| rundll32.exe in AppData/Local/Temp/59181BMP -> VIRUS ? Hey, erstmal danke für die schnelle Antwort, bevor ich dir die Logfiles gebe ist mir heute morgen noch etwas aufgefallen; Norton hat wieder diese rundll32.exe gefunden, wieder im selben Verzeichnis, allerdings in einem neuen Ordner. Das schlimme daran ist, dass das ganze Verzeichnis (AppData/Local/Temp) nun voll mit dubiosen Ordnern und Programmen ist! Das war gestern noch nicht so!
Hier also die Logfiles:
Nummer 1: Zitat:
OTL logfile created on: 10.04.2010 10:43:05 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Marvin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 518,46 Gb Free Space | 89,99% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,85% Space Free | Partition Type: FAT32
Drive E: | 1,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARVIN-PC
Current User Name: Marvin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal ========== Processes (SafeList) ==========
PRC - C:\Users\Marvin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) ========== Modules (SafeList) ==========
MOD - C:\Users\Marvin\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ==========
SRV - (NeroMediaHomeService.4) -- File not found
SRV - (G Data Tuner Service) -- File not found
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe (Symantec Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) ========== Driver Services (SafeList) ==========
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100408.039\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100408.039\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1106000.020\Ironx86.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1106000.020\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1106000.020\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1106000.020\ccHPx86.sys (Symantec Corporation)
DRV - (VBoxUSB) -- C:\Windows\System32\drivers\VBoxUSB.sys (Sun Microsystems, Inc.)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1106000.020\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1106000.020\SYMEFA.SYS (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100402.001\IDSvix86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1106000.020\SYMDS.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (gmer) -- C:\Windows\System32\drivers\gmer.sys (GMER)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NVR0Dev) -- C:\Windows\nvoclock.sys (NVidia Corp.)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (sonypvs1) -- C:\Windows\System32\drivers\sonypvs1.sys (Sony Corporation)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.gigux.com/?LinkID=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.04.09 10:39:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.04.09 11:19:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.09 14:38:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.09 14:38:07 | 000,000,000 | ---D | M]
[2010.04.09 11:36:59 | 000,000,000 | ---D | M] -- C:\Users\Marvin\AppData\Roaming\mozilla\Extensions
[2010.04.09 11:50:11 | 000,000,000 | ---D | M] -- C:\Users\Marvin\AppData\Roaming\mozilla\Firefox\Profiles\1qd62uoj.default\extensions
[2010.04.09 11:32:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.05 22:38:59 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.05 22:38:59 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.05 22:38:59 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.05 22:38:59 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.05 22:38:59 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System: DisableTaskMgr = 1
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (booyaka.exe) - File not found
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Green Sea Turtle.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.14 11:19:50 | 000,000,076 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{b86638d3-8e1f-11dd-a375-002185692b35}\Shell - "" = AutoRun
O33 - MountPoints2\{b86638d3-8e1f-11dd-a375-002185692b35}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ==========
[2010.11.08 19:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2010.11.08 19:30:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2010.04.09 20:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.04.09 11:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.04.09 11:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.04.09 11:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.04.09 11:46:17 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Local\Adobe
[2010.04.09 11:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.04.09 11:44:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.04.09 11:36:52 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Mozilla
[2010.04.09 11:36:52 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Local\Mozilla
[2010.04.09 11:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.04.09 11:26:17 | 000,044,080 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys
[2010.04.09 10:46:20 | 000,340,016 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\symtdiv.sys
[2010.04.09 10:46:20 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\symds.sys
[2010.04.09 10:46:20 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.sys
[2010.04.09 10:46:20 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.sys
