|
Log-Analyse und Auswertung: "Webseite kann nicht angezeigt werden"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
18.09.2012, 23:38 | #1 |
| "Webseite kann nicht angezeigt werden" Guten Abend, bin bisher von solchen Erlebnissen verschont geblieben, jetzt hat mich wohl auch ein etwas bekannterer Schädling erwischt. Ich bin neu auf dem Gebiet, wäre froh, wenn ihr mir bei der Fehlerbeseitigung ein bisschen unter die Arme helf MEIN ANLIEGEN: Nach dem Anmeldebildschirm erscheint eine Vollbild-Seite im Stil vom Internet Explorer, der mir sagt, dass eine bestimmte Seite nicht gefunden werden konnte. Task-Manager lässt sich nicht starten. Wenn ich das Boot-Menü aufrufen will, kommt eine Anzeige in folgendem Stil (ein Hoch auf MS Paint): Der Unterstrich im oberen linken Eck blinkt. Nichtsdestotrotz konnte ich ja zum Glück booten und konnte so OTL starten über REATOGO-X-PE. Habe das REATOGO-X-PE Image auf eine DVD gebrannt und darüber gebootet. Anliegend findet ihr die geforderten Log-Files von OTL: OTL.txt Code:
ATTFilter OTL logfile created on: 9/19/2012 1:05:59 AM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE 64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86) Drive C: | 387.63 Gb Total Space | 204.63 Gb Free Space | 52.79% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 169.60 Gb Free Space | 18.21% Space Free | Partition Type: NTFS Drive E: | 78.12 Gb Total Space | 2.11 Gb Free Space | 2.70% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV:64bit: - (NisSrv) -- E:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- E:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (TabletServicePen) -- E:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV:64bit: - (TouchServicePen) -- E:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV:64bit: - (AMD External Events Utility) -- E:\Windows\System32\atiesrxx.exe (AMD) SRV:64bit: - (OODefragAgent) -- E:\Program Files\OO Defrag\oodag.exe (O&O Software GmbH) SRV:64bit: - (WinDefend) -- E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- E:\Windows\System32\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- E:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nvUpdatusService) -- E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (PnkBstrA) -- E:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Steam Client Service) -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Creative Audio Engine Licensing Service) -- E:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (Fabs) -- E:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (FirebirdServerMAGIXInstance) -- E:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (DCService.exe) -- E:\ProgramData\DataCardService\DCService.exe () SRV - (PassThru Service) -- E:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (clr_optimization_v4.0.30319_32) -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CTAudSvcService) -- E:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (MSSQL$SONY_MEDIAMGR) -- E:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLAgent$SONY_MEDIAMGR) -- E:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NVHDA) -- E:\Windows\System32\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (NisDrv) -- E:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (wacmoumonitor) -- E:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology) DRV:64bit: - (wacommousefilter) -- E:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (wacomvhid) -- E:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (atikmdag) -- E:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- E:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- E:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- E:\Windows\System32\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (sptd) -- E:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (TsUsbFlt) -- E:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (hwdatacard) -- E:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (huawei_enumerator) -- E:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (UnlockerDriver5) -- E:\Program Files\Unlocker\UnlockerDriver5.sys () DRV:64bit: - (htcnprot) -- E:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (amdiox64) -- E:\Windows\System32\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (HTCAND64) -- E:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (usb_rndisx) -- E:\Windows\System32\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- E:\Windows\System32\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- E:\Windows\system32\DRIVERS\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- E:\Windows\system32\DRIVERS\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- E:\Windows\System32\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (CTEXFIFX.SYS) -- E:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.) DRV:64bit: - (CTEXFIFX) -- E:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.) DRV:64bit: - (CTHWIUT.SYS) -- E:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.) DRV:64bit: - (CTHWIUT) -- E:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.) DRV:64bit: - (CT20XUT.SYS) -- E:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.) DRV:64bit: - (CT20XUT) -- E:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.) DRV:64bit: - (RTL8167) -- E:\Windows\System32\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (AnyDVD) -- E:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV:64bit: - (ha20x2k) -- E:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd) DRV:64bit: - (emupia) -- E:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd) DRV:64bit: - (ctsfm2k) -- E:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV:64bit: - (ctprxy2k) -- E:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd) DRV:64bit: - (ossrv) -- E:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- E:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd) DRV:64bit: - (ctac32k) -- E:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd) DRV:64bit: - (CTHWIUT.DLL) -- E:\Windows\System32\CTHWIUT.DLL (Creative Technology Ltd.) DRV:64bit: - (CT20XUT.DLL) -- E:\Windows\System32\CT20XUT.DLL (Creative Technology Ltd.) DRV:64bit: - (CTEXFIFX.DLL) -- E:\Windows\System32\CTEXFIFX.DLL (Creative Technology Ltd.) DRV:64bit: - (CTEDSPSY.DLL) -- E:\Windows\System32\CTEDSPSY.DLL (Creative Technology Ltd) DRV:64bit: - (CTEDSPIO.DLL) -- E:\Windows\System32\CTEDSPIO.DLL (Creative Technology Ltd) DRV:64bit: - (CTERFXFX.DLL) -- E:\Windows\System32\CTERFXFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTEDSPFX.DLL) -- E:\Windows\System32\CTEDSPFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTEAPSFX.DLL) -- E:\Windows\System32\CTEAPSFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTSBLFX.DLL) -- E:\Windows\System32\CTSBLFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTAUDFX.DLL) -- E:\Windows\System32\CTAUDFX.DLL (Creative Technology Ltd) DRV:64bit: - (COMMONFX.DLL) -- E:\Windows\System32\COMMONFX.DLL (Creative Technology Ltd) DRV:64bit: - (ATITool) -- E:\Windows\System32\drivers\ATITool64.sys () DRV - (AnyDVD) -- E:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B C9 6E D7 78 20 CC 01 [binary data] IE - HKU\Ferdi_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Ferdi_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_271.dll () FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0: E:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.132.0: E:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: E:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1: E:\Program Files (x86)\VLC Media Player\npvlc.dll (VideoLAN) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: E:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: E:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: E:\Users\Ferdi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Users\Ferdi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Users\Ferdi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: E:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/18 14:40:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/09/18 14:40:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011/06/02 09:57:30 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Extensions [2011/06/02 09:57:30 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/09/16 09:47:39 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions [2012/08/19 18:26:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/09/16 09:47:39 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions\ich@maltegoetz.de [2012/09/07 07:47:24 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions File not found (No name found) -- () (No name found) -- E:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S4WJPTXU.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI [2012/09/07 07:47:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/08/14 11:28:55 | 000,001,392 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/08/28 11:28:37 | 000,002,465 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/08/14 11:28:55 | 000,001,153 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011/10/19 12:16:14 | 000,002,048 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2012/08/14 11:28:55 | 000,006,805 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/08/14 11:28:55 | 000,001,178 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/08/14 11:28:55 | 000,001,105 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012/06/11 19:42:27 | 000,002,666 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 activate.wip.adobe.com O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 crl.verisign.net O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET O1 - Hosts: 127.0.0.1 ood.opsource.net O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net O1 - Hosts: 127.0.0.1 practivate.adobe O1 - Hosts: 127.0.0.1 practivate.adobe O1 - Hosts: 37 more lines... O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [MSC] E:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKU\Ferdi_ON_E..\Run: [Facebook Update] E:\Users\Ferdi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\Ferdi_ON_E..\Run: [osgjeecnozmbqxp] E:\ProgramData\osgjeecn.exe () O4 - HKU\Ferdi_ON_E..\Run: [Spotify Web Helper] E:\Users\Ferdi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\UpdatusUser_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found O4 - HKU\UpdatusUser_ON_E..