| |
| |||||||
Log-Analyse und Auswertung: Tr/atraps.gen / tr/atraps.gen2Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.09.2013, 14:45
| #1 |
| |  Tr/atraps.gen / tr/atraps.gen2Hallo Ich habe mir so wie es aussieht die beiden oben beschriebenen Trojaner eingefangen  Avira erkennt die Viren auch und ich habe sie auch schon in die Quarantäne verschoben, jedoch kommt die Meldung das Viren gefunden wurden von Zeit zu Zeit und das andauernd. So wie es aussieht hat sich der Trojaner schon verbreitet. Mir ist außerdem aufgefallen das meine CPU Leistung permanent auf ca. 40-50 % liegt, was denke ich definitiv an dem Trojaner liegt. Meine Frage ist jetzt was man noch machen könnte. Habe mich schon etwas im Vorfeld informiert und die mehrheitliche Meinung tendiert zum neu Aufsetzen des Rechners, was auf jeden Fall schlecht wäre, da ich sehr viele Daten auf dem Laptop habe. Die letzte Frage wäre dann noch ob die Daten wie Musik, Videos ect. alle befallen sind. Wenn das nicht der Fall wäre würde ich alle Daten auf eine externe Festplatte ziehen und den Rechner neu Aufsetzen. Aber das beste währe wenn ich ex Fixen könnte. Im Anhang habe ich noch die OTL Auswertungs-LOG-Files. Vielen Dank schonmal im Vorraus und ich würde mich freuen wenn mir jemand helfen könnte  OTL Logfile: Code:
ATTFilter OTL logfile created on: 9/20/2013 3:19:07 PM - Run 2 OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16686) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.61 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 55.67% Memory free 7.21 Gb Paging File | 5.14 Gb Available in Paging File | 71.28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 272.20 Gb Total Space | 100.10 Gb Free Space | 36.77% Space Free | Partition Type: NTFS Drive D: | 181.46 Gb Total Space | 181.37 Gb Free Space | 99.95% Space Free | Partition Type: NTFS Drive F: | 6.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive W: | 12.00 Gb Total Space | 0.73 Gb Free Space | 6.09% Space Free | Partition Type: NTFS Computer Name: *****-MSI | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe () PRC - C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe () PRC - C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGXMLUtil.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGSMSPCClient.Dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgWiFi.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgUtil.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgPorts.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgCore.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDetection.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgBluetooth.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDatabase.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDialup.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WtgDriverInstall.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\WTGDebugs.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\LIBEAY32.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\LiveBoxCM.dll () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe () MOD - C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () ========== Services (SafeList) ========== SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (mitsijm2011) -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (ALDITALKVerbindungsassistent_Service) -- C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (Micro Star SCM) -- C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (MSI Foundation Service) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe (MSI) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MGHwCtrl) -- C:\Program Files\msi\msi Software Install\MGHwCtrl.sys File not found DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192Ce.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.) DRV:64bit: - (Tpkd) -- C:\windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (hwdatacard) -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7751D7DE-24F0-4EEB-87C6-46C80AD75E1E} IE:64bit: - HKLM\..\SearchScopes\{7751D7DE-24F0-4EEB-87C6-46C80AD75E1E}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {AA8ADAFD-2142-4630-9D72-2F5F8B16380C} IE - HKLM\..\SearchScopes\{AA8ADAFD-2142-4630-9D72-2F5F8B16380C}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&tt=220413_d9114&babsrc=SP_ss&mntrId=F2B5E0B9A50C5B00 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039 FF - prefs.js..extensions.enabledAddons: software%40loadtubes.com:1.01 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.8 FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012/12/27 20:03:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/19 19:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2013/04/26 16:43:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rybzya8b.default\extensions [2013/04/22 21:35:35 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rybzya8b.default\extensions\anttoolbar@ant.com [2012/08/02 00:00:58 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\rybzya8b.default\extensions\software@loadtubes.com [2011/09/14 13:58:10 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\rybzya8b.default\extensions\DivXWebPlayer@divx.com.xpi [2012/09/14 17:03:20 | 000,527,915 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\rybzya8b.