[2010.04.09 10:46:20 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.sys
[2010.04.09 10:46:19 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.sys
[2010.04.09 10:46:19 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NIS\1106000.020\ironx86.sys
[2010.04.09 10:45:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS\1106000.020
[2010.04.09 10:38:49 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010.04.09 10:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.04.09 10:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010.04.09 10:37:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NIS
[2010.04.09 10:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2010.04.09 10:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010.04.08 20:19:56 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\SUPERAntiSpyware.com
[2010.04.08 16:58:22 | 000,000,000 | -HSD | C] -- C:\Users\Marvin\AppData\Roaming\lowsec
[2010.04.06 17:16:57 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Malwarebytes
[2010.04.06 17:16:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.06 17:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.06 17:16:40 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.06 17:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.06 15:30:32 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.04.06 15:30:32 | 011,573,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.04.06 15:30:32 | 004,503,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.04.06 15:30:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.04.06 15:30:32 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.04.06 15:30:29 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.04.06 15:30:29 | 004,029,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.04.06 15:30:29 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.04.06 15:30:29 | 002,009,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.04.06 15:30:29 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1910.dll
[2010.04.06 15:30:29 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.04.06 12:13:32 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\WinRAR
[2010.04.06 12:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.04.06 11:53:44 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Update
[2010.04.01 13:21:17 | 000,123,856 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2010.04.01 13:21:12 | 000,041,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2010.03.31 19:03:07 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Sony Corporation
[2010.03.31 18:53:20 | 000,299,923 | ---- | C] (Sony Corporation) -- C:\Windows\System32\drivers\sonyhcs.sys
[2010.03.31 18:53:20 | 000,102,220 | ---- | C] (Sony Corporation) -- C:\Windows\System32\drivers\sonypvs1.sys
[2010.03.31 18:53:20 | 000,053,248 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SONYHCY.DLL
[2010.03.31 18:53:20 | 000,038,739 | ---- | C] (Sony Corporation) -- C:\Windows\System32\drivers\sonyhcc.sys
[2010.03.31 18:53:20 | 000,006,097 | ---- | C] (Sony Corporation) -- C:\Windows\System32\drivers\sonyhcb.sys
[2010.03.31 18:53:20 | 000,000,000 | ---D | C] -- C:\Drivers
[2010.03.31 18:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010.03.31 18:10:42 | 000,000,000 | ---D | C] -- C:\USB_DRV
[2010.03.31 10:44:55 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.03.31 10:44:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.03.31 10:44:54 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.03.31 10:44:54 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.03.31 10:44:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.03.31 10:44:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.03.31 10:44:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.03.31 10:44:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.03.31 10:44:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.03.31 10:44:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.03.31 10:44:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.03.31 10:44:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.03.31 10:44:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.03.31 10:44:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.03.31 10:44:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.03.28 18:44:12 | 000,297,472 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe
[2010.03.28 15:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Technisat
[2010.03.27 14:00:16 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\vlc
[2010.03.27 13:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.03.26 16:04:07 | 015,821,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imageres.dll
[2010.03.26 14:42:29 | 000,000,000 | ---D | C] -- C:\Users\Marvin\Tracing
[2010.03.25 20:06:30 | 000,099,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2010.03.22 15:52:08 | 000,000,000 | ---D | C] -- C:\Users\Marvin\Documents\Meine empfangenen Dateien
[2010.03.16 02:15:00 | 001,515,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.03.16 02:15:00 | 000,985,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.03.16 02:14:00 | 013,683,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.03.16 02:14:00 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[28 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ==========
[2010.11.08 17:37:14 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00000559.LCS
