Plagegeister aller Art und deren Bekämpfung: Virenscanner lässt sich nicht installiren, Firefox schließt sich
Virenscanner lässt sich nicht installiren, Firefox schließt sich Hallo zusammen, ich hab ein richtig dickes Problem. Anscheined habe ich mir was eingfangen. mein Virenscanner (Antivir) startet nicht mehr und es lässt sich kein neuer installieren. Hijack this lässt sich nicht installieren und Firefox oder auch jeder andere Browser schließt sich automatisch sobald ich z.b. auf die hijack this website gehe. Deshalb bitte ich darum in diesem thread "hijack this" immer getrennt zu schrieben, denn sobald es zusammengeschrieben wird schließt sich mein Browser einfach. Das einzige was noch geht ist ad aware, der ist aber fast fertig und hat bisher nichts besonderes gefunden. Ich habe also keine möglichkeit euch irgendwelche Logfiles zu posten da nichts mehr geht. ich habe bereits den Abgesicherten Modus getestet und dort kann ich auch einen Virenscanner installieren und betreiben, der Scanner hat auch ein paar sachen gefunden und behoben, das Problem hat sich dadurch leider nicht erledigt. hijack this läuft da auch, nur ist das ergebnis natürlich gleich 0 da der offensichtlich schädliche Prozess im Abgesicherten Modus nicht läuft. Betriebssystem ist Windows 7 Home Premium x64 Ich hab noch einen Screenshot meines Taskmanger angehange, evtl sieht ja jemand was. Ich hoffe ich hab alle wichtigen Informationen drin. Vielen Dank für eure Hilfe! -Funkstar edit: Ad-Aware hat den Bagle Worm gefunden, anschließend entfernt und nach nem restart war er wieder da. Das Removal tool hat mich auch nicht weitergracht
Virenscanner lässt sich nicht installiren, Firefox schließt sich Hallo und
Hinweis: Du nutzt ein 64-Bit-Windows. Viele Tools, die wir hier als Hilfsmittel zum Bereinigen einsetzen, sind mit nem 64-Bit-Windows nicht kompatibel - das macht eine Bereinigung schwerer als sie ohnehin schon ist. Mach bitte eine Scan mit Malwarebytes, aktualisiere das Programm, starte einen Vollscan und lass alle etwaigen Funde entfernen. Anschließend das Logfile posten, danach sehen wir weiter.
Virenscanner lässt sich nicht installiren, Firefox schließt sich Also... mitlerweile laufen Virenscanner und FF wieder einwandfrei. Der Live Schutz von AdAware hat noch einiges erwischt.
Jetzt habe ich nur noch einen Trojaner drauf und der heißt TR/Spy.gen. Antivir kommt alle 2 minuten mit nem Virusfund, immer die selbe datei am selben ort. Es ist eine dll Datei im Windows/Temp verzeichnis. (09f01d08.dll) Malwarebytes läuft grad durch und das log werde ich dann morgen hier posten. Danke für die bisherige Hilfe! gruß Funkstar
Virenscanner lässt sich nicht installiren, Firefox schließt sich Malwarebytes ist durch und hat mehr als 200 sachen gefunden. Ich hab alles entfernt und hier ist auch das Logfile. Code:
ATTFilter Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3674 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 02.02.2010 10:06:49 mbam-log-2010-02-02 (10-06-49).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 316585 Laufzeit: 26 minute(s), 15 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 1 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 3 Infizierte Dateien: 232 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: C:\Windows\SysWOW64\dispex32.dll (Trojan.Agent) -> Delete on reboot. Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sK9Ou0s (Worm.Bagle) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: C:\Users\Funkstar\AppData\Roaming\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Dateien: C:\Windows\System32\dispex32.dll (Trojan.Agent) -> Delete on reboot. C:\Windows\SysWOW64\dispex32.dll (Trojan.Agent) -> Delete on reboot. C:\Users\Funkstar\AppData\Roaming\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\010 Editor v1.0 by UCF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\2M Words Collection v1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\32bit Web Browser v9.80.01 by BRD.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\3D ImageCube 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\470 CookWareRecipes all for Mac.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\4Musics Protected WMA to MP3 Converter 4.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\5Star DVD to AVI Ripper 1.6.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\A-one DVD to 3GP Ripper v6.40.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\A-Z iPod Video Converter v4.36.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ACE-HIGH MP3 WAV WMA OGG Converter v3.20.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Active Image Viewer 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Activity Monitor v1.6b Keygen by PC.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ActualDoc Professional 3.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ACXtractor (Audio CD Xtractor) v3.1 by Heritage.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Advanced MP3 Catalog Pro v1.21 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Advanced X Video Converter 3.9.22 3.9.22 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Alias99 v1.0.0.0 by WKT!.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Almanac 1.0 patch.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Anachronox v1.02 build 45 [ENGLISH] No-CD Fixed EXE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ArMaster 2.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Armed Forces Corp v1.0 [ENGLISH] No-DVD-Fixed EXE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Auction Station 2000 v2.1.25.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Aurigma Image Uploader Dual 6.1.01-key.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Automatic Remasterer Memory (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\AVI DivX to DVD SVCD VCD Converter v1.2.4 by ViRiLiTY.