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\Ferdi_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Ferdi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Ferdi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13:64bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\Ferdi_ON_E Winlogon: Shell - (expstart.exe) - E:\Windows\expstart.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{066a6910-ca42-11e0-ad32-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{066a6910-ca42-11e0-ad32-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{07de8c08-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{07de8c08-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{07de8c15-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{07de8c15-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{07de8c21-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{07de8c21-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{15ac4a93-d94e-11e0-b372-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{15ac4a93-d94e-11e0-b372-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{15ac4aa6-d94e-11e0-b372-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{15ac4aa6-d94e-11e0-b372-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{378cf6e2-c134-11e0-acae-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{378cf6e2-c134-11e0-acae-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{378cf6fb-c134-11e0-acae-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{378cf6fb-c134-11e0-acae-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7a703e32-c04a-11e0-aeca-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{7a703e32-c04a-11e0-aeca-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8c7d3308-c01b-11e0-8548-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{8c7d3308-c01b-11e0-8548-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8c7d3314-c01b-11e0-8548-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{8c7d3314-c01b-11e0-8548-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8f6bbde7-c109-11e0-b136-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{8f6bbde7-c109-11e0-b136-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8f6bbdfb-c109-11e0-b136-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{8f6bbdfb-c109-11e0-b136-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{9109209c-c0db-11e0-ae6c-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{9109209c-c0db-11e0-ae6c-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{910920b2-c0db-11e0-ae6c-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{910920b2-c0db-11e0-ae6c-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{9ad30109-c1e2-11e0-b291-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{9ad30109-c1e2-11e0-b291-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{9ad3011d-c1e2-11e0-b291-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{9ad3011d-c1e2-11e0-b291-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c781e1d1-2a69-11e1-b78f-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{c781e1d1-2a69-11e1-b78f-00241dd0da6f}\Shell\AutoRun\command - "" = G:\LANLauncher.exe O33 - MountPoints2\{d640eca9-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{d640eca9-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d640ecbd-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{d640ecbd-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d640eccf-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{d640eccf-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d640ecd1-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{d640ecd1-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\AutoRun\command - "" = D:\SETUP.EXE O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\configure\command - "" = D:\SETUP.EXE O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\install\command - "" = D:\SETUP.EXE O33 - MountPoints2\{f2d7000d-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d7000d-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f2d7000f-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d7000f-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f2d7002b-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d7002b-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f2d70041-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d70041-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f2d70045-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d70045-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{f2d70054-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun O33 - MountPoints2\{f2d70054-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/09/18 17:06:30 | 000,000,000 | ---D | C] -- E:\ProgramData\xpwlsjghoevadnu [2012/09/18 16:40:00 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- E:\Windows\SysWow64\drvc.dll [2012/09/18 16:40:00 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- E:\Windows\SysWow64\nbDX.dll [2012/09/18 16:40:00 | 000,031,232 | RHS- | C] (Hans Mayerl) -- E:\Windows\SysWow64\msfDX.dll [2012/09/18 16:40:00 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2012/09/18 