[2010.04.10 10:42:45 | 004,194,304 | -HS- | M] () -- C:\Users\Marvin\NTUSER.DAT
[2010.04.10 10:40:13 | 001,696,772 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.10 10:40:13 | 000,754,980 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.10 10:40:13 | 000,625,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.10 10:40:13 | 000,194,424 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.10 10:40:13 | 000,125,554 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.10 10:33:59 | 000,052,981 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.04.10 10:33:58 | 000,052,981 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.04.10 10:33:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.04.10 10:33:46 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.10 10:33:42 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.10 10:33:42 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.10 10:33:37 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.10 10:33:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.09 20:24:55 | 000,524,288 | -HS- | M] () -- C:\Users\Marvin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.04.09 20:24:55 | 000,065,536 | -HS- | M] () -- C:\Users\Marvin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.09 20:24:51 | 002,356,606 | -H-- | M] () -- C:\Users\Marvin\AppData\Local\IconCache.db
[2010.04.09 14:38:10 | 000,001,688 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.09 14:25:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.09 13:36:52 | 001,952,374 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\Cat.DB
[2010.04.09 12:49:49 | 000,001,356 | ---- | M] () -- C:\Users\Marvin\AppData\Local\d3d9caps.dat
[2010.04.09 11:49:12 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.04.09 11:19:30 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010.04.09 10:38:03 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010.04.09 10:38:03 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010.04.09 10:38:03 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010.04.06 19:08:36 | 000,029,992 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2010.04.06 19:03:56 | 000,055,624 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2010.04.06 19:03:47 | 000,047,560 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2010.04.06 19:02:28 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2010.04.06 19:02:21 | 000,028,616 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2010.04.06 11:51:59 | 000,000,129 | ---- | M] () -- C:\Users\Marvin\AppData\Roaming\default.pls
[2010.04.05 21:52:50 | 000,000,345 | ---- | M] () -- C:\Users\Marvin\Documents\_8760.htm
[2010.04.04 19:17:16 | 000,025,584 | -H-- | M] () -- C:\Users\Marvin\Desktop\mxfilerelatedcache.mxc2
[2010.03.30 16:48:20 | 000,101,888 | ---- | M] () -- C:\Users\Marvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.28 18:44:32 | 000,000,194 | ---- | M] () -- C:\Windows\win.ini
[2010.03.28 18:44:32 | 000,000,138 | ---- | M] () -- C:\Windows\System32\winrun.sys
[2010.03.27 14:57:47 | 000,001,492 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2010.03.27 02:57:35 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1106000.020\isolate.ini
[2010.03.25 20:06:30 | 000,099,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2010.03.25 20:06:28 | 000,123,856 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2010.03.25 20:06:26 | 000,041,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2010.03.25 14:58:28 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2010.03.16 08:51:59 | 015,227,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.03.16 08:51:59 | 011,647,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.03.16 08:51:59 | 011,573,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.03.16 08:51:59 | 009,386,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.03.16 08:51:59 | 004,503,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.03.16 08:51:59 | 004,029,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.03.16 08:51:59 | 002,646,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.03.16 08:51:59 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.03.16 08:51:59 | 001,296,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.03.16 08:51:59 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2010.03.16 08:51:59 | 000,215,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1910.dll
[2010.03.16 08:51:59 | 000,215,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.03.16 08:51:59 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.03.16 08:51:59 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.03.16 08:51:59 | 000,007,772 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.03.16 02:15:00 | 001,515,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.03.16 02:15:00 | 000,985,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.03.16 02:14:00 | 013,683,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.03.16 02:14:00 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.03.16 02:13:50 | 000,276,196 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010.03.16 02:13:50 | 000,066,714 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010.03.12 11:26:36 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[28 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ==========