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\AWicons Pro v9.1.6.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Backup Made Simple v5.1.75 Keygen Only by UCF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\BackupAssist v2.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\BanniereCreator v2.0.1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Blazing Angels v1.02 [ENGLISH] No-DVD -Fixed Files.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Blue Ribbon Recipes 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Bolt Torque 5.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\BrowserLock 4.11.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\CalcuNote v1.2.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\CaseLinr 5.9.7.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\CCProxy 4.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Change Case of File Names Software 7.0 (crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ChessBase Fritz 7 (22 Nov 2001).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ChildProtector v2.0.0.5 WinALL Cracked by ARN.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Classic Backup Pro v2.50.0.89 German WinAll by LAXiTY.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Clicktionary English-Thai 3.2.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Clip Boost 1.1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ClipMate Build 268.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Cloanto MenuBox v2.3.2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Cool Converter All Video to WMV Converter v6.0 by FOFF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\corel draw 11 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Coyote Trace Monitor 2.7.10.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\CyberLink MakeDVD (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Data Village Project Manager 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Deep Space Fantasy Screen Saver 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\DemoCharge 2004 v1.0.0.3 WinALL by TBE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\DemoShield v7.01 by SDV.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\DialogBlocks 1.29 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\DIPTool PhotoFX v1.4.02a.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Drive Genius 1.5.1 for Mac (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Earobics 1.0c.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Easy RM RMVB To DVD Burner v1.3.0 by ARN.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\EasyCashbook v3.0.2 German WinAll by LAXiTY.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\eBook Creator Compiler Software 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Emergency 3 Mission Life Multilingual Cheats Enabler RIP by TNT.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\EMS PostgreSQL Query v1.4.3.1 Cracked by SSG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\EMS PostgreSQL Query v1.4.3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\English Translator Polish 2.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\FaxMail Network for Windows v9.92.01 by BRD.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\FlashChart 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\FlashGet 0.90 Beta 1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Freak Out Extreme Freeride v1.0 +4 TRAINER.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\GameHouse Cake Mania Serial by BalCrNepal.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Gameloft Prince of Persia Classic v1.0.6 Retail for SymbianOS S40 JAVA 128x128 by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Gameloft Real Rugby v1.0.9 Retail JAVA Nokia N5500 by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Gangsters v1.0 [ENGLISH] No-CD XP Fixed EXE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Gem Puzzle 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\GoldWave v4.26 by RP2K.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Good Keywords Professional 2.0.052201 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Hang3000 v1.01 Keygen.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Harvey Norman Photo Viewer v2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Haushaltsbuch v2002.12.35.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Helium2.1.0.1b.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\HIEW v6.76.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\HiFiSoft WAV Splitter Joiner v1.00 by EXPLOSiON.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\HTML Password Lock v2.5.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\i-Control 1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Icon 3D 2.03 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\IconChanger v1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ICQ 2000b Beta 4.65 build 3281 IP Crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\IDEAL Administration v6.71 french Crack by FFF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Ignition (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\InDesign CS v3.0 Tryout Multilanguage Fixed.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Instant Check 4.2.02.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\IntroCreator v2.40.024000 Incl Keygen by EXPLOSiON.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Iparmor v5.45.0127 Cracked READ NFO WinALL by F4CG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Jetico BCWipe v3.08 by DVT.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\JoeAlter Shave And A Haircut For Maya 8.5 v4.5v17 Linux Incl Keymaker by ARN.