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012/09/14 17:02:08 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\rybzya8b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011/12/01 15:41:44 | 000,688,596 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\rybzya8b.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013/04/22 21:25:01 | 000,001,294 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\rybzya8b.default\searchplugins\delta.xml [2013/08/17 22:18:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013/08/17 22:18:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/04/22 21:24:23 | 000,006,512 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: Startfenster.de - Mein Startfenster im Internet O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found. O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [S-Bar] C:\Program Files (x86)\S-Bar\S-Bar.exe (MSI) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19415AEF-B00C-4334-B629-5235CF7B0FAF}: NameServer = 212.23.115.132 212.23.115.148 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94DC531D-1470-428A-A5AD-0BD15B689E2F}: DhcpNameServer = 192.168.0.1 192.168.0.2 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/05/14 22:00:18 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008/06/02 18:16:48 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{069b4788-c98a-11e0-9522-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{069b4788-c98a-11e0-9522-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{069b478c-c98a-11e0-9522-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{069b478c-c98a-11e0-9522-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{069b479f-c98a-11e0-9522-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{069b479f-c98a-11e0-9522-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{10fca9db-f62c-11e2-911d-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{10fca9db-f62c-11e2-911d-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{32e9ade5-c155-11e2-a149-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{32e9ade5-c155-11e2-a149-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{32e9ae07-c155-11e2-a149-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{32e9ae07-c155-11e2-a149-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{3467f9ca-ddf8-11e0-ba2e-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{3467f9ca-ddf8-11e0-ba2e-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{3467f9cd-ddf8-11e0-ba2e-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{3467f9cd-ddf8-11e0-ba2e-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{49c292c4-c996-11e0-babe-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{49c292c4-c996-11e0-babe-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{49c292cd-c996-11e0-babe-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{49c292cd-c996-11e0-babe-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{55a69748-00ce-11e2-8f18-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{55a69748-00ce-11e2-8f18-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{55a6974d-00ce-11e2-8f18-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{55a6974d-00ce-11e2-8f18-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{7220ea68-f302-11e2-9684-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{7220ea68-f302-11e2-9684-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{86b6c8fb-dd76-11e0-9ac3-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{86b6c8fb-dd76-11e0-9ac3-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{90e88d75-ca79-11e0-843b-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{90e88d75-ca79-11e0-843b-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{98980ec3-9a07-11e1-88d9-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{98980ec3-9a07-11e1-88d9-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{98980ec6-9a07-11e1-88d9-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{98980ec6-9a07-11e1-88d9-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{98980f3e-9a07-11e1-88d9-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{98980f3e-9a07-11e1-88d9-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{98980f43-9a07-11e1-88d9-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{98980f43-9a07-11e1-88d9-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a8b15e85-9a9e-11e1-8e0b-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{a8b15e85-9a9e-11e1-8e0b-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a8b15e8f-9a9e-11e1-8e0b-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{a8b15e8f-9a9e-11e1-8e0b-6c626d300742}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{a8b15e95-9a9e-11e1-8e0b-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{a8b15e95-9a9e-11e1-8e0b-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a8b15e98-9a9e-11e1-8e0b-6c626d300742}\Shell - "" = AutoRun O33 - MountPoints2\{a8b15e98-9a9e-11e1-8e0b-6c626d300742}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{aa8c1601-bd42-11e1-b2c7-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{aa8c1601-bd42-11e1-b2c7-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{aa8c1625-bd42-11e1-b2c7-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{aa8c1625-bd42-11e1-b2c7-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{aa8c162a-bd42-11e1-b2c7-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{aa8c162a-bd42-11e1-b2c7-e0b9a50c5b00}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{aa8c1672-bd42-11e1-b2c7-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{aa8c1672-bd42-11e1-b2c7-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{aa8c1675-bd42-11e1-b2c7-e0b9a50c5b00}\Shell - "" = AutoRun O33 - MountPoints2\{aa8c1675-bd42-11e1-b2c7-e0b9a50c5b00}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{cc2386b7-0adb-11e2-99b8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{cc2386b7-0adb-11e2-99b8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008/04/24 01:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/09/19 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/09/19 20:33:40 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys [2013/09/19 20:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/09/19 20:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/09/19 20:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/09/19 20:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013/09/19 20:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013/09/19 20:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013/09/19 20:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013/09/19 20:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013/09/19 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013/09/19 20:24:55 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Filme [2013/09/15 00:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI TALK Verbindungsassistent [2013/09/15 00:00:38 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\ALDITALKVerbindungsassistent [2013/09/15 00:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALDITALKVerbindungsassistent [2013/09/14 22:47:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013/09/14 22:47:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013/09/14 22:47:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013/09/14 22:47:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013/09/14 22:47:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2013/09/14 22:47:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2013/09/14 22:47:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013/09/14 22:47:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013/09/14 22:47:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013/09/14 22:47:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013/09/14 22:47:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013/09/14 22:46:57 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013/09/14 22:46:56 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013/09/14 22:46:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013/09/14 22:46:55 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013/09/14 22:22:20 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys [2013/09/14 22:22:12 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013/09/14 22:22:12 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013/09/14 22:22:12 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013/09/14 22:22:11 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2013/09/14 22:22:11 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2013/09/14 22:22:11 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2013/09/14 22:22:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll [2013/09/14 22:22:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll [2013/09/14 22:22:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2013/09/14 22:22:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2013/09/14 22:22:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe [2013/09/14 22:22:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll [2013/09/14 22:22:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll [2013/09/14 22:22:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013/09/14 22:22:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll [2013/09/14 22:22:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/09/14 22:22:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/09/14 22:22:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/09/14 22:22:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013/09/14 22:22:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/09/14 22:22:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/09/14 22:22:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/09/14 22:22:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013/09/14 22:22:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013/09/14 22:22:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll [2013/09/14 22:22:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll [2013/09/14 22:22:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/09/14 22:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/09/14 22:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/09/14 22:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/09/14 22:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/09/14 22:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/09/14 22:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/09/14 22:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/09/14 22:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/09/14 