[2010.04.09 11:47:36 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.04.09 11:32:26 | 000,001,688 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.09 11:17:52 | 001,952,374 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\Cat.DB
[2010.04.09 10:46:20 | 000,007,787 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnetv.cat
[2010.04.09 10:46:20 | 000,007,444 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.cat
[2010.04.09 10:46:20 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.cat
[2010.04.09 10:46:20 | 000,007,425 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symds.cat
[2010.04.09 10:46:20 | 000,007,368 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnet.cat
[2010.04.09 10:46:20 | 000,003,374 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symefa.inf
[2010.04.09 10:46:20 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symds.inf
[2010.04.09 10:46:20 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnetv.inf
[2010.04.09 10:46:20 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\symnet.inf
[2010.04.09 10:46:20 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtspx.inf
[2010.04.09 10:46:19 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.cat
[2010.04.09 10:46:19 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\iron.cat
[2010.04.09 10:46:19 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.cat
[2010.04.09 10:46:19 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\cchpx86.inf
[2010.04.09 10:46:19 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\srtsp.inf
[2010.04.09 10:46:19 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\iron.inf
[2010.04.09 10:45:56 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NIS\1106000.020\isolate.ini
[2010.04.09 10:38:49 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010.04.09 10:38:49 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010.04.09 10:37:58 | 000,002,177 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010.04.06 15:30:32 | 000,007,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.04.05 21:52:50 | 000,000,345 | ---- | C] () -- C:\Users\Marvin\Documents\_8760.htm
[2010.03.31 18:53:20 | 000,003,654 | ---- | C] () -- C:\Windows\System32\drivers\Sonyhcp.dll
[2010.03.28 18:44:32 | 000,000,138 | ---- | C] () -- C:\Windows\System32\winrun.sys
[2010.03.27 14:56:22 | 000,001,492 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010.03.16 02:13:50 | 000,276,196 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010.03.16 02:13:50 | 000,066,714 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2009.09.12 10:01:55 | 000,076,964 | -H-- | C] () -- C:\Users\Marvin\AppData\Roaming\Cache.mxc3
[2009.09.03 18:03:16 | 000,350,208 | ---- | C] () -- C:\Windows\System32\Rivet200.dll
[2009.08.13 20:31:05 | 000,000,038 | ---- | C] () -- C:\Windows\wwwbatch.ini
[2009.07.14 13:49:23 | 000,002,248 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.05.26 15:07:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.08 19:11:37 | 000,052,981 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.08 19:10:58 | 000,052,981 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.03.29 17:23:16 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2009.03.29 17:20:16 | 000,000,089 | ---- | C] () -- C:\Windows\magix.ini
[2009.03.11 17:42:04 | 000,000,046 | ---- | C] () -- C:\Windows\Speed.INI
[2009.02.21 10:49:55 | 000,000,046 | ---- | C] () -- C:\Windows\Goya.INI
[2009.02.16 16:44:26 | 000,000,052 | ---- | C] () -- C:\Windows\videodeLuxe.INI
[2009.02.13 17:43:15 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009.02.03 15:37:58 | 000,018,944 | ---- | C] () -- C:\Windows\System32\wk32.dll
[2009.02.03 15:37:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\ic32.dll
[2009.01.28 14:37:10 | 000,000,000 | ---- | C] () -- C:\Windows\MusicEditor.INI
[2009.01.27 20:32:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.01.24 16:37:21 | 000,000,483 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.01.09 12:38:19 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2009.01.09 12:38:17 | 000,819,200 | ---- | C] () -- C:\Windows\gmer.dll
[2009.01.03 16:07:20 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.12.02 15:02:13 | 000,000,094 | ---- | C] () -- C:\Users\Marvin\AppData\Local\fusioncache.dat
[2008.12.01 16:50:00 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.10.12 13:14:32 | 000,000,680 | RHS- | C] () -- C:\Users\Marvin\ntuser.pol
[2008.10.05 12:54:24 | 000,030,920 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\UserTile.png
[2008.10.02 21:38:35 | 000,000,129 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\default.pls
[2008.10.02 18:17:55 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.10.01 17:25:16 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.10.01 13:46:06 | 000,000,016 | -H-- | C] () -- C:\Users\Marvin\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.10.01 13:46:06 | 000,000,016 | -H-- | C] () -- C:\Users\Marvin\AppData\Local\mxfilerelatedcache.mxc2
[2008.10.01 13:46:05 | 000,000,016 | -H-- | C] () -- C:\Users\Marvin\mxfilerelatedcache.mxc2
[2008.09.30 14:37:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.09.29 16:08:04 | 000,101,888 | ---- | C] () -- C:\Users\Marvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.29 16:00:49 | 000,001,356 | ---- | C] () -- C:\Users\Marvin\AppData\Local\d3d9caps.dat
