CPU Auslastung immer über 50%

jomos · 27.11.2009, 22:40

OTL.txt Teil 5

Code:

ATTFilter

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.13 21:39:50 | 00,000,070 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
 
NetSvcs:64bit: AeLookupSvc - C:\Windows\SysNative\aelupsvc.dll (Microsoft Corporation)
NetSvcs:64bit: CertPropSvc - C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
NetSvcs:64bit: SCPolicySvc - C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
NetSvcs:64bit: lanmanserver - C:\Windows\SysNative\srvsvc.dll (Microsoft Corporation)
NetSvcs:64bit: gpsvc - C:\Windows\SysNative\gpsvc.dll (Microsoft Corporation)
NetSvcs:64bit: IKEEXT - C:\Windows\SysNative\IKEEXT.DLL (Microsoft Corporation)
NetSvcs:64bit: AudioSrv - C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Rasauto - C:\Windows\SysNative\rasauto.dll (Microsoft Corporation)
NetSvcs:64bit: Rasman - C:\Windows\SysNative\rasmans.dll (Microsoft Corporation)
NetSvcs:64bit: Remoteaccess - C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
NetSvcs:64bit: SENS - C:\Windows\SysNative\Sens.dll (Microsoft Corporation)
NetSvcs:64bit: Sharedaccess - C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation)
NetSvcs:64bit: Tapisrv - C:\Windows\SysNative\tapisrv.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: TermService - C:\Windows\SysNative\termsrv.dll (Microsoft Corporation)
NetSvcs:64bit: wuauserv - C:\Windows\SysNative\wuaueng.dll (Microsoft Corporation)
NetSvcs:64bit: BITS - C:\Windows\SysNative\qmgr.dll (Microsoft Corporation)
NetSvcs:64bit: ShellHWDetection - C:\Windows\SysNative\shsvcs.dll (Microsoft Corporation)
NetSvcs:64bit: iphlpsvc - C:\Windows\SysNative\iphlpsvc.dll (Microsoft Corporation)
NetSvcs:64bit: seclogon - C:\Windows\SysNative\seclogon.dll (Microsoft Corporation)
NetSvcs:64bit: AppInfo - C:\Windows\SysNative\appinfo.dll (Microsoft Corporation)
NetSvcs:64bit: msiscsi - C:\Windows\SysNative\iscsiexe.dll (Microsoft Corporation)
NetSvcs:64bit: MMCSS - C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
NetSvcs:64bit: winmgmt - C:\Windows\SysNative\wbem\WMIsvc.dll (Microsoft Corporation)
NetSvcs:64bit: SessionEnv - C:\Windows\SysNative\SessEnv.dll (Microsoft Corporation)
NetSvcs:64bit: browser - C:\Windows\SysNative\browser.dll (Microsoft Corporation)
NetSvcs:64bit: EapHost - C:\Windows\SysNative\eapsvc.dll (Microsoft Corporation)
NetSvcs:64bit: schedule - C:\Windows\SysNative\schedsvc.dll (Microsoft Corporation)
NetSvcs:64bit: hkmsvc - C:\Windows\SysNative\KMSVC.DLL (Microsoft Corporation)
NetSvcs:64bit: wercplsupport - C:\Windows\SysNative\wercplsupport.dll (Microsoft Corporation)
NetSvcs:64bit: ProfSvc - C:\Windows\SysNative\profsvc.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008.01.21 04:08:35 | 00,000,000 | ---D | M]
NetSvcs: Remoteaccess - C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
NetSvcs: SENS - C:\Windows\SysWOW64\Sens.dll (Microsoft Corporation)
NetSvcs: Tapisrv - C:\Windows\SysWOW64\tapisrv.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
NetSvcs: ShellHWDetection - C:\Windows\SysWOW64\shsvcs.dll (Microsoft Corporation)
NetSvcs: SessionEnv - C:\Windows\SysWOW64\SessEnv.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!
 
========== Files/Folders - Created Within 14 Days ==========
 
[2009.11.27 21:56:28 | 00,532,992 | ---- | C] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 19:45:26 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\Malwarebytes
[2009.11.27 19:45:13 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.11.27 19:45:06 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.11.27 19:45:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.11.27 19:45:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2009.11.26 21:16:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009.11.23 15:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PostgreSQL2
[2009.11.23 14:59:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PokerTracker 3
[2009.11.21 14:57:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009.11.20 18:30:57 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\CasinoOnNet
[2009.11.20 18:30:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CasinoOnNet
[2009.11.19 16:28:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2009.11.19 16:28:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2009.11.19 03:52:07 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Diagnostics
[2009.11.18 20:03:27 | 00,000,000 | ---D | C] -- C:\Programme\PlayReady
[2009.05.05 16:36:47 | 01,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2009.05.05 16:36:47 | 00,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2009.05.05 16:36:47 | 00,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2009.05.05 16:36:47 | 00,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2009.05.05 16:36:47 | 00,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2009.05.05 16:36:47 | 00,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2009.05.05 16:36:47 | 00,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2009.05.05 16:36:47 | 00,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2009.05.05 16:36:47 | 00,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2009.05.05 16:36:47 | 00,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 14 Days ==========
 
[2009.11.27 22:02:17 | 02,883,584 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT
[2009.11.27 21:59:28 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.27 21:59:28 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.27 21:56:24 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009.11.27 21:55:50 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 21:54:21 | 00,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009.11.27 21:52:59 | 00,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2009.11.27 21:52:12 | 00,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2009.11.27 21:51:22 | 00,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.11.27 21:50:48 | 00,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 21:50:37 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.11.27 21:50:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.11.27 21:50:19 | 31,952,36352 | -HS- | M] () -- C:\hiberfil.sys
[2009.11.27 21:48:32 | 02,821,359 | -H-- | M] () -- C:\Users\mnk\AppData\Local\IconCache.db
[2009.11.27 21:20:02 | 00,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.11.27 19:45:29 | 45,814,706 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009.11.27 19:45:22 | 00,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.27 19:45:02 | 00,105,755 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009.11.27 19:42:59 | 01,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.11.27 19:42:59 | 00,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2009.11.27 19:42:59 | 00,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.11.27 19:42:59 | 00,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2009.11.27 19:42:59 | 00,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.11.26 21:53:41 | 00,000,016 | ---- | M] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | M] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | M] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 12:44:35 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009.11.26 00:54:17 | 00,001,264 | ---- | M] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | M] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | M] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | M] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:34 | 00,002,099 | ---- | M] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | M] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | M] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | M] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.15 20:43:39 | 00,001,617 | ---- | M] () -- C:\Users\mnk\Desktop\DivX Movies.lnk
[2009.11.14 15:18:33 | 00,101,328 | ---- | M] () -- C:\Users\mnk\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.11.14 15:17:15 | 00,385,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

jomos · 27.11.2009, 22:41

OTL.txt Teil 6

Code:

ATTFilter

========== Files Created - No Company Name ==========
 
[2009.11.27 21:50:48 | 00,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 19:45:22 | 00,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.26 21:53:41 | 00,000,016 | ---- | C] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | C] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | C] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | C] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 00:54:17 | 00,001,264 | ---- | C] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | C] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | C] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:18 | 00,002,099 | ---- | C] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | C] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | C] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | C] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.12 22:29:51 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.12 20:17:13 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\QSwitch.txt
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\DSwitch.txt
[2009.11.12 11:09:24 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\AtStart.txt
[2009.10.10 15:33:02 | 00,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.10.10 15:32:06 | 00,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.07.18 17:40:42 | 00,290,816 | ---- | C] () -- C:\Windows\SysWow64\decdll.dll
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.08 17:11:16 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.07.08 17:11:16 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.07.08 17:11:16 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.05.07 22:23:35 | 00,144,144 | ---- | C] () -- C:\Windows\SysWow64\MASE32.DLL
[2009.05.07 22:23:32 | 00,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2009.05.07 22:23:32 | 00,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2009.05.07 22:23:32 | 00,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2009.05.07 22:23:32 | 00,033,040 | ---- | C] () -- C:\Windows\SysWow64\MA32.DLL
[2009.05.05 16:41:50 | 00,000,174 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2009.05.05 16:36:47 | 00,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2008.03.07 16:43:56 | 00,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 13:47:30 | 00,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== LOP Check ==========
 
[2009.11.26 21:18:57 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\BitDefender
[2009.11.22 23:22:22 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\CasinoOnNet
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\funkitron
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Gaijin Ent
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\GetRightToGo
[2009.11.12 03:31:04 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\ICQ
[2009.11.12 03:31:04 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\IrfanView
[2009.11.12 03:31:11 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\MAGIX
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Nokia
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Nokia Multimedia Player
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\NSeries
[2009.11.12 03:32:12 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PacificPoker
[2009.11.12 03:32:13 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PC Suite
[2009.11.12 03:32:13 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PlayFirst
[2009.11.12 03:32:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\SPORE Creature Creator
[2009.11.12 03:32:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Vodafone
[2009.07.14 06:08:49 | 00,012,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.exe >
 
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2007.01.23 15:22:16 | 00,032,890 | R--- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Perl\lib\auto\Win32\EventLog\EventLog.dll
[2007.05.17 20:34:04 | 00,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
[2009.06.25 15:06:52 | 00,001,024 | ---- | M] () MD5=231CD46A29C26A58BDE1C7146B702399 -- C:\Programme\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll
 
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009.07.14 02:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
 
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009.07.14 02:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
 
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
 
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
 
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
 
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
 
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
 
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\mnk\Documents\Xavier Naidoo Piano cover (Instrumental) by Elton Richardson.mp3:TOC.WMV
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:8CEFE51A
< End of report >

danke nochmal für die arbeit!

Larusso · 27.11.2009, 23:13

Wurde die Datei von dir gelöscht?

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista-User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run|MailBlocker /s
C:\Users\mnk\AppData\Local\Temp\b.exe /s

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Code-Tags in Deinen Thread

jomos · 28.11.2009, 11:48

Keine Ahnung ob die Datei gelöscht wurde. Die Auslastung ist jedenfalls nach wie vor auf über 50%

OTL.txt Teil 1:

Code:

ATTFilter

OTL logfile created on: 28.11.2009 11:37:55 - Run 2
OTL by OldTimer - Version 3.1.11.0     Folder = C:\Users\mnk\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 60,38% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,50 Gb Total Space | 137,36 Gb Free Space | 48,11% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 116,41 Gb Free Space | 39,05% Space Free | Partition Type: NTFS
Drive E: | 12,58 Gb Total Space | 11,93 Gb Free Space | 94,79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 59,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MNK-LAPTOP
Current User Name: mnk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2009.11.27 21:55:50 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
PRC - [2009.11.12 16:19:45 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2009.10.28 19:51:55 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009.10.28 19:51:47 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2009.10.28 19:51:47 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2009.10.28 19:51:47 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2009.10.28 19:51:44 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2009.10.28 19:51:44 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.10.09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009.06.27 22:24:47 | 00,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\pg_ctl.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.27 22:22:03 | 04,505,600 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe
PRC - [2009.06.24 14:57:28 | 00,320,056 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2009.05.05 10:11:50 | 00,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2009.01.26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
PRC - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
PRC - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
PRC - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
PRC - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
PRC - [2008.10.22 10:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
PRC - [2008.10.22 10:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
PRC - [2008.10.21 17:23:50 | 00,228,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008.09.26 02:36:40 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008.09.25 18:42:24 | 00,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.09.25 18:41:44 | 01,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.09.25 18:41:44 | 01,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.09.23 11:18:52 | 00,365,904 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 06:30:34 | 03,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008.09.19 02:03:58 | 00,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2008.06.30 00:10:18 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008.06.30 00:10:18 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008.06.10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008.06.09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2008.04.15 13:51:00 | 00,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2008.03.13 19:09:10 | 02,060,288 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2008.03.13 19:08:58 | 00,024,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.03.13 19:08:58 | 00,024,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.02.28 10:58:42 | 00,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
PRC - [2008.02.28 10:57:36 | 00,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
PRC - [2007.08.02 15:30:42 | 03,096,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe
PRC - [2007.05.08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2007.02.08 15:13:46 | 00,212,480 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2005.06.23 19:33:00 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2009.11.27 21:55:50 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
MOD - [2009.11.09 16:38:22 | 00,172,032 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_extra.m32
MOD - [2009.11.09 16:38:08 | 00,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_nt.m32
MOD - [2009.11.09 16:37:42 | 00,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_net.m32
MOD - [2009.11.09 16:37:30 | 00,299,008 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_fragments.m32
MOD - [2009.11.09 16:37:10 | 00,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_registry.m32
MOD - [2009.11.09 16:37:02 | 00,143,360 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_base.m32
MOD - [2009.11.09 16:33:58 | 00,221,184 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\midas32.dll
MOD - [2009.07.14 02:17:51 | 01,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009.07.14 02:16:19 | 00,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009.07.14 02:16:19 | 00,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2009.07.14 02:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009.07.14 02:16:17 | 00,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009.07.14 02:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009.07.14 02:16:17 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009.07.14 02:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009.07.14 02:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009.07.14 02:16:14 | 12,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009.07.14 02:16:14 | 01,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009.07.14 02:16:14 | 00,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009.07.14 02:16:14 | 00,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009.07.14 02:16:13 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009.07.14 02:16:13 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009.07.14 02:16:13 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009.07.14 02:16:13 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009.07.14 02:16:12 | 01,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009.07.14 02:16:12 | 00,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009.07.14 02:16:12 | 00,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009.07.14 02:16:12 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009.07.14 02:16:12 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009.07.14 02:16:12 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009.07.14 02:16:11 | 00,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009.07.14 02:16:03 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009.07.14 02:15:50 | 00,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009.07.14 02:15:44 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009.07.14 02:15:43 | 00,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009.07.14 02:15:13 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009.07.14 02:15:07 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009.07.14 02:15:03 | 00,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009.07.14 02:15:02 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009.07.14 02:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009.07.14 02:14:53 | 00,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009.07.14 02:14:53 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009.07.14 02:14:08 | 00,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009.07.14 02:11:24 | 00,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009.07.14 02:11:24 | 00,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009.07.14 02:11:24 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009.07.14 02:11:23 | 00,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009.07.14 02:11:23 | 00,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009.07.14 02:11:23 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009.07.14 02:11:23 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009.07.14 02:11:21 | 00,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009.07.14 02:11:21 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009.07.14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

