoding "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6) "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CCleaner" = CCleaner "Defraggler" = Defraggler "E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem (06/09/2010 "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.4.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinGimp-2.0_is1" = GIMP 2.6.8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0DE8527A-FE3E-4FCA-A023-D57EF0B796C9}_is1" = Plants vs. Zombies (by Scar) "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{1C943495-B69F-4D41-AE0E-23C57ECD90EE}" = Debugging Tools for Windows "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder "{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.0 "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.2 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = ABBYY FineReader OCR Engine für ScanWizard "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3E4043A1-F93B-4BC8-9DBA-44437CDFB0CB}_is1" = v0.5 build 031 release 6.07.10 19:41 "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5BF5331F-E271-4A1F-AF5D-30A93EFF2584}_is1" = Franzis onlineTV 6 "{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{5FE71C58-78B3-4207-84C1-AF7F8F839301}" = MAGIX Web Designer 6 "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City "{6331C6C0-3754-E910-7113-5013355C8E47}" = CCC Help English "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68D97286-D1C7-445C-8007-4778CB874D08}" = Gotcha! "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7 "{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007 "{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_SharePointDesigner_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_SharePointDesigner_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_SharePointDesigner_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_SharePointDesigner_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_SharePointDesigner_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95C3927C-C899-C5D8-0EA7-67895FC979B2}" = ccc-core-static "{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13 "{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A6D61444-CBCC-44AF-95DF-AE3A33CC252D}" = AMD Demo - Ladybug "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B5408C28-8D1F-4D65-AA49-02FBD56136FF}" = WolfQuest "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{ED4B50B7-C06B-57FE-7985-AA83DDBEEEF5}" = Catalyst Control Center Graphics Previews Common "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F01A9563-2A27-6ABC-2E04-03B7873DF7E0}" = Catalyst Control Center InstallProxy "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Edimax Wireless LAN "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AssaultCube_v1.1.0.4" = AssaultCube v1.1.0.4 "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira Free Antivirus "Color Efex Pro 3.0 Stand-Alone Standard" = Color Efex Pro 3.0 Standard "FileZilla Client" = FileZilla Client 3.5.2 "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition "Fraps" = Fraps (remove only) "Free Studio_is1" = Free Studio version 5.3.3 "Free YouTube Download 3 Beta_is1" = Free YouTube Download 3 Beta version "GAMI (Gta-Action Mod-Installer)" = GAMI (Gta-Action Mod-Installer) "HD Tune_is1" = HD Tune 2.55 "HyperCam 2" = HyperCam 2 "InfraRecorder" = InfraRecorder "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager "IP Camera" = IP Camera "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "JetDrive_is1" = JetDrive "KLiteCodecPack_is1" = K-Lite Codec Pack 6.9.0 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas "MAGIX Fotobuch" = MAGIX Fotobuch 3.6 "MAGIX Goya burnR D" = MAGIX Goya burnR (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service (D) "MAGIX Screenshare D" = MAGIX Screenshare (D) "MAGIX Video deluxe 2008 D" = MAGIX Video deluxe 2008 (D) "MAGIX_MSI_Web_Designer_6_DLM" = MAGIX Web Designer 6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version "Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de) "MPE" = MyPhoneExplorer "MTA: Race for San Andreas" = MTA: Race for San Andreas 1.1.1 "nLite_is1" = nLite "Nokia PC Suite" = Nokia PC Suite "OpenAL" = OpenAL "PhotoScape" = PhotoScape "Revo Uninstaller" = Revo Uninstaller 1.90 "San Andreas Mod Installer1.1" = San Andreas Mod Installer "San Andreas Radio_is1" = San Andreas Radio V1.0 "SharePointDesigner" = Microsoft Office SharePoint Designer 2007 "SpeedFan" = SpeedFan (remove only) "SpiceMASTER 2.5 PRO for Vegas" = SpiceMASTER 2.5 PRO for Vegas "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 7" = TeamViewer 7 "TerraTec Snap! (zeec Edition)" = TerraTec Snap! (zeec Edition) 1.3.0 "The Suffering" = The Suffering (remove only) "Uninstall_is1" = Uninstall "VMware_Player" = VMware Player "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "Xfire" = Xfire (remove only) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
![]() | #3 |
![]() ![]() | ![]() Win7 spinnt nach Freeze Bitte den Thread nicht untergehen lassen
__________________ |
![]() |
Themen zu Win7 spinnt nach Freeze |
aero design, avira, avira rescue, bild, explorer, festgestellt, firefox, freeze, hängt, icq, langsam, live cd, log, nicht geöffnet., probleme, prozesse, reset, service.exe, software, spinnt, system, taskmanager, updates, viele prozesse, webcam, win7, windows, windows explorer, öffnet |