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\JoeAlter Shave And A Haircut v3.8v23 For Maya 6.5 WinALL Incl Keygen by ARN.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\JPGAvi (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\KazMax Test Planner (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Keypict 1.02.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Kristanix Studios Sudoku Mini 2006 v1.4 for Pocket PC XScale 2003 2005.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Kyodai Mahjongg 12.42 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\LEGO Escape Retail JAVA E61 by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\LingvoSoft Dictionary 2007 English - Latin 4.1.29.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Longtion AutoRun Pro Enterprise v2.0.2.21 WinALL Incl Keygen by ViRiLiTY.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Loshad Poni Retail JAVA K300 K500 by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\MailTalkX 2.21.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Marine Life Simulation 3D Screensaver v1.2 by s0m.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\MemMonster v4.65 Regged by CFF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Message Boards Browser 3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Mindjongg 4.0.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Moto GP 07 v1.1 [MULTI5] No-DVD-Fixed Update.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Mouse Tamer 2001A 23.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\MP Software Agama Web Menus Pro v2.12 by CRD.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\MyMappeR v1.2.1.3.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Net Logger Pro 2.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\NetProbe (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Network USB Sentry 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\NI MOTION ASSISTANT V1.2 by RiSE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\NovaBackUp Pro 7.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\NTI CD DVD Maker v7.0.0.3727 by ZWT.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ObjectRescue FileRescue for NTFS v2.x by AT4RE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Olympic Organizer Deluxe v2.6 Incl Keygen by TBE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Overnet v0.42 NEW.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PageRipper v3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Pam Multi Audio Player 2.10 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Panopticum Fire for Adobe Photoshop 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PDF U Append Desktop Edition v1.13 by ACME.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PDF2Word 1.1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PerpetualWorkbook System v3.1.145 WinALL Regged by BLiZZARD.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\picoWare Festival 1.x.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Picture Resize Genius v2.5.1 Cracked by F4CG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Pinnacle Systems Studio DV Plus 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PlayMax for Volleyball 2.3.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PlugIn Manager (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\pocketdvd studio 3.5 Build 02 for Pocket PC.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PostCast 0.92 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\PowerTweak II Revision 004.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Prestwood Writing Suite 1.5.2.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Privacy Shield v3.0.61.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ProShow Gold 1.2 build 1338 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Quintessential CD 1.1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RadioMatic 1.5.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Random Midi Plus 1.02 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RankMeter 1.63 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RBase 3.1b (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RealWar.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Recipe Center (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Registry Entmueller v1.2 German WinAll by LAXiTY.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Rix Date Calculator 2000.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RTL Skispringen 2006 [GERMAN] No-DVD Fixed Image 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\RusFon (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ScanAndSave v1.0 by AGAiN.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Screen Grab Pro Deluxe v1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Security Administrator v6.1 by DBC.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Security Explorer 3.90.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SetMeUp 98 v3.5i by GraphiX.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Shade Professional v7.2.1 WinAll Incl Keygenerator by TMG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Shadow Vault v1.0 +1 TRAINER.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Shredder v3.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Silent Hunter 3 CHEATS.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SingleClick Wireless Network Ignition v2.0 Build 352 READ NFO by DVT.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Smart Edit 1.02b (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SnapDV v1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Softick PPP 3.03 (crack).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SoftWindows 98 for Mac.