jomos · 28.11.2009, 11:50

OTL.txt Teil 2

Code:

ATTFilter

========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.11.26 21:40:54 | 00,409,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2009.11.11 17:09:14 | 02,309,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2009.10.19 19:04:58 | 00,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009.07.14 02:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009.07.14 02:41:59 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2009.07.14 02:41:58 | 02,418,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009.07.14 02:41:58 | 02,018,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2009.07.14 02:41:58 | 00,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009.07.14 02:41:57 | 00,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2009.07.14 02:41:57 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2009.07.14 02:41:56 | 01,646,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2009.07.14 02:41:56 | 00,886,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009.07.14 02:41:56 | 00,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2009.07.14 02:41:56 | 00,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2009.07.14 02:41:56 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009.07.14 02:41:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009.07.14 02:41:56 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2009.07.14 02:41:56 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2009.07.14 02:41:56 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2009.07.14 02:41:56 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2009.07.14 02:41:56 | 00,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2009.07.14 02:41:56 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2009.07.14 02:41:56 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009.07.14 02:41:55 | 00,706,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2009.07.14 02:41:55 | 00,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2009.07.14 02:41:55 | 00,316,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009.07.14 02:41:55 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2009.07.14 02:41:55 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2009.07.14 02:41:55 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2009.07.14 02:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009.07.14 02:41:54 | 01,780,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2009.07.14 02:41:54 | 00,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009.07.14 02:41:54 | 00,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009.07.14 02:41:54 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009.07.14 02:41:54 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2009.07.14 02:41:54 | 00,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2009.07.14 02:41:54 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2009.07.14 02:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009.07.14 02:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 01,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2009.07.14 02:41:53 | 01,104,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009.07.14 02:41:53 | 00,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009.07.14 02:41:53 | 00,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2009.07.14 02:41:53 | 00,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009.07.14 02:41:53 | 00,475,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2009.07.14 02:41:53 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,343,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009.07.14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2009.07.14 02:41:53 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009.07.14 02:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009.07.14 02:41:53 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 00,170,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009.07.14 02:41:53 | 00,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009.07.14 02:41:53 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009.07.14 02:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009.07.14 02:41:53 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2009.07.14 02:41:53 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2009.07.14 02:41:53 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009.07.14 02:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009.07.14 02:41:52 | 00,459,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2009.07.14 02:41:52 | 00,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009.07.14 02:41:52 | 00,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009.07.14 02:41:28 | 00,368,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2009.07.14 02:41:27 | 00,824,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 00,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009.07.14 02:41:26 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2009.07.14 02:41:26 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009.07.14 02:41:21 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2009.07.14 02:41:18 | 00,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2009.07.14 02:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009.07.14 02:41:18 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2009.07.14 02:41:13 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2009.07.14 02:41:11 | 00,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2009.07.14 02:41:10 | 00,565,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2009.07.14 02:41:10 | 00,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2009.07.14 02:41:10 | 00,359,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009.07.14 02:41:09 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:64bit: - [2009.07.14 02:41:08 | 00,845,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2009.07.14 02:41:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009.07.14 02:40:59 | 00,776,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2009.07.14 02:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.07.14 02:40:52 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2009.07.14 02:40:52 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2009.07.14 02:40:50 | 00,402,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009.07.14 02:40:35 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009.07.14 02:40:32 | 00,252,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009.07.14 02:40:32 | 00,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009.07.14 02:40:32 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2009.07.14 02:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009.07.14 02:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009.07.14 02:40:24 | 00,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009.07.14 02:40:15 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2009.07.14 02:40:15 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2009.07.14 02:40:13 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2009.07.14 02:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009.07.14 02:40:10 | 00,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2009.07.14 02:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009.07.14 02:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009.07.14 02:40:04 | 00,676,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009.07.14 02:40:04 | 00,676,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2009.07.14 02:40:01 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2009.07.14 02:40:01 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009.07.14 02:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009.07.14 02:39:56 | 01,525,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2009.07.14 02:39:55 | 00,203,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009.07.14 02:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009.07.14 02:39:50 | 01,598,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2009.07.14 02:39:49 | 00,532,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2009.07.14 02:39:48 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2009.07.14 02:39:44 | 00,558,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2009.07.14 02:39:41 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2009.07.14 02:39:37 | 00,593,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2009.07.14 02:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009.07.14 02:39:21 | 00,141,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2009.07.14 02:39:21 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009.07.14 02:39:16 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:64bit: - [2009.07.14 02:39:15 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2009.07.14 02:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009.07.14 02:39:06 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2009.07.14 02:38:55 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2008.09.13 08:13:00 | 00,357,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvsvc.exe -- (nvsvc)
SRV:64bit: - [2008.09.11 12:53:00 | 00,279,040 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008.06.27 16:53:06 | 00,089,088 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008.03.18 16:25:40 | 00,023,040 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)

jomos · 28.11.2009, 11:52

OTL.txt Teil 3

Code:

ATTFilter

SRV - [2009.11.21 14:37:31 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.10.28 19:51:47 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009.10.28 19:51:44 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009.10.23 14:45:44 | 00,392,192 | ---- | M] (S.C. BitDefender S.R.L) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2009.07.14 04:20:14 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS)
SRV - [2009.07.14 04:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009.07.14 02:39:48 | 00,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009.07.14 02:39:09 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2009.07.14 02:39:09 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009.07.14 02:16:20 | 01,175,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) Windows-Remoteverwaltung (WS-Verwaltung)
SRV - [2009.07.14 02:16:20 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009.07.14 02:16:19 | 00,348,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009.07.14 02:16:18 | 00,276,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009.07.14 02:16:18 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009.07.14 02:16:18 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009.07.14 02:16:18 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009.07.14 02:16:18 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009.07.14 02:16:17 | 00,266,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009.07.14 02:16:15 | 00,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009.07.14 02:16:14 | 00,328,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009.07.14 02:16:13 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2009.07.14 02:16:13 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009.07.14 02:16:12 | 01,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2009.07.14 02:16:12 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009.07.14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:03 | 00,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009.07.14 02:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2009.07.14 02:15:41 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.07.14 02:15:35 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2009.07.14 02:15:24 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009.07.14 02:15:19 | 00,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009.07.14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:07 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2009.07.14 02:14:35 | 00,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009.07.14 02:14:28 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009.07.14 02:14:25 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009.07.14 02:14:18 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009.07.13 21:30:11 | 00,061,056 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009.06.27 22:24:47 | 00,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2009.06.10 22:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 21:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.06.10 21:30:59 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009.06.10 21:30:45 | 00,856,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009.05.06 00:48:51 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate1c9cddcfc110e0) Google Update Service (gupdate1c9cddcfc110e0)
SRV - [2009.05.06 00:44:39 | 00,183,280 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009.05.05 10:11:50 | 00,228,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2009.01.26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.11.04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.10.23 07:31:06 | 00,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2008.10.21 17:23:50 | 00,228,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008.09.23 11:18:52 | 00,365,904 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.09.19 02:03:58 | 00,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2008.06.30 00:10:18 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2008.06.16 07:02:28 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008.06.09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008.03.13 19:08:58 | 00,024,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007.02.08 15:13:46 | 00,212,480 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.12.14 16:00:00 | 00,544,768 | ---- | M] (Magix AG) -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006.10.26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.11.17 14:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004.10.22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2009.11.10 17:04:08 | 00,162,824 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2009.11.10 14:24:35 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2009.10.28 19:52:11 | 00,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2009.10.28 19:52:08 | 00,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2009.10.02 05:32:07 | 00,982,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2009.07.24 11:26:02 | 00,340,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2009.07.14 02:52:31 | 00,367,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clfs.sys -- (CLFS) Gemeinsames Protokoll (CLFS)
DRV:64bit: - [2009.07.14 02:52:31 | 00,021,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009.07.14 02:52:31 | 00,017,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009.07.14 02:52:21 | 00,491,088 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009.07.14 02:52:21 | 00,339,536 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009.07.14 02:52:21 | 00,334,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009.07.14 02:52:21 | 00,182,864 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009.07.14 02:52:21 | 00,106,576 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 00,097,856 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009.07.14 02:52:21 | 00,087,632 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009.07.14 02:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009.07.14 02:52:21 | 00,028,752 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009.07.14 02:52:21 | 00,015,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009.07.14 02:52:21 | 00,015,440 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009.07.14 02:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:27 | 01,659,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2009.07.14 02:48:27 | 00,947,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009.07.14 02:48:27 | 00,224,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009.07.14 02:48:27 | 00,155,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2009.07.14 02:48:27 | 00,149,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2009.07.14 02:48:27 | 00,140,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2009.07.14 02:48:27 | 00,094,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2009.07.14 02:48:27 | 00,060,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009.07.14 02:48:27 | 00,049,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009.07.14 02:48:27 | 00,032,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009.07.14 02:48:27 | 00,030,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2009.07.14 02:48:27 | 00,015,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009.07.14 02:48:26 | 00,367,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2009.07.14 02:48:26 | 00,122,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009.07.14 02:48:26 | 00,051,264 | ---- | M] (IBM Corporation) -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009.07.14 02:48:04 | 00,410,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2009.07.14 02:48:04 | 00,284,736 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009.07.14 02:48:04 | 00,153,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009.07.14 02:48:04 | 00,115,776 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009.07.14 02:48:04 | 00,114,752 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009.07.14 02:48:04 | 00,106,560 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009.07.14 02:48:04 | 00,095,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2009.07.14 02:48:04 | 00,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:48:04 | 00,050,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009.07.14 02:48:04 | 00,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009.07.14 02:48:04 | 00,035,392 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009.07.14 02:48:04 | 00,020,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009.07.14 02:48:04 | 00,016,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009.07.14 02:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009.07.14 02:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009.07.14 02:47:48 | 00,530,496 | ---- | M] (Emulex) -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009.07.14 02:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 00,073,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009.07.14 02:47:48 | 00,070,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009.07.14 02:47:48 | 00,065,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009.07.14 02:47:48 | 00,024,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 02:47:47 | 00,290,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2009.07.14 02:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009.07.14 02:45:55 | 01,898,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2009.07.14 02:45:55 | 01,898,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2009.07.14 02:45:55 | 00,654,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009.07.14 02:45:55 | 00,363,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009.07.14 02:45:55 | 00,294,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009.07.14 02:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009.07.14 02:45:55 | 00,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009.07.14 02:45:55 | 00,071,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009.07.14 02:45:55 | 00,064,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009.07.14 02:45:55 | 00,064,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009.07.14 02:45:55 | 00,062,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2009.07.14 02:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009.07.14 02:45:55 | 00,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:45:55 | 00,021,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009.07.14 02:45:55 | 00,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009.07.14 02:45:55 | 00,017,488 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009.07.14 02:45:55 | 00,012,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009.07.14 02:45:46 | 01,524,816 | ---- | M] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009.07.14 02:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009.07.14 02:45:46 | 00,080,464 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009.07.14 02:45:46 | 00,075,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2009.07.14 02:45:45 | 00,220,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009.07.14 02:45:45 | 00,183,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009.07.14 02:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2009.07.14 02:45:45 | 00,128,592 | ---- | M] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009.07.14 02:45:45 | 00,104,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2009.07.14 02:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009.07.14 02:45:45 | 00,043,584 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009.07.14 02:45:45 | 00,012,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009.07.14 02:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)

jomos · 28.11.2009, 11:54

OTL.txt Teil 4

Code:

ATTFilter

DRV:64bit: - [2009.07.14 02:43:13 | 00,223,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009.07.14 02:19:07 | 00,286,720 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2009.07.14 02:01:19 | 00,651,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009.07.14 01:38:18 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009.07.14 01:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009.07.14 01:16:48 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2009.07.14 01:16:41 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2009.07.14 01:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009.07.14 01:16:34 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009.07.14 01:16:34 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009.07.14 01:16:32 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2009.07.14 01:16:32 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009.07.14 01:10:48 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009.07.14 01:10:33 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009.07.14 01:10:25 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp) WAN-Miniport (SSTP)
DRV:64bit: - [2009.07.14 01:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009.07.14 01:10:22 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009.07.14 01:10:22 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2009.07.14 01:10:18 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP)
DRV:64bit: - [2009.07.14 01:10:17 | 00,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009.07.14 01:10:13 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009.07.14 01:10:13 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009.07.14 01:10:12 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP)
DRV:64bit: - [2009.07.14 01:10:09 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009.07.14 01:10:05 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2009.07.14 01:10:04 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009.07.14 01:10:03 | 00,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009.07.14 01:10:00 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009.07.14 01:09:49 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009.07.14 01:09:48 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009.07.14 01:09:42 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2009.07.14 01:09:38 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2009.07.14 01:09:26 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009.07.14 01:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009.07.14 01:09:25 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2009.07.14 01:09:09 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smb.sys -- (Smb) Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung)
DRV:64bit: - [2009.07.14 01:08:59 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009.07.14 01:08:51 | 00,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009.07.14 01:08:51 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009.07.14 01:08:25 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009.07.14 01:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009.07.14 01:07:23 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009.07.14 01:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009.07.14 01:07:13 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009.07.14 01:07:09 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2009.07.14 01:07:00 | 00,184,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB-Videogerät (WDM)
DRV:64bit: - [2009.07.14 01:07:00 | 00,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth-Gerät (PAN)
DRV:64bit: - [2009.07.14 01:06:57 | 00,551,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2009.07.14 01:06:56 | 00,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
DRV:64bit: - [2009.07.14 01:06:56 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2009.07.14 01:06:53 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009.07.14 01:06:52 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009.07.14 01:06:52 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2009.07.14 01:06:52 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009.07.14 01:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009.07.14 01:06:45 | 00,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2009.07.14 01:06:45 | 00,072,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV:64bit: - [2009.07.14 01:06:37 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:64bit: - [2009.07.14 01:06:34 | 00,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2009.07.14 01:06:34 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009.07.14 01:06:30 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2009.07.14 01:06:30 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2009.07.14 01:06:27 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2009.07.14 01:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009.07.14 01:06:23 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009.07.14 01:06:22 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009.07.14 01:06:16 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009.07.14 01:06:13 | 00,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2009.07.14 01:06:06 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2009.07.14 01:05:37 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009.07.14 01:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009.07.14 01:02:07 | 00,027,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009.07.14 01:01:03 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009.07.14 01:01:02 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009.07.14 01:01:02 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2009.07.14 01:01:01 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009.07.14 01:00:54 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009.07.14 01:00:54 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009.07.14 01:00:41 | 00,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009.07.14 01:00:40 | 00,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009.07.14 01:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009.07.14 01:00:33 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009.07.14 01:00:20 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2009.07.14 01:00:20 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009.07.14 01:00:20 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009.07.14 01:00:19 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009.07.14 01:00:18 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009.07.14 01:00:17 | 00,008,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009.07.14 01:00:17 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009.07.14 01:00:17 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009.07.14 01:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009.07.14 00:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009.07.14 00:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009.07.14 00:47:45 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2009.07.14 00:38:52 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009.07.14 00:38:47 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009.07.14 00:38:47 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009.07.14 00:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009.07.14 00:35:59 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009.07.14 00:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009.07.14 00:31:04 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009.07.14 00:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009.07.14 00:31:02 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009.07.14 00:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009.07.14 00:26:13 | 00,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009.07.14 00:25:40 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009.07.14 00:25:13 | 00,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2009.07.14 00:25:04 | 00,407,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2009.07.14 00:24:59 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2009.07.14 00:24:10 | 00,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2009.07.14 00:24:08 | 00,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2009.07.14 00:24:06 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2009.07.14 00:24:00 | 00,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2009.07.14 00:23:57 | 00,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009.07.14 00:23:50 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2009.07.14 00:23:44 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2009.07.14 00:23:37 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2009.07.14 00:23:29 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009.07.14 00:23:29 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009.07.14 00:22:20 | 00,751,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2009.07.14 00:21:42 | 00,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2009.07.14 00:21:29 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2009.07.14 00:21:15 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2009.07.14 00:21:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009.07.14 00:19:57 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009.07.14 00:19:54 | 00,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2009.07.14 00:19:48 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009.07.14 00:19:47 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009.07.14 00:19:47 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009.07.14 00:19:38 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009.07.14 00:19:25 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009.07.14 00:19:25 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009.07.14 00:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009.07.14 00:19:25 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009.06.10 21:41:10 | 00,047,104 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009.06.10 21:41:10 | 00,014,976 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009.06.10 21:41:10 | 00,014,720 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009.06.10 21:41:06 | 00,018,432 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009.06.10 21:41:06 | 00,008,704 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009.06.10 21:37:19 | 00,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009.06.10 21:35:28 | 05,434,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 12:08:55 | 00,172,080 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009.04.29 08:48:32 | 00,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008.10.23 07:31:07 | 00,474,672 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2008.10.23 07:31:07 | 00,428,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2008.10.23 07:31:07 | 00,402,480 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2008.10.23 07:31:07 | 00,283,696 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2008.10.23 07:31:07 | 00,138,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symfw.sys -- (SYMFW)
DRV:64bit: - [2008.10.23 07:31:07 | 00,046,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2008.10.23 07:31:07 | 00,033,840 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symredrv.sys -- (SYMREDRV)
DRV:64bit: - [2008.10.23 07:31:07 | 00,032,304 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2008.10.23 07:31:07 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2008.10.23 07:31:07 | 00,016,432 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symdns.sys -- (SYMDNS)
DRV:64bit: - [2008.09.13 08:13:00 | 09,492,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2008.09.11 12:54:44 | 00,465,408 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008.08.06 04:29:26 | 00,056,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

jomos · 28.11.2009, 11:56

OTL.txt Teil 5

Code:

ATTFilter

DRV:64bit: - [2008.07.22 16:42:34 | 00,170,496 | ---- | M] (Realtek Corporation                                            ) -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.07.21 11:53:04 | 00,145,496 | ---- | M] (JMicron Technology Corporation) -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2008.04.29 02:55:32 | 00,064,000 | ---- | M] (ENE TECHNOLOGY INC.) -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2008.03.27 12:10:56 | 00,026,984 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008.03.27 12:10:14 | 00,040,296 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008.03.07 13:46:30 | 00,112,512 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2008.01.18 12:31:30 | 00,320,560 | ---- | M] (Synaptics, Inc.) -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2007.12.11 00:05:38 | 00,630,528 | ---- | M] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2007.10.19 13:33:00 | 00,024,200 | ---- | M] (DiBcom S.A.) -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV:64bit: - [2007.07.16 01:20:20 | 00,095,784 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009.10.19 16:04:00 | 00,089,096 | ---- | M] (BitDefender LLC) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2009.07.14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009.06.10 22:28:14 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009.06.10 22:15:18 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2008.10.23 07:31:07 | 01,458,224 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS -- (NAVEX15)
DRV - [2008.10.23 07:31:07 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2008.10.23 07:31:07 | 00,395,312 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSVia64.sys -- (IDSVia64)
DRV - [2008.10.23 07:31:07 | 00,136,752 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS -- (NAVENG)
DRV - [2008.10.23 07:31:07 | 00,128,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008.09.26 02:36:34 | 00,027,632 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "infokrieg.tv"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.11.12 03:20:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2009.11.12 03:06:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2009.11.26 21:18:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.11.26 21:33:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.11.15 20:44:18 | 00,000,000 | ---D | M]
 
[2009.11.12 03:31:17 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\mozilla\Extensions
[2009.05.05 17:36:04 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\mozilla\Firefox\Profiles\c1jh5jod.default\extensions
[2009.11.28 11:27:13 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.11.12 03:16:22 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009.10.19 18:59:44 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll
[2008.03.15 14:56:14 | 00,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 19:34:40 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2008.02.19 15:40:48 | 00,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2006.12.03 16:59:22 | 00,000,986 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.17 12:19:24 | 00,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PMCLoader] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] D:\Games\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

jomos · 28.11.2009, 11:58

OTL.txt Teil 6

Code:

ATTFilter

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.13 21:39:50 | 00,000,070 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2009.11.27 21:56:28 | 00,532,992 | ---- | C] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 19:45:26 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\Malwarebytes
[2009.11.27 19:45:13 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.11.27 19:45:06 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.11.27 19:45:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.11.27 19:45:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2009.11.26 21:16:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009.11.25 13:18:08 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009.11.25 13:18:08 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2009.11.23 15:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PostgreSQL2
[2009.11.23 14:59:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PokerTracker 3
[2009.11.23 11:19:54 | 28,155,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009.11.21 14:57:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009.11.20 18:30:57 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\CasinoOnNet
[2009.11.20 18:30:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CasinoOnNet
[2009.11.19 16:28:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2009.11.19 16:28:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2009.11.19 03:52:07 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Diagnostics
[2009.11.18 20:03:27 | 00,000,000 | ---D | C] -- C:\Programme\PlayReady
[2009.11.12 16:22:28 | 00,000,000 | ---D | C] -- C:\Users\mnk\Desktop\Studium
[2009.11.12 12:40:52 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009.11.12 12:40:52 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009.11.12 12:40:30 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009.11.12 12:12:25 | 09,272,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009.11.12 12:12:25 | 05,958,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.11.12 12:11:53 | 14,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009.11.12 12:11:51 | 11,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009.11.12 12:11:48 | 01,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2009.11.12 12:11:48 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009.11.12 12:11:47 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009.11.12 12:11:47 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009.11.12 12:11:47 | 00,982,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009.11.12 12:11:47 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2009.11.12 12:11:47 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2009.11.12 12:11:47 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009.11.12 12:11:46 | 00,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2009.11.12 12:11:46 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009.11.12 12:11:46 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009.11.12 12:11:45 | 12,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009.11.12 12:11:45 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009.11.12 12:10:57 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009.11.12 12:10:57 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009.11.12 12:10:25 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009.11.12 12:10:25 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009.11.12 11:54:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2009.11.12 11:33:04 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Programs
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Recovery
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | --SD | C] -- C:\Users\mnk\AppData\Roaming\Microsoft
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Videos
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Saved Games
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Pictures
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Music
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Links
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Favorites
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Downloads
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Documents
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Desktop
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Vorlagen
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Verlauf
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Temporary Internet Files
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Startmenü
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\SendTo
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Recent
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Netzwerkumgebung
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Lokale Einstellungen
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Videos
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Musik
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Eigene Dateien
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Bilder
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Druckumgebung
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Cookies
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | -H-D | C] -- C:\Users\mnk\AppData
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Temp
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Microsoft
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\Media Center Programs
[2009.11.12 02:59:15 | 00,000,000 | ---D | C] -- C:\Programme\IDT
[2009.11.12 02:59:14 | 00,562,688 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2009.11.12 02:59:14 | 00,439,808 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2009.11.12 02:59:14 | 00,155,648 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2009.11.12 02:59:14 | 00,076,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2009.11.12 02:59:14 | 00,058,880 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2009.11.12 02:59:13 | 10,760,704 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2009.11.12 02:59:13 | 02,869,248 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2009.11.12 02:59:13 | 00,441,344 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2009.11.12 02:59:12 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2009.11.12 02:58:40 | 00,000,000 | ---D | C] -- C:\Programme\Synaptics
[2009.11.12 02:56:38 | 02,112,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcplui.exe
[2009.11.12 02:56:38 | 01,097,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpluir.dll
[2009.11.12 02:56:38 | 00,410,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.cpl
[2009.11.12 02:56:37 | 00,501,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe
[2009.11.12 02:54:17 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009.11.12 02:52:52 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009.11.12 02:31:37 | 00,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2009.11.12 02:19:48 | 00,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2009.11.12 01:12:43 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\hpqLog
[2009.11.12 00:12:44 | 80,242,728 | ---- | C] (Microsoft Corp.) -- C:\Users\mnk\Desktop\Win7-HP-Retail-de-de-x64.exe
[2009.11.11 18:18:47 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\GetRightToGo
[2009.11.10 17:04:08 | 00,162,824 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfm.sys
[2009.11.10 17:03:44 | 00,101,896 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdhv.sys
[2009.11.04 01:32:28 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\FullTiltPoker
[2009.11.04 01:31:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Full Tilt Poker
[2009.11.02 18:19:26 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Microsoft Corporation
[2009.11.02 18:17:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2009.05.05 16:36:47 | 01,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2009.05.05 16:36:47 | 00,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2009.05.05 16:36:47 | 00,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2009.05.05 16:36:47 | 00,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2009.05.05 16:36:47 | 00,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2009.05.05 16:36:47 | 00,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2009.05.05 16:36:47 | 00,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2009.05.05 16:36:47 | 00,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2009.05.05 16:36:47 | 00,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2009.05.05 16:36:47 | 00,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

jomos · 28.11.2009, 11:59

OTL.txt Teil 7

Code:

ATTFilter

========== Files - Modified Within 30 Days ==========
 
[2009.11.28 11:42:59 | 02,883,584 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT
[2009.11.28 11:36:20 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.28 11:36:20 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.28 11:31:58 | 03,093,684 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\Cat.DB
[2009.11.28 11:30:37 | 00,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009.11.28 11:29:03 | 00,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2009.11.28 11:28:52 | 00,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2009.11.28 11:27:40 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009.11.28 11:27:13 | 00,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.11.28 11:26:40 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.11.28 11:26:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.11.28 11:26:20 | 31,952,36352 | -HS- | M] () -- C:\hiberfil.sys
[2009.11.27 23:36:27 | 02,821,969 | -H-- | M] () -- C:\Users\mnk\AppData\Local\IconCache.db
[2009.11.27 23:20:00 | 00,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.11.27 23:08:22 | 01,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.11.27 23:08:22 | 00,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2009.11.27 23:08:22 | 00,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.11.27 23:08:22 | 00,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2009.11.27 23:08:22 | 00,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.11.27 21:55:50 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 21:50:48 | 00,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 19:45:29 | 45,814,706 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009.11.27 19:45:22 | 00,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.27 19:45:02 | 00,105,755 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009.11.26 21:53:41 | 00,000,016 | ---- | M] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | M] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | M] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 12:44:35 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009.11.26 00:54:17 | 00,001,264 | ---- | M] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | M] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | M] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | M] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:34 | 00,002,099 | ---- | M] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | M] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | M] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | M] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.15 20:43:39 | 00,001,617 | ---- | M] () -- C:\Users\mnk\Desktop\DivX Movies.lnk
[2009.11.14 15:18:33 | 00,101,328 | ---- | M] () -- C:\Users\mnk\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.11.14 15:17:15 | 00,385,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.11.12 11:54:23 | 00,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2009.11.12 11:08:25 | 00,000,020 | -HS- | M] () -- C:\Users\mnk\ntuser.ini
[2009.11.12 04:01:18 | 00,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2009.11.12 04:01:18 | 00,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2009.11.12 03:47:54 | 00,022,960 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2009.11.12 03:02:11 | 00,524,288 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.11.12 03:02:11 | 00,524,288 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.11.12 03:02:11 | 00,065,536 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.11.12 03:01:35 | 00,001,345 | ---- | M] () -- C:\Users\mnk\Desktop\Media Center.lnk
[2009.11.12 02:58:43 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009.11.12 02:58:03 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009.11.12 02:52:42 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009.11.12 02:14:30 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:14:28 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 01:29:48 | 00,004,478 | ---- | M] () -- C:\Users\mnk\Desktop\Windows-Kompatibilitätsbericht.htm
[2009.11.12 01:19:14 | 00,002,608 | ---- | M] () -- C:\Windows\diagwrn.xml
[2009.11.12 01:19:14 | 00,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2009.11.12 01:14:41 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009.11.12 00:21:41 | 80,242,728 | ---- | M] (Microsoft Corp.) -- C:\Users\mnk\Desktop\Win7-HP-Retail-de-de-x64.exe
[2009.11.12 00:14:14 | 16,926,8602 | ---- | M] () -- C:\Users\mnk\Desktop\setup2.box
[2009.11.11 23:58:06 | 28,247,77272 | ---- | M] () -- C:\Users\mnk\Desktop\setup1.box
[2009.11.10 17:04:08 | 00,162,824 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfm.sys
[2009.11.10 17:03:44 | 00,101,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdhv.sys
[2009.11.10 14:51:58 | 00,077,847 | ---- | M] () -- C:\Users\mnk\Desktop\royal plo.JPG
[2009.11.10 14:24:35 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2009.11.05 10:06:00 | 28,155,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009.11.04 01:31:08 | 00,001,603 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2009.11.02 19:24:53 | 00,021,022 | ---- | M] () -- C:\Users\mnk\kqoC0Z70rrb3jHkdWAdtPg.jpg
[2009.11.02 18:17:41 | 00,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2009.11.27 21:50:48 | 00,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 19:45:22 | 00,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.26 21:53:41 | 00,000,016 | ---- | C] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | C] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | C] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | C] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 00:54:17 | 00,001,264 | ---- | C] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | C] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | C] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:18 | 00,002,099 | ---- | C] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | C] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | C] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | C] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.12 22:29:51 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.12 20:17:13 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.12 11:54:23 | 00,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\QSwitch.txt
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\DSwitch.txt
[2009.11.12 11:09:24 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\AtStart.txt
[2009.11.12 11:08:25 | 00,000,020 | -HS- | C] () -- C:\Users\mnk\ntuser.ini
[2009.11.12 04:03:05 | 31,952,36352 | -HS- | C] () -- C:\hiberfil.sys
[2009.11.12 03:47:54 | 00,022,960 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2009.11.12 03:02:09 | 00,524,288 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.11.12 03:02:09 | 00,524,288 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.11.12 03:02:08 | 02,883,584 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT
[2009.11.12 03:02:08 | 00,065,536 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.11.12 03:01:35 | 00,001,345 | ---- | C] () -- C:\Users\mnk\Desktop\Media Center.lnk
[2009.11.12 02:59:14 | 00,015,222 | ---- | C] () -- C:\Windows\SysNative\nbspkrs.ico
[2009.11.12 02:59:14 | 00,003,774 | ---- | C] () -- C:\Windows\SysNative\bltinmic.ico
[2009.11.12 02:59:14 | 00,003,774 | ---- | C] () -- C:\Windows\SysNative\2hps.ico
[2009.11.12 02:58:43 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009.11.12 02:58:03 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009.11.12 02:57:43 | 00,009,504 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:57:43 | 00,009,504 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:12:28 | 00,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2009.11.12 00:35:54 | 00,004,478 | ---- | C] () -- C:\Users\mnk\Desktop\Windows-Kompatibilitätsbericht.htm
[2009.11.12 00:33:48 | 00,002,608 | ---- | C] () -- C:\Windows\diagwrn.xml
[2009.11.12 00:33:48 | 00,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2009.11.11 23:58:06 | 16,926,8602 | ---- | C] () -- C:\Users\mnk\Desktop\setup2.box
[2009.11.11 18:18:52 | 28,247,77272 | ---- | C] () -- C:\Users\mnk\Desktop\setup1.box
[2009.11.10 14:51:55 | 00,077,847 | ---- | C] () -- C:\Users\mnk\Desktop\royal plo.JPG
[2009.11.04 01:31:08 | 00,001,603 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2009.11.02 19:24:52 | 00,021,022 | ---- | C] () -- C:\Users\mnk\kqoC0Z70rrb3jHkdWAdtPg.jpg
[2009.11.02 18:17:40 | 00,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2009.10.10 15:33:02 | 00,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.10.10 15:32:06 | 00,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.07.18 17:40:42 | 00,290,816 | ---- | C] () -- C:\Windows\SysWow64\decdll.dll
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.08 17:11:16 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.07.08 17:11:16 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.07.08 17:11:16 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.05.07 22:23:35 | 00,144,144 | ---- | C] () -- C:\Windows\SysWow64\MASE32.DLL
[2009.05.07 22:23:32 | 00,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2009.05.07 22:23:32 | 00,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2009.05.07 22:23:32 | 00,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2009.05.07 22:23:32 | 00,033,040 | ---- | C] () -- C:\Windows\SysWow64\MA32.DLL
[2009.05.05 16:41:50 | 00,000,174 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2009.05.05 16:36:47 | 00,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2008.03.07 16:43:56 | 00,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 13:47:30 | 00,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== Custom Scans ==========
 