22:22:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2013/09/14 22:19:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll ========== Files - Modified Within 30 Days ========== [2013/09/20 15:29:04 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/09/20 15:24:03 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/09/20 15:14:49 | 000,000,247 | ---- | M] () -- C:\Users\*****\Desktop\Apple ID PW.rtf [2013/09/20 15:13:15 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/09/20 15:13:15 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/09/20 15:07:23 | 001,500,254 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013/09/20 15:07:23 | 000,654,844 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013/09/20 15:07:23 | 000,616,686 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013/09/20 15:07:23 | 000,130,426 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013/09/20 15:07:23 | 000,106,808 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013/09/20 15:02:35 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/09/20 15:02:22 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/09/20 15:01:06 | 2903,310,336 | -HS- | M] () -- C:\hiberfil.sys [2013/09/19 20:34:22 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/09/19 20:24:48 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013/09/19 20:24:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013/09/15 00:00:44 | 000,002,243 | ---- | M] () -- C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk [2013/09/15 00:00:43 | 000,002,286 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013/09/14 22:52:37 | 000,376,560 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013/09/14 22:14:27 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys [2013/09/14 22:14:27 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys [2013/09/14 22:14:27 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys [2013/09/14 17:56:42 | 000,000,039 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mbam.context.scan [2013/09/14 11:21:43 | 000,046,658 | ---- | M] () -- C:\Users\*****\Desktop\Downhill.jpg ========== Files Created - No Company Name ========== [2013/09/19 20:50:27 | 000,000,247 | ---- | C] () -- C:\Users\*****\Desktop\Apple ID PW.rtf [2013/09/19 20:34:22 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/09/19 20:31:57 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013/09/15 00:00:44 | 000,002,243 | ---- | C] () -- C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk [2013/09/15 00:00:43 | 000,002,286 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013/09/14 17:56:42 | 000,000,039 | ---- | C] () -- C:\Users\*****\AppData\Roaming\mbam.context.scan [2013/09/14 11:21:37 | 000,046,658 | ---- | C] () -- C:\Users\*****\Desktop\Downhill.jpg [2012/05/21 18:09:29 | 000,338,432 | ---- | C] () -- C:\windows\SysWow64\sqlite36_engine.dll [2011/11/10 04:36:06 | 000,204,960 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat [2011/11/10 04:36:06 | 000,157,152 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat [2011/11/09 23:39:44 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OpenVideo.dll [2011/11/09 23:39:32 | 000,054,784 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll [2011/08/30 01:38:07 | 000,007,599 | ---- | C] () -- C:\Users\*****\AppData\Local\resmon.resmoncfg [2011/08/20 17:58:42 | 000,001,054 | ---- | C] () -- C:\Users\*****\Bilder - Verknüpfung.lnk [2011/01/25 19:21:35 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== LOP Check ========== [2012/03/04 22:37:37 | 000,000,000 | -HSD | M] -- C:\Users\*****\AppData\Roaming\.# [2011/08/18 14:53:45 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ableton [2013/09/20 15:09:03 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ALDITALKVerbindungsassistent [2013/06/02 22:21:47 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Autodesk [2011/08/18 14:54:30 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Cache [2011/12/05 01:30:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canneverbe Limited [2012/08/01 18:44:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\convert [2011/08/30 15:32:24 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Cycling '74 [2012/08/01 19:10:51 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DesktopIconForAmazon [2011/10/22 13:46:41 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Dev-Cpp [2012/12/27 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoft [2012/07/09 14:41:23 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers [2013/07/23 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2011/08/18 14:54:39 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Live 8.2.2 [2011/08/18 15:29:50 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Live Recordings [2011/08/18 14:53:45 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Live Reports [2011/09/03 13:18:34 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\mp3DirectCut [2011/08/18 23:57:29 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Nuance [2013/09/14 21:58:34 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenCandy [2011/09/04 23:59:56 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PACE Anti-Piracy [2012/08/01 19:14:18 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Propellerhead Software [2011/11/21 23:46:44 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Rovio [2013/09/20 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\SoftGrid Client [2013/07/31 19:13:46 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Sony [2012/05/09 20:58:22 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Temp [2011/12/18 19:31:32 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird [2011/08/28 18:34:32 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TP [2012/12/27 20:07:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TuneUp Software [2013/07/15 23:45:35 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\XMedia Recode [2011/08/18 13:16:58 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Zeon [2013/07/21 23:29:30 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 9/20/2013 3:19:08 PM - Run 2