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SolSuite 2006 v6.1 by DELiGHT.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SourcePublisher for C Plus Plus v1.4.333 Win9xNT Incl Keygenerator by TMG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\South River WebDrive v6.03 by ROR.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Space Quest II for Mac.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Spyware Doctor v3.2.2.417 Serial Only READ NFO by NLRULEZ.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Stalker CommuniGate Pro v5.1.8 FreeBSD5 AMD64 Incl Keygen by SSG.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Stealth Activity Reporter 1.8.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Super Breakout Retail JAVA K750 by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Sygate Personal Firewall PRO v5.1 build 1615 by RP2K.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\SystemUp Eraser 2009 (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Tactical Fighter Experiment (1993) (Ocean) FULL!.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Tathania CrAcKed.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\The Beatles Lyrics and Chords Spider v1.01.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\The Data of Images v2.53.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\The Imaging Factory Convert To Black and White Pro v3.0 for Photoshop by SCOTCH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\The JMaker ButtonBar v2006.01.13 Incl Keygen by Lz0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\The Time Master 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\TIFF Splitter Basic 1.7.9 patch.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Time Lock (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Titan FTP Server v2.30.151 Retail Incl Keygen by UCF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Tootoo X to 3GP Converter v2.11.08 by SND.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Top Conges v1.1.05 Incl Keyfile French by RESET.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Topaz Vivacity v1.3 by FFF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Torchsoft Malware Defender v2.0.0 by BRD.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\TradeTrakker 1.20 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Tradewinds 2 Retail JAVA 6230i by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Traffic Inspector v1.1.5.215 by Trivium.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\True Crime New York City v1.0 +11 TRAINER.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Tweaki for Power Users 1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\TweakRAM v5.5.4.4 by ECLiPSE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\UK2000 Scenery Part 6 1.1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Unblock Blocked Unsafe Attachments 2.1.1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Uninstaller Pro 2.47 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Unreal Game Updates.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\URL Explorer 1.0-key.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Vertigo Hot Text for Mac.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Vidya TaskMan v1.0.3 Retail for Pocket PC ARM Full by RLYEH.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Virtual Font Folder 1.04.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Visual Key 1.0 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Visual Labels v3.31 Incl Keymaker by EMBRACE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Voice Studio 2003 v1.3.10.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Weather1.5.29.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WebcamMax v5.2.0.6 by CORE.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WebExe v1.54 Bilingual.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Website Image Extractor 2.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WinBiz CalWin v2.81 by Lz0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WinCatalog 2009 v2.87 by UST.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Windows Scrabble v1.60 French by FFF.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Windows XP 2001.9.1 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WinFM v1.0 by Orion.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WinRAR v3.71 English by TSRh.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\WinSoft ComPort v3.2.4 for Delphi 7.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Winter Assault [ENGLISH] No-CD Fixed Image 1.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\XMind Pro 3.0.3 crack.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\xStarter v1.40.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Xtreeme FollowUpXpert Professional (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\XWays WinHex v11.7 SR1 by ROR.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\YoGen Vocal Remover v2.0.10 by Lz0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Zeal SoftStudio NTPort Library v2.7 by Lz0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Zealot All Video Splitter 1.0.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Zealot All Video Splitter 1.1.4 (Serial).zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\Zone Clock 2.0.0 CrAcKed.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\m\shared\ZTreeWin v1.49.2 j Cracked by UnderPl.zip (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Funkstar\AppData\Roaming\drivers\winupgro.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
