Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Antimalware Doctor lässt sich nicht entfernen

Antimalware Doctor lässt sich nicht entfernen


Plagegeister aller Art und deren Bekämpfung: Antimalware Doctor lässt sich nicht entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.05.2010, 19:50   #1
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Hallo,

ich bin total erleichtert, dass ich dieses Forum gefunden habe und möchte mich an dieser Stelle schonmal im Voraus für eure Hilfe bedanken.

ich habe mir den Antimalware Doctor eingefangen und werde ihn trotz der vielen Anleitungen im Netz leider nicht mehr los. Malwarebytes hat mein System mehrmals gescannt und auch mehre Bedrohungen gefunden und gelöscht. Spyware Doctor ebenso (hat aber keine Log-File erstellt). Den Antimalware Doctor hat das aber leider wenig beeindruckt. Vor dem Scan habe ich mehrmals Rkill ausgeführt. Das Programm RSIT ist leider mit der Fehlermeldung "Error: Variable used without being declared" abgestürzt und konnte kein Log-File erstellen.
Den CC Cleaner habe ich ebenso ausgeführt.

Hier ist der Code von Malware Bytes:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4065

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05.05.2010 20:26:00
mbam-log-2010-05-05 (20-26-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|I:\|J:\|K:\|L:\|)
Durchsuchte Objekte: 874573
Laufzeit: 1 Stunde(n), 17 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
, der Code von RKill
Code:
ATTFilter
This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 
Ran as Pierre on 05.05.2010 at 21:00:38. 


Processes terminated by Rkill or while it was running: 


C:\Users\Pierre\AppData\Roaming\0341DBC05260C44F2CC57CEECF978A5F\gotnewupdate.exe
C:\Users\Pierre\AppData\Local\Temp\Rar$EX09.016\osam.exe
C:\Users\Pierre\Downloads\rkill.com


Rkill completed on 05.05.2010  at 21:00:42.
Das Programm OSAM stürzt auch leider nach dem fünften "Next" ab.


Aja, falls es von Bedeutung ist, ich benutze Windows 7 64 BIT.

Vielen, vielen Dank. Ich hoffe, ich habe erstmal alles richtig gemacht und hoffe auf rasche Hilfe.

Viele Grüße,

Pierre
Geändert von pierrehansen (05.05.2010 um 20:06 Uhr)

Alt 06.05.2010, 15:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Hallo und


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 10.05.2010, 07:52   #3
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Hallo Arne,

Vielen Dank für deine Antwort und deine Hilfestellung. Ein anderes Forum Mitglied hat mir einen Link genannt, unter dem es ein Tool gibt, welches den Doctor automatisch entfernt. Und dies scheint geklappt zu haben. Der Doctor meldet sich nicht mehr. Dies ist der Link: hxxp://net-studio.org/fra/patch/patch/243.html?task=view

Ich warte jetzt erstmal ab ob sich auch wirklich nichts tut. Falls nicht, kann es sein, dass ich mich nochmal melde.

Besten Dank. Viele Grüße,

Pierre
__________________
Alt 10.05.2010, 11:51   #4
Anjali72
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Zitat:
Zitat von pierrehansen Beitrag anzeigen
Ein anderes Forum Mitglied hat mir einen Link genannt, unter dem es ein Tool gibt, welches den Doctor automatisch entfernt. Und dies scheint geklappt zu haben. Der Doctor meldet sich nicht mehr. Dies ist der Link: hxxp://net-studio.org/fra/patch/patch/243.html?task=view

Pierre
Lieber Pierre! Ich hatte drei Tage lang dasselbe Problem und hier in einem Thread auch um Hilfe gebeten. Habe dann heute Deinen Post entdeckt und sofort den Link probiert. Auch bei mir meldet sich der "Doctor" seither nicht mehr! Also vielen lieben Dank für Deinen Hinweis und ich hoffe echt, dass die Ruhe auf meinem PC von Dauer ist!!! Danke und liebe Grüße, Anja

Alt 10.05.2010, 12:54   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Removaltools schön und gut, aber allein darauf zu bauen ohne hinterher noch Logfiles wenigstens zu checken ist ein wenig fahrlässig.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.05.2010, 13:39   #6
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Hallo Arne,

danke für deine Antwort. Deine Zweifel nehm ich mir zu Herzen.

Ich werde beide Logfiles auf zwei Antworten verteilen müssen, da sie zusammen zu lang sind.