[2008.09.29 14:38:12 | 000,000,712 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\wklnhst.dat
[2008.09.29 14:18:56 | 000,524,288 | -HS- | C] () -- C:\Users\Marvin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2008.09.29 14:18:56 | 000,524,288 | -HS- | C] () -- C:\Users\Marvin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2008.09.29 14:18:56 | 000,262,144 | -H-- | C] () -- C:\Users\Marvin\ntuser.dat.LOG1
[2008.09.29 14:18:56 | 000,065,536 | -HS- | C] () -- C:\Users\Marvin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2008.09.29 14:18:56 | 000,000,020 | -HS- | C] () -- C:\Users\Marvin\ntuser.ini
[2008.09.29 14:18:56 | 000,000,000 | -H-- | C] () -- C:\Users\Marvin\ntuser.dat.LOG2
[2008.09.29 14:18:55 | 004,194,304 | -HS- | C] () -- C:\Users\Marvin\NTUSER.DAT
[2008.09.29 14:18:55 | 003,407,872 | -HS- | C] () -- C:\Users\Marvin\ntuser.dat_previous
[2008.08.08 15:49:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.08.08 15:18:39 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2008.02.04 19:23:10 | 000,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2007.03.12 13:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2000.03.29 16:17:42 | 000,005,824 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Windows\System32:Yþvzpctlsp.log
@Alternate Data Stream - 24 bytes -> C:\Windows:70EECF74D560B183
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMPFC5A2B2
@Alternate Data Stream - 142 bytes -> C:\Windows\System32\z:wY8w@ëòt<î²pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32\Pñ:pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32\øó:pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32\ôï:pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32\èò:pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:YSwzUwYSw™÷Ùtœõ‚pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:YßvzávYßv•Ouð¨pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:YòvzôvYòv,ï¬uTîVpctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:YcwzewYcwzˆTvÐô?pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:Y«wz*wY«w¦ŠÉvpõzpctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:Y«wz*wY«w&‘kuðîØpctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:Y$wz&wY$w âuèñ)pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:Y
wzwY
wæuhõpctlsp.log
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:Y wz"wY w(îÎuîæpctlsp.log
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C31F31E6
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
|
Und Nummer 2: Zitat:
OTL Extras logfile created on: 10.04.2010 10:43:05 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Marvin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 518,46 Gb Free Space | 89,99% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,85% Space Free | Partition Type: FAT32
Drive E: | 1,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARVIN-PC
Current User Name: Marvin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.ini [@ = UltraEdit.ini] -- Reg Error: Key error. File not found
.js [@ = UltraEdit.js] -- Reg Error: Key error. File not found
.txt [@ = UltraEdit.txt] -- Reg Error: Key error. File not found ========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UACDisableNotify" = 0
"AntiVirusDisableNotify" =
"AntiVirusOverride" = 0
"FirewallDisableNotify" =
"FirewallOverride" = 0
"FirstRunDisabled" =
"UpdatesDisableNotify" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3363188893-1086369507-2872848387-1001]
"EnableNotificationsRef" = 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0 ========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe:*esigner.exe -- File not found ========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E0652D-2BCC-4E07-ACD5-B2C60239F889}" = protocol=17 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe |
"{03E89599-FA7D-4508-AEF1-47B80C3E0800}" = protocol=6 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"{0DAB37CD-0F57-43EA-8B56-D3BF263CB187}" = protocol=17 | dir=in | app=c:\users\marvin\appdata\local\tversity\media server\mediaserver.exe |
"{11F7B3DE-666F-4177-9DCE-50AEFB2DA882}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1379389A-F84B-478F-A8BF-E135798EB0E2}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{3D783810-222B-40F9-9FBC-B519A68F5608}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3E789509-3A9E-426F-B90E-AF0896AFB1BE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{442021DE-86C4-474C-8B10-D9FFEDC7DC5C}" = protocol=6 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe |
"{4A3F4FA8-2FD7-4AF2-BE48-E2C53EB45200}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{505D01C7-5FC0-40D7-9C62-78E2F780C1F9}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{525598AD-DB9D-471C-A64C-36847661DA8C}" = protocol=6 | dir=in | app=c:\users\marvin\appdata\local\tversity\media server\mediaserver.exe |
"{5548BBD5-4323-4CD5-B8DE-70CA7079C8BB}" = protocol=17 | dir=in | app=c:\program files\winish\updater.exe |
"{584AD010-7F01-4596-BFE2-6036439C8996}" = protocol=6 | dir=in | app=c:\program files\winish\winish.exe |
"{7C9D1B10-4C36-4E39-B5E0-EFE04AEA3796}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{7E8185D8-EE9A-43CF-B632-3B42B031A5CF}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{7E831459-2AD6-405C-BD77-C39BA3025FC3}" = protocol=17 | dir=in | app=c:\program files\winish\winish.exe |