Virenscanner lässt sich nicht installiren, Firefox schließt sich Was ist denn das für ne Warez-Sammlung? Edith: Ich seh gerad, dass dürfte ne Auswirkung vom Bagle sein... Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Virenscanner lässt sich nicht installiren, Firefox schließt sich Ich hab mir dawohl echt was fieses eingefangen. Code:
ATTFilter OTL.txt OTL logfile created on: 02.02.2010 10:39:31 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Funkstar\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 74,00% Memory free 12,00 Gb Paging File | 11,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 84,35 Gb Free Space | 56,63% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 189,53 Gb Free Space | 81,39% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 859,36 Gb Free Space | 92,25% Space Free | Partition Type: NTFS Drive F: | 149,00 Gb Total Space | 141,18 Gb Free Space | 94,75% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GAMING Current User Name: Funkstar Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Funkstar\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) PRC - C:\Program Files (x86)\Orbitdownloader\orbitnet.exe (Orbitdownloader.com) PRC - C:\program files (x86)\avira\antivir desktop\avcenter.exe (Avira GmbH) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe () PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Orbitdownloader\Grab.exe (orbitdownloader.com) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Windows\713xRMT.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Funkstar\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (nlscc) -- C:\Windows\SysNative\nlsInterface.EXE (Nalpeiron Ltd.) SRV:64bit: - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV:64bit: - (ose64) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV:64bit: - (O&O Defrag) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation) SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation) SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation) SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation) SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation) SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation) SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation) SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation) SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation) SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (dispex32) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (astcc) -- C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (VSS) -- C:\Windows\Vss [2009.07.14 04:20:14 | 000,000,000 | ---D | M] SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 04:20:14 | 000,000,000 | ---D | M] SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation) SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech ) DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys () DRV:64bit: - (3xHybr64) -- C:\Windows\SysNative\drivers\3xHybr64.sys (NXP Semiconductors Germany GmbH) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation) DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation) DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation) DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation) DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation) DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation) DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation) DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation) DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation) DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation) DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation) DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation) DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation) DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation) DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation) DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation) DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation) DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation) DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation) DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation) DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation) DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (NXP Semiconductors) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (cmuda3) -- C:\Windows\SysNative\drivers\cmudax3.sys (C-Media Inc) DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (StarOpen) -- C:\Windows\SysWOW64\drivers\StarOpen.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation) DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (adfs) -- C:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 C5 AD 75 87 A1 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.de/" FF - prefs.js..extensions.enabledItems: apptabs@frankyan.com:0.6.2 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9 FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3 FF - prefs.js..extensions.enabledItems: StrataBuddy@ReduxTeam: FF - prefs.js..extensions.enabledItems: tabprogressbar@studio17.wordpress.com:0.6 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.4 FF - prefs.js..extensions.enabledItems: Strata40@SpewBoy.au:0.5.5 FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.01.30 09:47:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.01.21 11:53:51 | 000,000,000 | ---D | M] [2009.10.18 17:42:12 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Extensions [2010.02.02 10:26:42 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions [2010.01.13 14:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41} [2010.01.13 14:44:17 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\apptabs@frankyan.com [2010.01.17 20:20:54 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\smartbookmarksbar@remy.juteau [2010.01.13 14:43:35 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\Strata40@SpewBoy.au [2010.01.13 14:43:01 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\StrataBuddy@ReduxTeam [2010.01.13 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\tabprogressbar@studio17.wordpress.com [2010.01.13 14:43:35 | 000,000,000 | ---D | M] -- C:\Users\Funkstar\AppData\Roaming\mozilla\Firefox\Profiles\i39onepe.default\extensions\Strata40@SpewBoy.au\chrome\mozapps\extensions [2010.02.02 10:26:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.01.19 22:57:39 | 000,001,535 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: activate.adobe.com O1 - Hosts: practivate.adobe.com O1 - Hosts: ereg.adobe.com O1 - Hosts: activate.wip3.adobe.com O1 - Hosts: wip3.adobe.com O1 - Hosts: 3dns-3.adobe.com O1 - Hosts: 3dns-2.adobe.com O1 - Hosts: adobe-dns.adobe.com O1 - Hosts: adobe-dns-2.adobe.com O1 - Hosts: adobe-dns-3.adobe.com O1 - Hosts: ereg.wip3.adobe.com O1 - Hosts: activate-sea.adobe.com O1 - Hosts: wwis-dubc1-vip60.adobe.com O1 - Hosts: activate-sjc0.adobe.com O1 - Hosts: wwis-dubc1-vip60.adobe.com O1 - Hosts: im.adtech.de O1 - Hosts: adserver.adtech.de O1 - Hosts: adtech.de O1 - Hosts: atwola.com O1 - Hosts: adserver.71i.de O1 - Hosts: adicqserver.71i.de O1 - Hosts: 71i.de O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.DLL (C-Media Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [TV Card Remote Control Device Monitor] C:\Windows\713xRMT.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.02.02 10:37:49 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\Funkstar\Desktop\OTL.exe [2010.02.01 23:14:33 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Roaming\Malwarebytes [2010.02.01 23:14:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.02.01 23:14:28 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.02.01 23:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.02.01 23:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.01.31 20:08:09 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Local\Downloaded Installations [2010.01.31 17:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Nik Software [2010.01.31 17:54:11 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Roaming\Nik Software [2010.01.31 17:50:27 | 000,000,000 | ---D | C] -- C:\Programme\Nik Software [2010.01.31 17:50:03 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2010.01.31 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Roaming\onOne Software [2010.01.31 17:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\onOne Software [2010.01.31 17:38:25 | 000,057,344 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\ASTSRV.EXE [2010.01.31 17:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\onOne Software [2010.01.31 17:38:24 | 000,072,192 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlsInterface.EXE [2010.01.30 10:54:03 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2010.01.30 10:54:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2010.01.30 10:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2010.01.30 10:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2010.01.30 10:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010.01.30 10:03:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} [2010.01.30 09:48:38 | 000,074,880 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.01.30 09:47:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\SysWow64\drivers\ssmdrv.sys [2010.01.30 09:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.01.30 09:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010.01.30 09:42:40 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Local\Google [2010.01.30 09:35:26 | 000,000,000 | ---D | C] -- C:\Windows\MSSecurityNS [2010.01.30 09:35:26 | 000,000,000 | ---D | C] -- C:\Windows\MSSecurityNi [2010.01.30 09:25:27 | 000,000,000 | -H-D | C] -- C:\Users\Funkstar\AppData\Roaming\drivers [2010.01.30 08:46:46 | 000,053,488 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2010.01.30 08:46:46 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2010.01.30 08:46:46 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2010.01.30 08:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.01.19 23:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast [2010.01.19 22:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ-Banner-Remover [2010.01.19 22:52:20 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Local\AOL [2010.01.19 22:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.0 [2010.01.18 12:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TerraTec [2010.01.18 12:23:39 | 001,712,128 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll [2010.01.18 12:23:39 | 001,060,864 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll [2010.01.18 12:23:39 | 001,047,552 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71u.dll [2010.01.18 12:23:39 | 000,499,712 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.01.18 12:23:39 | 000,348,160 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.01.18 12:23:39 | 000,065,536 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71DEU.DLL [2010.01.18 12:23:39 | 000,061,440 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71ITA.DLL [2010.01.18 12:23:39 | 000,061,440 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71FRA.DLL [2010.01.18 12:23:39 | 000,061,440 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71ESP.DLL [2010.01.18 12:23:39 | 000,057,344 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71ENU.DLL [2010.01.18 12:23:39 | 000,049,152 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71KOR.DLL [2010.01.18 12:23:39 | 000,049,152 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71JPN.DLL [2010.01.18 12:23:39 | 000,045,056 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71CHT.DLL [2010.01.18 