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.61 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 55.67% Memory free
7.21 Gb Paging File | 5.14 Gb Available in Paging File | 71.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 272.20 Gb Total Space | 100.10 Gb Free Space | 36.77% Space Free | Partition Type: NTFS
Drive D: | 181.46 Gb Total Space | 181.37 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive F: | 6.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive W: | 12.00 Gb Total Space | 0.73 Gb Free Space | 6.09% Space Free | Partition Type: NTFS
Computer Name: -MSI | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{39F9735B-4597-434D-AB98-50F59E25124E}" = rport=137 | protocol=17 | dir=out | app=system |
"{3C4816D9-F122-4C24-903A-B2FF592763A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3D98C03A-6537-4D73-A790-B30C79E60667}" = rport=138 | protocol=17 | dir=out | app=system |
"{4E6B49F1-B4FD-4230-B187-AEEBCE95875D}" = rport=139 | protocol=6 | dir=out | app=system |
"{5A1E28FA-57E9-4EDB-8CB3-0944E5E37CCE}" = lport=138 | protocol=17 | dir=in | app=system |
"{8773F11A-F272-42E9-9070-68330BE43002}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FCA9ED5-BA4A-4432-B08B-BDE556537B87}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BBEB640A-0164-483E-BB10-473E72C7D8F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{CD0CF66A-1BD6-41DE-80B9-EE8E8286FC6C}" = lport=139 | protocol=6 | dir=in | app=system |
"{D08B23BC-A8B1-4003-83B7-373A7ACE14D4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E129914E-4C52-45BA-8840-891C93477EB0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E695593B-191F-4C9E-A97D-2242AE019F21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC85852D-A88A-423E-9857-2A054AF423F2}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF2A7587-CBF3-4CE0-96C2-F2EB7039416C}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04911829-F477-44C2-AE5B-518D24B39E95}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{078F0F01-BACA-4DBF-972E-8878718C4DC3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{08B96F8D-332E-4730-A10A-D91A479AA99E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{0E115AC5-25EF-4A4F-BC09-F9C8692056D2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{429FB29A-702D-49F9-933A-057FC342A2F4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{542456B6-170A-43EC-BE4B-A81018399F71}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{55919AB1-50D0-4949-B110-B57086560BF6}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{55DC1409-B0B9-44FD-AB55-50FC71BCEEBF}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6251692B-9741-4CDB-9D14-1414B8E3F889}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{651EFD3A-5877-45A1-BDC6-63321384D83F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6EA1728A-1F98-46E6-91EA-38279D141149}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{81355AEE-0E22-4711-90FE-63668A25FCD8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{86C1A8D3-AA24-46B8-9655-250894B41CC0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8B0C2B29-23F0-403F-8CA8-5354DEB0E63F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9B3134FD-C930-4492-B823-77BCB2E8B9B5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A0384418-D867-4AC9-AE6A-F0213E456D38}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BF9D0D69-D4BE-455C-BD92-F816B59E7A89}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D3FB96B8-AA5B-41E0-90F7-0A76BAA04256}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E0D07435-5876-44B3-870D-21DF5E257CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{E585B128-3A24-4D86-8283-26B003E8EC33}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{FFA0EFF7-72FF-4752-BF52-3F1B56B00755}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"TCP Query User{2AF2FCBC-B1F5-4087-B705-A2444E25ABBE}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{5D55D3C4-0E57-4650-9775-C0FC20D0543D}C:\program files\live 8.2.2\program\live 8.2.2.exe" = protocol=6 | dir=in | app=c:\program files\live 8.2.2\program\live 8.2.2.exe |
"TCP Query User{88C5F94A-857B-470C-ACAF-57F7F833B7EA}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"TCP Query User{AF6D3191-FC70-4F2C-B050-04BD1526AE51}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{B8C5FBF7-8EB4-481C-BAB9-191C32581FB2}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{DC1E441C-0C67-4D78-A1F8-545EFDBFCE9F}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{0D0208A2-721F-4680-A83C-E361B1E46623}C:\program files\live 8.2.2\program\live 8.2.2.exe" = protocol=17 | dir=in | app=c:\program files\live 8.2.2\program\live 8.2.2.exe |