16:39:59 | 000,186,880 | RHS- | C] (RadLight) -- E:\Windows\SysWow64\RLOgg.ax [2012/09/18 16:39:59 | 000,163,328 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\flvDX.dll [2012/09/18 16:39:59 | 000,092,672 | RHS- | C] (RadLight) -- E:\Windows\SysWow64\RLVorbisDec.ax [2012/09/18 16:39:59 | 000,090,112 | RHS- | C] (-) -- E:\Windows\SysWow64\TTADSSplitter.ax [2012/09/18 16:39:59 | 000,090,112 | RHS- | C] (-) -- E:\Windows\SysWow64\TTADSDecoder.ax [2012/09/18 16:39:59 | 000,067,584 | RHS- | C] (RadLight, LLC) -- E:\Windows\SysWow64\RLTheoraDec.ax [2012/09/18 16:39:58 | 000,161,792 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\RealMediaDX.ax [2012/09/18 16:39:57 | 000,179,200 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\DiracSplitter.ax [2012/09/18 16:39:57 | 000,123,904 | RHS- | C] (CoreCodec) -- E:\Windows\SysWow64\AVCDX.ax [2012/09/18 16:39:41 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\SUPER [2012/09/18 15:57:12 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\Apple Computer [2012/09/18 15:54:06 | 000,000,000 | ---D | C] -- E:\Windows\de [2012/09/18 15:43:31 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Windows Live [2012/09/18 15:19:08 | 000,000,000 | ---D | C] -- E:\Users\Public\Documents\MAGIX [2012/09/18 15:19:08 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2012/09/18 14:40:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/09/18 14:40:21 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\QuickTime [2012/09/18 14:40:21 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer [2012/09/18 14:39:54 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Apple [2012/09/18 14:39:50 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Apple [2012/09/18 14:39:49 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Apple Software Update [2012/09/18 14:39:49 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple [2012/09/18 14:34:39 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\avidemux [2012/09/18 14:34:15 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\DesktopIconForAmazon [2012/09/18 11:22:44 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/09/13 06:14:49 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/09/13 03:50:57 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\Logo Papa [2012/09/12 11:57:28 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\Q3_SD [2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\Video deluxe 2013 [2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\MAGIX Downloads [2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\MAGIX [2012/09/12 11:56:32 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\MAGIX [2012/09/12 11:55:13 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\MAGIX Shared [2012/09/12 11:53:46 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MAGIX [2012/09/12 11:53:38 | 000,000,000 | ---D | C] -- E:\ProgramData\MAGIX [2012/09/12 11:53:35 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\MAGIX Services [2012/09/12 03:51:39 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\plakat goin [2012/09/12 03:02:46 | 000,376,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys [2012/09/12 03:02:46 | 000,288,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS [2012/09/11 04:56:41 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Facebook [2012/09/07 07:47:24 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Firefox [2012/09/03 19:28:04 | 000,000,000 | ---D | C] -- E:\Windows\System32\oodag [2012/09/03 18:33:52 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\O&O [2012/09/03 18:33:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software [2012/09/03 18:33:41 | 000,000,000 | ---D | C] -- E:\Program Files\OO Defrag [2012/09/03 18:27:31 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\CCleaner Reg Files [2012/09/03 18:22:01 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/09/03 18:21:59 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner [2012/08/25 09:03:57 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\Battlefield 3 [2012/08/25 08:25:54 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012/08/25 08:21:29 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA [2012/08/25 08:21:00 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvsvc64.dll [2012/08/25 08:21:00 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvshext.dll [2012/08/25 08:20:59 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcpl.dll [2012/08/25 08:20:59 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvsvcr.dll [2012/08/25 08:20:59 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvmctray.dll [2012/08/25 08:20:36 | 000,068,928 | ---- | C] (Khronos Group) -- E:\Windows\System32\OpenCL.dll [2012/08/25 08:20:36 | 000,061,248 | ---- | C] (Khronos Group) -- E:\Windows\SysWow64\OpenCL.dll [2012/08/25 08:20:31 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA Corporation [2012/08/25 08:20:08 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvwgf2umx.dll [2012/08/25 08:20:08 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvwgf2um.dll [2012/08/25 08:20:08 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvhdagenco6420103.dll [2012/08/25 08:20:08 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvumdshimx.dll [2012/08/25 08:20:08 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvumdshim.dll [2012/08/25 08:20:08 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\drivers\nvhda64v.sys [2012/08/25 08:20:08 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvhdap64.dll [2012/08/25 08:20:07 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvoglv64.dll [2012/08/25 08:20:07 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcompiler.dll [2012/08/25 08:20:07 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvoglv32.dll [2012/08/25 08:20:07 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvd3dumx.dll [2012/08/25 08:20:07 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcompiler.dll [2012/08/25 08:20:07 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvd3dum.dll [2012/08/25 08:20:07 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuda.dll [2012/08/25 08:20:07 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuda.dll [2012/08/25 08:20:07 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuvenc.dll [2012/08/25 08:20:07 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvapi64.dll [2012/08/25 08:20:07 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuvid.dll [2012/08/25 08:20:07 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuvid.dll [2012/08/25 08:20:07 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuvenc.dll [2012/08/25 08:20:07 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvapi.dll [2012/08/25 08:20:07 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvdispco64.dll [2012/08/25 08:20:07 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvgenco64.dll [2012/08/25 08:20:07 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvdecodemft.dll [2012/08/25 08:20:07 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvdecodemft.dll [2012/08/25 08:20:07 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvinitx.dll [2012/08/25 08:20:07 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvinit.dll [2012/08/25 07:46:42 | 000,000,000 | ---D | C] -- E:\ProgramData\EA Logs [2012/08/23 19:31:46 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/23 19:31:46 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/06/02 09:22:34 | 000,034,816 | ---- | C] ( ) -- E:\Windows\SysWow64\a3d.dll [2009/06/03 18:32:54 | 000,012,800 | ---- | C] ( ) -- E:\Windows\SysWow64\killapps.exe ========== Files - Modified Within 30 Days ========== [2012/09/18 17:28:19 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat [2012/09/18 17:28:17 | 000,064,756 | ---- | M] () -- E:\Windows\System32\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012/09/18 17:28:17 | 000,062,280 | ---- | M] () -- E:\Windows\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012/09/18 17:28:17 | 000,062,280 | ---- | M] () -- E:\Windows\System32\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012/09/18 17:27:40 | 2146,295,807 | -HS- | M] () -- E:\hiberfil.sys [2012/09/18 17:17:42 | 000,014,752 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/18 17:17:42 | 000,014,752 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/18 17:15:50 | 007,744,816 | ---- | M] () -- E:\Windows\System32\perfh007.dat [2012/09/18 17:15:50 | 002,757,010 | ---- | M] () -- E:\Windows\System32\perfh009.dat [2012/09/18 17:15:50 | 002,345,532 | ---- | M] () -- E:\Windows\System32\perfc007.dat [2012/09/18 17:15:50 | 002,091,742 | ---- | M] () -- E:\Windows\System32\perfc009.dat [2012/09/18 17:06:30 | 000,076,346 | ---- | M] () -- E:\ProgramData\uleqxaouoxmpwim [2012/09/18 17:04:58 | 000,305,632 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI.sfk [2012/09/18 17:04:25 | 000,080,384 | ---- | M] () -- E:\ProgramData\osgjeecn.exe [2012/09/18 17:04:25 | 000,000,156 | ---- | M] () -- E:\Windows\Twunk001.MTX [2012/09/18 17:04:25 | 000,000,003 | ---- | M] () -- E:\Windows\Twain001.Mtx [2012/09/18 17:04:02 | 191,434,434 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI [2012/09/18 17:01:00 | 000,000,928 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job [2012/09/18 16:41:48 | 000,001,152 | ---- | M] () -- E:\Users\Ferdi\Desktop\Continue Video Converter Installation.lnk [2012/09/18 16:40:00 | 000,000,927 | ---- | M] () -- E:\Users\Public\Desktop\SUPER ©.lnk [2012/09/18 16:40:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2012/09/18 16:27:02 | 000,001,120 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job [2012/09/18 16:17:37 | 000,332,448 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.sfk [2012/09/18 15:56:48 | 005,971,800 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT [2012/09/18 15:53:54 | 000,001,265 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2012/09/18 15:53:39 | 000,001,334 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012/09/18 15:50:14 | 000,006,682 | ---- | M] () -- E:\Windows\SysWow64\PerfStringBackup.INI [2012/09/18 15:19:08 | 000,001,081 | ---- | M] () -- E:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk [2012/09/18 15:19:08 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2012/09/18 14:42:59 | 188,587,898 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV [2012/09/18 14:40:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/09/18 14:39:50 | 000,002,519 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/09/18 14:34:15 | 000,001,450 | ---- | M] () -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk [2012/09/18 14:33:19 | 002,469,422 | ---- | M] () -- E:\Users\Ferdi\Desktop\VR440.jpg [2012/09/18 11:27:00 | 000,001,068 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job [2012/09/18 11:22:45 | 000,002,361 | ---- | M] () -- E:\Users\Ferdi\Desktop\Google Chrome.lnk [2012/09/18 06:20:25 | 000,001,456 | ---- | M] () -- E:\Users\Ferdi\AppData\Local\Adobe Save for Web 12.0 Prefs [2012/09/18 05:01:00 | 000,000,906 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job [2012/09/12 11:55:16 | 000,120,200 | ---- | M] () -- E:\Windows\SysWow64\DLLDEV32i.dll [2012/09/10 17:19:23 | 000,467,300 | ---- | M] () -- E:\Users\Ferdi\Desktop\Ticket Ferdinand September 2012.pdf [2012/09/07 06:55:47 | 000,001,124 | ---- | M] () -- E:\Users\Ferdi\Desktop\faviconbaer.png [2012/09/04 09:48:20 | 000,283,304 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.xtr [2012/09/04 09:48:20 | 000,283,304 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.exe [2012/09/04 09:48:13 | 000,280,904 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.ex0 [2012/09/04 06:05:51 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/09/04 03:59:23 | 000,001,108 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/04 03:59:23 | 000,001,104 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/03 18:50:40 | 000,000,866 | ---- | M] () -- E:\Users\Public\Desktop\CCleaner.lnk [2012/09/03 18:33:42 | 000,002,689 | ---- | M] () -- E:\Users\Public\Desktop\O&O Defrag.lnk [2012/09/03 18:33:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software [2012/09/03 18:22:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/09/03 18:04:07 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey [2012/08/28 18:25:04 | 000,001,203 | ---- | M] () -- E:\Users\Ferdi\Desktop\Free YouTube to MP3 Converter.lnk [2012/08/28 18:25:04 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012/08/25 08:25:54 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012/08/24 09:58:36 | 000,405,152 | ---- | M] (Newtonsoft) -- E:\Windows\SysWow64\Newtonsoft.Json.Net20.dll [2012/08/23 19:31:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/23 19:31:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys [2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS ========== Files Created - No Company Name ========== [2012/09/18 17:06:30 | 000,080,384 | ---- | C] () -- E:\ProgramData\osgjeecn.exe [2012/09/18 17:04:52 | 000,305,632 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI.sfk [2012/09/18 17:04:25 | 000,076,346 | ---- | C] () -- E:\ProgramData\uleqxaouoxmpwim [2012/09/18 16:43:14 | 191,434,434 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI [2012/09/18 16:41:48 | 000,001,152 | ---- | C] () -- E:\Users\Ferdi\Desktop\Continue Video Converter Installation.lnk [2012/09/18 16:40:00 | 000,000,927 | ---- | C] () -- E:\Users\Public\Desktop\SUPER ©.lnk [2012/09/18 16:39:59 | 000,121,344 | RHS- | C] () -- E:\Windows\SysWow64\TAKDSDecoder.ax [2012/09/18 16:39:59 | 000,107,520 | RHS- | C] () -- E:\Windows\SysWow64\TAKDSDecoder.dll [2012/09/18 16:39:59 | 000,107,520 | RHS- | C] () -- E:\Windows\SysWow64\RLMPCDec.ax [2012/09/18 16:39:59 | 000,051,712 | RHS- | C] () -- E:\Windows\SysWow64\RLSpeexDec.ax [2012/09/18 16:39:58 | 000,195,584 | RHS- | C] () -- E:\Windows\SysWow64\MatroskaDX.ax [2012/09/18 16:39:58 | 000,120,832 | RHS- | C] () -- E:\Windows\SysWow64\MPCDx.ax [2012/09/18 16:39:58 | 000,070,656 | RHS- | C] () -- E:\Windows\SysWow64\RLAPEDec.ax [2012/09/18 16:39:57 | 000,227,328 | RHS- | C] () -- E:\Windows\SysWow64\ac3DX.ax [2012/09/18 16:39:57 | 000,175,104 | RHS- | C] () -- E:\Windows\SysWow64\CoreAAC.ax [2012/09/18 16:39:57 | 000,097,280 | RHS- | C] () -- E:\Windows\SysWow64\FLACDX.ax [2012/09/18 16:39:57 | 000,081,920 | RHS- | C] () -- E:\Windows\SysWow64\aac_parser.ax [2012/09/18 16:17:23 | 000,332,448 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.sfk [2012/09/18 15:53:54 | 000,001,265 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2012/09/18 15:53:39 | 000,001,334 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2012/09/18 15:19:08 | 000,001,081 | ---- | C] () -- E:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk [2012/09/18 14:39:50 | 000,002,519 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/09/18 14:34:15 | 000,001,450 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk [2012/09/18 14:33:21 | 002,469,422 | ---- | C] () -- E:\Users\Ferdi\Desktop\VR440.jpg [2012/09/18 14:21:34 | 188,587,898 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV [2012/09/18 11:22:45 | 000,002,361 | ---- | C] () -- E:\Users\Ferdi\Desktop\Google Chrome.lnk [2012/09/18 11:22:21 | 000,001,120 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job [2012/09/18 11:22:20 | 000,001,068 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job [2012/09/11 04:56:44 | 000,000,928 | ---- | C] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job [2012/09/11 04:56:43 | 000,000,906 | ---- | C] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job [2012/09/10 17:19:23 | 000,467,300 | ---- | C] () -- E:\Users\Ferdi\Desktop\Ticket Ferdinand September 2012.pdf [2012/09/07 06:55:46 | 000,001,124 | ---- | C] () -- E:\Users\Ferdi\Desktop\faviconbaer.png [2012/09/03 18:33:42 | 000,002,689 | ---- | C] () -- E:\Users\Public\Desktop\O&O Defrag.lnk [2012/09/03 18:22:01 | 000,000,866 | ---- | C] () -- E:\Users\Public\Desktop\CCleaner.lnk [2012/08/25 08:20:59 | 002,621,723 | ---- | C] () -- E:\Windows\System32\nvcoproc.bin [2012/08/25 08:20:07 | 000,014,324 | ---- | C] () -- E:\Windows\System32\nvinfo.pb [2012/05/14 20:21:50 | 000,423,744 | ---- | C] () -- E:\Windows\SysWow64\nvStreaming.exe [2012/04/08 15:00:53 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe GIF Format CS5 Prefs [2012/03/24 16:58:48 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe BMP Format CS5 Prefs [2012/03/03 10:46:50 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012/01/07 16:39:34 | 000,283,304 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe [2012/01/07 16:39:31 | 000,076,888 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe [2011/11/02 01:59:29 | 000,007,764 | ---- | C] () -- E:\Windows\cadx2.ini [2011/09/12 16:29:11 | 000,000,400 | ---- | C] () -- E:\Windows\ODBC.INI [2011/09/06 15:50:54 | 000,001,456 | ---- | C] () -- E:\Users\Ferdi\AppData\Local\Adobe Save for Web 12.0 Prefs [2011/09/06 12:04:59 | 000,925,184 | ---- | C] () -- E:\Windows\expstart.exe [2011/09/06 11:04:35 | 000,404,288 | ---- | C] () -- E:\Windows\UTP.exe [2011/09/06 03:22:14 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll [2011/08/24 14:19:10 | 000,056,320 | ---- | C] () -- E:\Windows\SysWow64\OpenVideo.dll [2011/08/19 09:16:13 | 000,006,682 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI [2011/08/19 09:00:29 | 000,032,256 | ---- | C] () -- E:\Windows\SysWow64\AVSredirect.dll [2011/07/10 13:19:22 | 000,000,040 | -HS- | C] () -- E:\ProgramData\.zreglib [2011/06/02 09:22:35 | 000,000,054 | ---- | C] () -- E:\Windows\SysWow64\ctzapxx.ini [2011/06/02 09:22:34 | 000,325,724 | ---- | C] () -- E:\Windows\SysWow64\ctdlang.dat [2011/06/02 09:22:34 | 000,313,207 | ---- | C] () -- E:\Windows\SysWow64\ctstatic.dat [2011/06/02 09:22:34 | 000,055,904 | ---- | C] () -- E:\Windows\SysWow64\ctdnlstr.dat [2011/06/02 09:22:34 | 000,053,932 | ---- | C] () -- E:\Windows\SysWow64\ctdaught.dat [2011/06/01 12:55:59 | 000,148,480 | ---- | C] () -- E:\Windows\SysWow64\APOMngr.DLL [2011/06/01 12:55:59 | 000,073,728 | ---- | C] () -- E:\Windows\SysWow64\CmdRtr.DLL [2011/06/01 12:55:14 | 000,003,072 | ---- | C] () -- E:\Windows\SysWow64\CTXFIGER.DLL [2011/06/01 12:15:14 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin [2011/05/04 19:28:10 | 000,059,904 | ---- | C] () -- E:\Windows\SysWow64\OVDecode.dll [2011/04/09 12:55:28 | 000,179,261 | ---- | C] () -- E:\Windows\SysWow64\xlive.dll.cat [2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- E:\Windows\SysWow64\atipblag.dat [2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat [2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT [2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat [2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat [2009/06/03 19:37:08 | 000,097,713 | R--- | C] () -- E:\Windows\SysWow64\instwdm.ini [2009/06/03 18:55:20 | 000,002,560 | ---- | C] () -- E:\Windows\SysWow64\CtxfiRes.dll [2009/06/03 18:33:04 | 000,007,680 | ---- | C] () -- E:\Windows\SysWow64\enlocstr.exe [2009/05/27 03:49:00 | 000,000,285 | ---- | C] () -- E:\Windows\SysWow64\kill.ini [2007/04/27 04:43:58 | 000,120,200 | ---- | C] () -- E:\Windows\SysWow64\DLLDEV32i.dll [2007/03/05 03:10:20 | 000,043,520 | ---- | C] () -- E:\Windows\SysWow64\CTBURST.DLL [2007/03/05 03:09:04 | 000,037,888 | ---- | C] () -- E:\Windows\SysWow64\PSCONV.EXE [2005/10/04 11:28:12 | 000,071,680 | ---- | C] () -- E:\Windows\SysWow64\CTMMACTL.DLL ========== LOP Check ========== [2012/01/07 14:16:26 | 000,000,000 | ---D | M] -- E:\ProgramData\AMD [2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data [2011/11/29 10:12:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Canneverbe Limited [2011/06/02 08:13:26 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite [2011/08/09 05:24:52 | 000,000,000 | ---D | M] -- E:\ProgramData\DataCardService [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents [2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente [2012/01/07 16:40:48 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core [2012/08/25 08:26:43 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Logs [2012/01/07 16:40:51 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts [2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites [2012/09/12 11:56:34 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX [2011/12/25 11:37:15 | 000,000,000 | ---D | M] -- E:\ProgramData\MediaMonkey [2011/08/07 11:42:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Mobile Partner [2012/08/14 11:40:49 | 000,000,000 | ---D | M] -- E:\ProgramData\Origin [2011/09/21 10:46:16 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1986-12.com.adobe [2011/07/10 13:19:23 | 000,000,000 | ---D | M] -- E:\ProgramData\SlySoft [2011/08/19 09:15:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Sony [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu [2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates [2012/04/09 17:07:44 | 000,000,000 | ---D | M] -- E:\ProgramData\TrackMania [2011/09/06 00:50:18 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software [2012/01/03 09:50:32 | 000,000,000 | ---D | M] -- E:\ProgramData\Ubisoft [2011/08/07 11:24:19 | 000,000,000 | ---D | M] -- E:\ProgramData\Vodafone [2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen [2012/09/18 17:06:43 | 000,000,000 | ---D | M] -- E:\ProgramData\xpwlsjghoevadnu [2011/09/06 00:48:31 | 000,000,000 | -HSD | M] -- E:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2012/09/18 05:01:00 | 000,000,906 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job [2012/09/18 17:01:00 | 000,000,928 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job [2012/08/31 06:33:53 | 000,032,640 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> E:\Windows:F589A80C4ECE0568 < End of report > Code:
ATTFilter OTL Extras logfile created on: 9/19/2012 1:05:59 AM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE 64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86) Drive C: | 387.63 Gb Total Space | 204.63 Gb Free Space | 52.79% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 169.60 Gb Free Space | 18.21% Space Free | Partition Type: NTFS Drive E: | 78.12 Gb Total Space | 2.11 Gb Free Space | 2.70% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- E:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- E:\Windows\System32\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- E:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- E:\Program Files (x86)\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- "C:\Program Files (x86)\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) jsfile [edit] -- "C:\Program Files (x86)\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4A35302C-A6D3-DDE5-38BA-55E7BABA9670}" = AMD Catalyst Install Manager "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64) "{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI) "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64 "{FD686BCC-33E0-4990-BB88-3DAA8C29511E}" = O&O Defrag Free Edition "CCleaner" = CCleaner "DesktopIconAmazon" = Desktop Icon für Amazon "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Security Client" = Microsoft Security Essentials "Pen Tablet Driver" = Bamboo "Unlocker" = Unlocker 1.9.1-x64 "WinRAR archiver" = WinRAR 4.01 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4A35302C-A6D3-DDE5-38BA-55E7BABA9670}" = AMD Catalyst Install Manager "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64) "{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI) "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64 "{FD686BCC-33E0-4990-BB88-3DAA8C29511E}" = O&O Defrag Free Edition "CCleaner" = CCleaner "DesktopIconAmazon" = Desktop Icon für Amazon "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Security Client" = Microsoft Security Essentials "Pen Tablet Driver" = Bamboo "Unlocker" = Unlocker 1.9.1-x64 "WinRAR archiver" = WinRAR 4.01 (64-bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\Ferdi_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Spotify" = Spotify < End of report > ahead |
19.09.2012, 20:09 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | "Webseite kann nicht angezeigt werden"Zitat:
__________________ |
19.09.2012, 21:45 | #3 | |
| "Webseite kann nicht angezeigt werden"Zitat:
Wie auch immer: Ich habe meine wichtigen Daten sichern können über REATOGO-X-PE und werde nun eine Neu-Formatierung durchführen. Ich denke, dass der Rest des Systems sauber sein dürfte, da ich eigentlich sehr gründlich immer schaue, dass alle Updates installiert sind und ich nicht jeden Dreck installiere oder anklicke. Ich habe einige Webseiten selber gemacht, diese sind teilweise im HTML-Format. Dürfte doch kein Problem sein? Denn es heißt, das sind auch ausführbare Dateitypen, die gefährlich sein könnten. Damit meinte ich, dass sich der Schädling dort eingenistet hat in meinen eigenen Dateien. |
20.09.2012, 13:56 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | "Webseite kann nicht angezeigt werden" HTML ist eine Auszeichnungsprache, keine Programmiersprache. HTML selbst ein rein textorientiert und NICHT ausführbar wie man es zB von EXE-Dateien kennt. Wenn müsste der Schädling schon deine Platte nach (statischen) HTML-Dateien durchforsten und dort irgendwas injizerien an Fremdcode. Sowas kenn ich aber nur von gehackten oder verwundbaren Webservern dass da sowas passiert.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu "Webseite kann nicht angezeigt werden" |
aufrufe, bho, booten, continue, converter, defender, download, error, explorer, firefox, format, google, helper, install.exe, internet, internet explorer, launch, limited.com/facebook, logfile, microsoft, mp3, msvcrt, neu, nvidia, nvidia update, plug-ins, realtek, registry, rundll, scan, schädling, security, software, spotify web helper, super, werden" |