12:23:39 | 000,040,960 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71CHS.DLL [2010.01.18 12:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TerraTec [2010.01.18 12:22:56 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Roaming\TerraTec [2010.01.18 12:21:17 | 000,514,144 | ---- | C] (ITETech ) -- C:\Windows\SysNative\drivers\AF15BDA.sys [2010.01.18 12:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TerraTec [2010.01.14 11:49:56 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Roaming\DivX [2010.01.14 11:45:06 | 001,305,056 | ---- | C] (NXP Semiconductors Germany GmbH) -- C:\Windows\SysNative\drivers\3xHybr64.sys [2010.01.14 11:45:06 | 000,115,168 | ---- | C] (NXP Semiconductors Germany GmbH) -- C:\Windows\SysNative\NXPMV64.dll [2010.01.14 11:31:34 | 000,000,000 | ---D | C] -- C:\Windows\MyInstall [2010.01.07 10:38:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag [2010.01.07 10:37:21 | 000,000,000 | ---D | C] -- C:\Users\Funkstar\AppData\Local\O&O [2010.01.07 10:37:01 | 000,000,000 | ---D | C] -- C:\Programme\OO Software [2010.01.04 22:08:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ontrack [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.02.02 10:41:02 | 002,621,440 | -HS- | M] () -- C:\Users\Funkstar\NTUSER.DAT [2010.02.02 10:37:50 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Funkstar\Desktop\OTL.exe [2010.02.02 10:18:13 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.02.02 10:18:13 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.02.02 10:11:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.02.02 10:10:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.02.02 10:10:32 | 000,044,660 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2010.02.02 10:09:09 | 006,521,003 | -H-- | M] () -- C:\Users\Funkstar\AppData\Local\IconCache.db [2010.02.01 23:14:32 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.01.31 17:55:57 | 000,000,128 | -H-- | M] () -- C:\Windows\€nlsPreferences.dat [2010.01.30 10:53:58 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2010.01.30 10:53:49 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2010.01.30 09:47:21 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010.01.29 19:43:08 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.01.29 19:43:08 | 000,647,138 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.01.29 19:43:08 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.01.29 19:43:08 | 000,127,198 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.01.29 19:43:08 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.01.23 15:11:10 | 000,014,155 | ---- | M] () -- C:\Users\Funkstar\Desktop\Downloads.docx [2010.01.19 22:57:39 | 000,001,535 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.01.14 17:53:09 | 003,729,038 | ---- | M] () -- C:\Users\Funkstar\Desktop\Comedy.png [2010.01.14 17:12:56 | 000,084,896 | ---- | M] () -- C:\Users\Funkstar\AppData\Local\GDIPFONTCACHEV1.DAT [2010.01.14 17:00:44 | 002,946,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.01.07 16:07:06 | 000,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.02.01 23:14:32 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.01.31 17:50:56 | 000,000,128 | -H-- | C] () -- C:\Windows\€nlsPreferences.dat [2010.01.30 11:25:27 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2010.01.30 09:47:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.01.14 17:53:08 | 003,729,038 | ---- | C] () -- C:\Users\Funkstar\Desktop\Comedy.png [2010.01.14 11:31:39 | 000,466,944 | ---- | C] () -- C:\Windows\713xRMT.exe [2010.01.09 15:42:54 | 000,044,660 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor [2010.01.09 09:47:42 | 000,014,155 | ---- | C] () -- C:\Users\Funkstar\Desktop\Downloads.docx [2009.12.18 10:58:28 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll [2009.12.06 15:41:53 | 000,004,608 | ---- | C] () -- C:\Users\Funkstar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.10.23 19:24:08 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2009.10.21 17:02:00 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.10.18 19:49:05 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll [2009.10.18 19:49:05 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl [2009.10.18 19:48:47 | 000,002,641 | ---- | C] () -- C:\Windows\cmudax3.ini [2009.10.18 19:48:47 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg [2009.10.18 19:48:47 | 000,001,085 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi [2009.08.02 23:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.08.02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.08.02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006.01.30 10:15:52 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\b47927a4.dll [2006.01.30 10:15:51 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\684b7eb8.dll [2006.01.30 10:15:51 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\acc07833.dll < End of report > Code:
ATTFilter Extras.txt OTL Extras logfile created on: 02.02.2010 10:39:31 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Funkstar\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 74,00% Memory free 12,00 Gb Paging File | 11,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 84,35 Gb Free Space | 56,63% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 189,53 Gb Free Space | 81,39% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 859,36 Gb Free Space | 92,25% Space Free | Partition Type: NTFS Drive F: | 149,00 Gb Total Space | 141,18 Gb Free Space | 94,75% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GAMING Current User Name: Funkstar Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{20140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 (Beta) "{20140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 (Beta) "{20140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 (Beta) "{20140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 (Beta) "{20140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 (Beta) "{20140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 (Beta) "{20140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 (Beta) "{20140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta) "{20140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta) "{20140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta) "{20140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 (Beta) "{20140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 (Beta) "{20140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 (Beta) "{20140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010 (Beta) "{20140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 (Beta) "{20140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 (Beta) "{20140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 (Beta) "{20140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 (Beta) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64 "{B85B1A3C-E404-44E5-A0E1-C4D0438A49C1}" = Adobe Photoshop Lightroom 2.5 64-bit "{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "C-Media PCI Audio Driver" = C-Media PCI Audio Device "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.0 Build #1205 Banner Remover 0.7 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter "{59679381-3F22-4A40-A7AD-890242D74DF4}" = Plug-in Suite 5 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection "{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4 "{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4 "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner (remove only) "Cinergy T Stick MKII" = Cinergy T Stick MKII V9.06.3.01 "Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete "Dfine 2.0" = Dfine 2.0 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "FileZilla Client" = FileZilla Client "Free Studio_is1" = Free Studio version 4.2 "HijackThis" = HijackThis 2.0.2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "nik Sharpener Pro 2.0 Complete" = nik Sharpener Pro 2.0 Complete "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Orbit_is1" = Orbit Downloader "ReNamer_is1" = ReNamer "Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed "TeamViewer 5" = TeamViewer 5 "Uninstall_is1" = Uninstall "Viveza 2" = Viveza 2 "VLC media player" = VLC media player 1.0.3 "WinLiveSuite_Wave3" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 21.01.2010 20:54:29 | Computer Name = Gaming | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 22.01.2010 04:48:45 | Computer Name = Gaming | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version:, Zeitstempel: 0x4b5102f0 Name des fehlerhaften Moduls: GrabXpcom.dll, Version:, Zeitstempel: 0x4b4c1bac Ausnahmecode: 0x80000003 Fehleroffset: 0x000173c3 ID des fehlerhaften Prozesses: 0x8fc Startzeit der fehlerhaften Anwendung: 0x01ca9b3f3c65cd30 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll Berichtskennung: f2e993fc-0732-11df-9d71-00221574cd63 Error - 26.01.2010 15:36:59 | Computer Name = Gaming | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version:, Zeitstempel: 0x4b5102f0 Name des fehlerhaften Moduls: GrabXpcom.dll, Version:, Zeitstempel: 0x4b4c1bac Ausnahmecode: 0x80000003 Fehleroffset: 0x000173c3 ID des fehlerhaften Prozesses: 0xf60 Startzeit der fehlerhaften Anwendung: 0x01ca9eac4ce17d10 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll Berichtskennung: 2b2cd8a0-0ab2-11df-9d71-00221574cd63 Error - 30.01.2010 05:53:34 | Computer Name = Gaming | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 30.01.2010 06:01:22 | Computer Name = Gaming | Source = Application Hang | ID = 1002 Description = Programm AAWTray.exe, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: cfc Startzeit: 01caa19293bf4760 Endzeit: 1 Anwendungspfad: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe Berichts-ID: 6a768a35-0d86-11df-a3b4-00221574cd63 Error - 30.01.2010 07:25:44 | Computer Name = Gaming | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 30.01.2010 19:30:20 | Computer Name = Gaming | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 31.01.2010 12:50:27 | Computer Name = Gaming | Source = Windows Installer 3.1 | ID = 921877 Description = Error - 31.01.2010 19:30:22 | Computer Name = Gaming | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 01.02.2010 19:30:20 | Computer Name = Gaming | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. [ System Events ] Error - 01.02.2010 16:37:21 | Computer Name = Gaming | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 01.02.2010 16:37:21 | Computer Name = Gaming | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 01.02.2010 16:37:21 | Computer Name = Gaming | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 01.02.2010 16:37:21 | Computer Name = Gaming | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 01.02.2010 16:37:26 | Computer Name = Gaming | Source = DCOM | ID = 10005 Description = Error - 01.02.2010 17:31:39 | Computer Name = Gaming | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143. Error - 02.02.2010 05:09:07 | Computer Name = Gaming | Source = Service Control Manager | ID = 7034 Description = Dienst "Microsoft (r) DispEx" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 02.02.2010 05:09:13 | Computer Name = Gaming | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen Status gemeldet: 32 Error - 02.02.2010 05:11:05 | Computer Name = Gaming | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft (r) DispEx erreicht. Error - 02.02.2010 05:11:17 | Computer Name = Gaming | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143. < End of report > |