"{8A6AB630-C8F2-4260-A22A-3EC935C1D204}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{988F78B7-C6E1-4F6A-A579-967CB6514C50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0DB5AA1-E0BE-4DAF-8028-8FB664078285}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8155102-E7B6-48BD-B1A0-35C0EA8B10E3}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{BF5548FA-5845-42A2-8BAF-164EAC1623F9}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{CCE14DA4-7382-4FBE-83A0-48D8C0FC8C8F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{D1ADCE55-7446-4955-A471-C740BD01A8A2}" = protocol=6 | dir=in | app=c:\program files\winish\updater.exe |
"{EF03345C-EA76-4A50-8909-EF4C7F46FBCC}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{F68B7273-D598-45B4-A244-4A012AC631B7}" = protocol=17 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"{F85D692A-4F93-4D5B-9E45-B1DE8B46A9D9}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{FAAA7A72-EF7B-49A9-BBED-7FCAA8047788}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"TCP Query User{09F5EF8E-FB05-40C3-A15C-EEEFAE48E133}C:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe" = protocol=6 | dir=in | app=c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe |
"TCP Query User{7C2621D1-B582-4C52-A921-723810E0CD6B}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"TCP Query User{B0075465-59F9-4CF8-A5D4-0AE2A2256C90}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{E7C3AA65-5426-418B-B592-D44D91AC63DD}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{ED461F60-1185-450D-BA72-7C0D22D33EE6}C:\program files\opera 10.50 beta\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"UDP Query User{260E7803-8164-47B5-93D7-D399EF5CAB94}C:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe" = protocol=17 | dir=in | app=c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe |
"UDP Query User{426C976F-9262-4A3B-96AC-488EC063CEF8}C:\program files\opera 10.50 beta\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"UDP Query User{8B7D208C-FF5B-40F0-8EC7-9364A304EB54}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{CE48083F-026D-43E2-812A-69FF931D709B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{DEA0E012-EB81-4F24-A152-F25232D0B1D0}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{629840d3-d87c-4730-9d9e-efe096d028c7}" = Nero MediaHome 4 Trial
"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8 Essentials
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AoE3 Editor Mod" = AoE3 Editor Mod
"CCleaner" = CCleaner
"EPSON Stylus SX200 Series" = Druckerdeinstallation für EPSON Stylus SX200 Series
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"LetsTrade" = LetsTrade Komponenten
"MAGIX Goya burnR D" = MAGIX Goya burnR 2.3.1.3 (D)
"MAGIX Video deluxe 2007 2008 PLUS D" = MAGIX Video deluxe 2007 2008 PLUS 7.0.0.25 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.19.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mediaport" = Mediaport
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3plugin1)" = Mozilla Firefox (3.6.3plugin1)
"NIS" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PROSetDX" = Intel(R) Network Connections 13.0.42.0
"VLC media player" = VLC media player 1.0.5 ========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.07.2009 03:26:36 | Computer Name = Marvin-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 11.07.2009 11:41:37 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.07.2009 03:03:16 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.07.2009 03:07:14 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.07.2009 08:43:55 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.07.2009 13:51:07 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.07.2009 03:42:52 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.07.2009 08:45:56 | Computer Name = Marvin-PC | Source = Application Hang | ID = 1002
Description = Programm gta-vc.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 14c8 Anfangszeit: 01ca03b622fdf7d5 Zeitpunkt der Beendigung:
27
Error - 13.07.2009 14:16:46 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.07.2009 04:09:43 | Computer Name = Marvin-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 16.02.2009 12:33:44 | Computer Name = Marvin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 901 seconds with 600 seconds of active time. This session ended with a crash.
Error - 21.02.2009 07:36:51 | Computer Name = Marvin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 33 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.04.2010 13:45:29 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 09.04.2010 13:45:29 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.04.2010 13:45:29 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.04.2010 13:45:29 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.04.2010 13:45:29 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 10.04.2010 04:34:09 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10.04.2010 04:34:09 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.04.2010 04:34:09 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.04.2010 04:34:09 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.04.2010 04:34:09 | Computer Name = Marvin-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
|
Danke schon mal im Vorraus!
__________________ |