"UDP Query User{3933120E-B8B0-4FE0-AE42-FD3DFF523E0F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A302D586-460F-47FE-80CF-DCAD6B395BFF}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{A757B342-9CE0-4471-823A-16CE6EBCF69C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{E4FE28C4-78EE-42E9-A5BE-CE0679280F5C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{F73E516B-F0A8-4004-873D-2F2C91C5D9D0}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series" = Canon iP2700 series Printer Driver
"{2998191E-A35E-47E2-BE38-7702C731D722}" = SRS Premium Sound Control Panel
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-9005-0407-1102-0060B0CE6BBA}" = AutoCAD Mechanical 2011 Language Pack - Deutsch
"{5783F2D7-9005-0409-0102-0060B0CE6BBA}" = AutoCAD Mechanical 2011
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7244B345-B413-408B-9D04-F55BE1CC93FA}" = Autodesk Inventor Content Center Libraries 2011 (Desktop Content)
"{7F4DD591-1564-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2011
"{7F4DD591-1564-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2011 Language Pack - Deutsch
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) German Language Pack
"{B38BCB00-1C17-48F5-BB94-584BB89D34D0}" = Logitech Z-series Software 1.04
"{D1C90AD9-F272-4444-A156-A66198150B55}" = Max 5.1.8
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"AutoCAD Mechanical 2011" = AutoCAD Mechanical 2011
"Autodesk Inventor Professional 2011" = Autodesk Inventor Professional 2011 Deutsch
"DWG TrueView 2011" = DWG TrueView 2011
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"VLC media player" = VLC media player 2.0.4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1333D0D0-801E-4DD3-B379-FB68B9410999}" = S-Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5E152D08-572A-3375-8FDE-DAD1EFB379BA}" = Microsoft Report Viewer Redistributable 2008
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7604A79D-245D-45BB-AFBB-975DE69FFF80}" = Digidesign M-Audio Keyboard Personality 8.0
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}" = msi Software Install
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C13926BE-159B-4494-BEEC-AB6E207F70AD}" = Cinema ProII Setup
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.6.9
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3448416-D3D7-4DBA-B982-4AEB064D9473}" = NWZ-E470 E570 WALKMAN Guide
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = AMD VISION Engine Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALDITALKVerbindungsassistent" = ALDI TALK Verbindungsassistent
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon iP2700 series Benutzerregistrierung" = Canon iP2700 series Benutzerregistrierung
"Counter-Strike 1.6" = Counter-Strike 1.6
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"i-Charger_is1" = i-Charger
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"Live 8.2.2" = Live 8.2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft Report Viewer Redistributable 2008" = Microsoft Report Viewer Redistributable 2008
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PokerStars.net" = PokerStars.net
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9/19/2013 9:28:43 AM | Computer Name = *****-MSI | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbamgui.exe, Version: 1.65.0.0, Zeitstempel:
0x50678513 Name des fehlerhaften Moduls: mbamgui.exe, Version: 1.65.0.0, Zeitstempel:
0x50678513 Ausnahmecode: 0x40000015 Fehleroffset: 0x00038b98 ID des fehlerhaften Prozesses:
0xb64 Startzeit der fehlerhaften Anwendung: 0x01ceb53c18ebeda5 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
Berichtskennung:
67038ad0-212f-11e3-9e2a-e0b9a50c5b00
Error - 9/19/2013 9:37:14 AM | Computer Name = *****-MSI | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 9/19/2013 1:48:34 PM | Computer Name = *****-MSI | Source = Application Virtualization Client | ID = 5009
Description = {tid=840} Application Virtualization Client konnte keine Verbindung
mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6129.5001.sft'
herstellen (Rückgabecode 24600E0A-10000001, ursprünglicher Rückgabecode 24600E0A-10000001).
Error - 9/19/2013 1:48:34 PM | Computer Name = *****-MSI | Source = CVHSVC | ID = 100
Description = Nur zur Information. Fehler bei der Registrierung des Click-2-Run-Pakets.
Error - 9/19/2013 2:22:04 PM | Computer Name = *****-MSI | Source = Application Virtualization Client | ID = 5009
Description = {tid=964} Application Virtualization Client konnte keine Verbindung
mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6129.5001.sft'
herstellen (Rückgabecode 24600E0A-10000001, ursprünglicher Rückgabecode 24600E0A-10000001).
Error - 9/19/2013 2:22:04 PM | Computer Name = *****-MSI | Source = CVHSVC | ID = 100
Description = Nur zur Information. Fehler bei der Registrierung des Click-2-Run-Pakets.
Error - 9/20/2013 9:03:21 AM | Computer Name = *****-MSI | Source = Application Virtualization Client | ID = 5009
Description = {tid=9E4} Application Virtualization Client konnte keine Verbindung
mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6129.5001.sft'
herstellen (Rückgabecode 24600E0A-10000001, ursprünglicher Rückgabecode 24600E0A-10000001).