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run|MailBlocker /s >
 
< C:\Users\mnk\AppData\Local\Temp\b.exe /s >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\mnk\Documents\Xavier Naidoo Piano cover (Instrumental) by Elton Richardson.mp3:TOC.WMV
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:8CEFE51A
< End of report >

jomos · 28.11.2009, 12:03

Wie seh ich denn, ob die Datei gelöscht wurde?
Wenn ich HJT durchlaufen lasse finde ich noch folgenden Eintrag -.-

Code:

ATTFilter

O4 - HKCU\..\Run: [MailBlocker] C:\Users\mnk\AppData\Local\Temp\b.exe

muss ich bei OTL vllt "fix checked" auswählen, damit die gelöscht wird?
gruß

Larusso · 28.11.2009, 14:11

Du machst bitte nur das, was ich hier schreibe. Ich finde

Scan mit SystemLook

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.

Download Mirror #1 - Download Mirror #2

Doppelklick auf die SystemLook.exe, um das Tool zu starten.
Vista-User mit Rechtsklick und als Administrator starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:filefind
b.exe
:regfind
MailBlocker
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, diese hier in den Thread posten.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

jomos · 29.11.2009, 13:49

okay, hier das ergebnis:

Code:

ATTFilter

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 13:42 on 29/11/2009 by mnk (Administrator - Elevation successful)

========== filefind ==========

Searching for "b.exe"
No files found.

========== regfind ==========

Searching for "MailBlocker"
[HKEY_CURRENT_USER\Software\MailBlocker]
[HKEY_USERS\S-1-5-21-2710611542-2163317767-2748685683-1000\Software\MailBlocker]

-=End Of File=-

Larusso · 29.11.2009, 14:13

schritt 1

Registry mit ERUNT sichern

Da wir in der Registry Änderungen vornehmen müssen, wirst Du die Registry vorher wie folgt sichern:
Lade das Tool ERUNT von Lars Hederer herunter und installiere es. Starte die erunt.exe und erstelle damit eine Backup der Registry in den vorgegebenen Ordner. Unter Sicherungsoptionen bitte alle drei Möglichkeiten anhaken. Das Programm nicht in den Systemstart aufnehmen.

schritt 2

Fixen mit OTL

Starte bitte die OTL.exe.
Vista-User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

:Reg
[-HKEY_CURRENT_USER\Software\MailBlocker]
[-HKEY_USERS\S-1-5-21-2710611542-2163317767-2748685683-1000\Software\MailBlocker]
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Run Fix Button.
Klick auf .
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere nun den Inhalt hier in Code-Tags in Deinen Thread

schritt 3

ESET Online Scanner
- Unterstützte Betriebssysteme: Microsoft Windows 98/ME/NT 4.0/2000/XP und Windows Vista
- Anmerkung für Vista-User: Bitte den Browser unbedingt als Administrator starten.
- Dein Anti-Virus-Programm während des Scans deaktivieren.
- Button "ESET Online Scanner" drücken.
- Firefox-User müssen ein zusätzliches Addon (esetsmartinstaller_enu.exe) installieren.
- Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User müssen das Installieren eines ActiveX Elements erlauben.
- Einen Haken bei "Remove found threads" und "Scan archives" machen.
- Start drücken.
- Signaturen werden heruntergeladen.
- Der Scan beginnt automatisch.
- Finish drücken.
- Browser schließen.
- Explorer öffnen.
- C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
- Logfile hier posten.
- Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
- Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
- IE-User zusätzlich: mit HJT folgenden Eintrag fixen:
- O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control)

schritt 4

Schliesse bitte alle laufenden Programme inkl Browser.
Lösche bitte die Extra.txt von Deinem Desktop.
Doppelklick auf die OTL.exe und poste beide Logfiles.

jomos · 29.11.2009, 15:07

ergebnis schritt 2:

Code:

ATTFilter

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\MailBlocker\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2710611542-2163317767-2748685683-1000\Software\MailBlocker\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
 
User: mnk
->Temp folder emptied: 1229251 bytes
->Java cache emptied: 5205086 bytes
->FireFox cache emptied: 88035111 bytes
 
User: postgres
->Temp folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1533389 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 314438 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 323 bytes
 
Total Files Cleaned = 91,89 mb
 
 
OTL by OldTimer - Version 3.1.11.0 log created on 11292009_145841

Files\Folders moved on Reboot...
C:\Users\mnk\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

CPU Auslastung immer über 50%

Plagegeister aller Art und deren Bekämpfung: CPU Auslastung immer über 50%