Error - 9/20/2013 9:03:22 AM | Computer Name = *****-MSI | Source = CVHSVC | ID = 100
Description = Nur zur Information. Fehler bei der Registrierung des Click-2-Run-Pakets.
Error - 9/20/2013 9:13:57 AM | Computer Name = *****-MSI | Source = Application Virtualization Client | ID = 3159
Description = {hap=12:app=Microsoft Word Starter 2010 9014006604070000:tid=78C} Die
Anwendung kann nicht heruntergefahren werden (der Startthread ist noch aktiv).
Error - 9/20/2013 9:14:13 AM | Computer Name = *****-MSI | Source = Application Virtualization Client | ID = 6001
Description = {tid=EBC:usr=*****} Fehler bei 'CreateProcess' (Rückgabecode 0C701533-000006BE).
[ Media Center Events ]
Error - 1/21/2012 12:05:02 PM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 17:05:01 - Fehler beim Herstellen der Internetverbindung. 17:05:01
- Serververbindung konnte nicht hergestellt werden..
Error - 1/21/2012 3:24:26 PM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 20:24:24 - Fehler beim Herstellen der Internetverbindung. 20:24:24
- Serververbindung konnte nicht hergestellt werden..
Error - 1/21/2012 4:24:30 PM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 21:24:30 - Fehler beim Herstellen der Internetverbindung. 21:24:30
- Serververbindung konnte nicht hergestellt werden..
Error - 1/28/2012 12:27:18 PM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 17:27:15 - Fehler beim Herstellen der Internetverbindung. 17:27:16
- Serververbindung konnte nicht hergestellt werden..
Error - 7/16/2012 7:20:54 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 13:20:53 - Fehler beim Herstellen der Internetverbindung. 13:20:53
- Serververbindung konnte nicht hergestellt werden..
Error - 7/31/2012 8:05:13 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 14:05:12 - Fehler beim Herstellen der Internetverbindung. 14:05:12
- Serververbindung konnte nicht hergestellt werden..
Error - 9/9/2012 4:12:06 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 10:12:06 - Fehler beim Herstellen der Internetverbindung. 10:12:06
- Serververbindung konnte nicht hergestellt werden..
Error - 9/9/2012 10:49:03 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 16:49:03 - Fehler beim Herstellen der Internetverbindung. 16:49:03
- Serververbindung konnte nicht hergestellt werden..
Error - 9/14/2012 4:32:46 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 10:32:45 - Fehler beim Herstellen der Internetverbindung. 10:32:45
- Serververbindung konnte nicht hergestellt werden..
Error - 9/15/2012 6:37:33 AM | Computer Name = *****-MSI | Source = MCUpdate | ID = 0
Description = 12:37:32 - Fehler beim Herstellen der Internetverbindung. 12:37:32
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 9/14/2013 4:12:43 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%303.
Error - 9/14/2013 4:13:16 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%303.
Error - 9/15/2013 5:05:04 AM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Adobe Acrobat Update Service erreicht.
Error - 9/15/2013 4:30:11 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 9/15/2013 4:30:12 PM | Computer Name = *****-MSI | Source = DCOM | ID = 10005
Description =
Error - 9/15/2013 4:30:12 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 9/18/2013 1:12:29 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 9/18/2013 1:12:29 PM | Computer Name = *****-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 9/18/2013 1:12:30 PM | Computer Name = *****-MSI | Source = DCOM | ID = 10005
Description =
Error - 9/19/2013 3:03:40 PM | Computer Name = *****-MSI | Source = BROWSER | ID = 8032
Description =
< End of report >
|
| Themen zu Tr/atraps.gen / tr/atraps.gen2 |
| acrobat update, anhang, apple id, aufsetzen, befallen, beste, black, canon, cpu, daten, eingefangen, erkennt, externe festplatte, festplatte, frage, gen, install.exe, laptop, meldung, microsoft office starter 2010, msn deutschland, musik, neu, platte, quarantäne, rechners, schonmal, tr/atraps.gen, trojaner, verschoben, viren, word starter, ziehen |
Baum-Darstellung