Zuerst die Extras-Log:
Code:
ATTFilter
OTL Extras logfile created on: 10.05.2010 14:19:12 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Pierre\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 21,00% Memory free
16,00 Gb Paging File | 9,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 5,87 Gb Free Space | 7,89% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 43,43 Gb Free Space | 4,66% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 32,32 Gb Free Space | 5,42% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 465,76 Gb Total Space | 28,14 Gb Free Space | 6,04% Space Free | Partition Type: NTFS
 
Computer Name: PIERRE-PC
Current User Name: Pierre
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Pierre\AppData\Local\Temp\EULA.exe" = C:\Users\Pierre\AppData\Local\Temp\EULA.exe:*:Enabled:Windows Messanger -- File not found
"C:\Users\Pierre\AppData\Roaming\\fdgfdgdf.exe" = C:\Users\Pierre\AppData\Roaming\\fdgfdgdf.exe:*:Enabled:Windows Messanger -- File not found
"C:\Users\Pierre\AppData\Local\Temp\msiecomm.exe" = C:\Users\Pierre\AppData\Local\Temp\msiecomm.exe:*:Enabled:Windows Messanger -- File not found
"C:\Users\Pierre\AppData\Local\Temp\EULA.exe" = C:\Users\Pierre\AppData\Local\Temp\EULA.exe:*:Enabled:Windows Messanger -- File not found
"C:\Users\Pierre\AppData\Roaming\\fdgfdgdf.exe" = C:\Users\Pierre\AppData\Roaming\\fdgfdgdf.exe:*:Enabled:Windows Messanger -- File not found
"C:\Users\Pierre\AppData\Local\Temp\msiecomm.exe" = C:\Users\Pierre\AppData\Local\Temp\msiecomm.exe:*:Enabled:Windows Messanger -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4CE36E6A-300B-427C-BEC7-B261CC13814E}" = iTunes
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67e13682-a5ba-4f12-ac10-4b41eacb82da}" = Native Instruments Alicias Keys
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}" = Steinberg HALionOne 64bit
"{7523EFAC-5445-4E89-BD90-84E0D0110690}" = Adobe Photoshop Lightroom 2.6 64-bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8A9065DA-0293-41DA-A349-16E1A2605F64}" = Steinberg Cubase 5 64bit
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CA4AF936-3312-4AF4-A191-527531490DCD}" = Apple Mobile Device Support
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D799CC16-F3B5-468D-AC67-6F77AAA98173}" = Native Instruments Komplete 6
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Automap Universal_is1" = Automap 3.4.1
"FIREFACE" = RME Fireface
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 1.7
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Vienna Ensemble Pro_is1" = Vienna Ensemble Pro 4.0
"Vienna Ensemble_is1" = Vienna Ensemble 2.0
"Vienna Instruments_is1" = Vienna Instruments 2.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{218AA20E-F016-4385-9F74-04FF8E596FB2}" = SampleMoog
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5F9D5D04-C756-4B4A-9ADF-37F7D8EB1E87}" = ARC System
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65AA5B18-A330-4F35-BCDF-EA85EC888906}" = AVOX Evo VST
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92E9E482-F45A-4C10-B3B0-06C785826E74}" = LiquidInstrumentVst 1.0
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D623E1A-30E1-4E55-BD80-5C1359DB120B}" = Melodyne 3.1
"{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}" = Melodyne 3.1
"{A2453C21-B185-437A-933D-EAFC19D0E2D2}" = LiquidInstrumentVst 1.0
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_932" = Adobe Acrobat 9.3.2 - CPSID_53951
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4691C58-2A6A-4AFA-960E-AEB767639E44}" = PCM Native Reverb VST Plug-in
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7DAD844-34CD-456B-83CC-88065323DD69}" = WordBuilder
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EEE8DED0-8DCF-492A-865D-C20964420BE5}" = M-Tron Pro
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1" = Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
"Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1" = Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
"Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1" = Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
"Adobe AIR" = Adobe AIR
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Akamai" = Akamai NetSession Interface
"AudioEase Altiverb VST RTAS_is1" = AudioEase Altiverb VST RTAS v6.10
"AudioEase Speakersphone VST RTAS_is1" = AudioEase Speakersphone VST RTAS v1.03
"Automap Universal ReWire_is1" = Automap ReWire 1.0
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BBE Sonic Sweet Bundle VST RTAS_is1" = BBE Sonic Sweet Bundle VST RTAS v1.0
"Blow Up 2" = Alien Skin Blow Up 2
"Bokeh" = Alien Skin Bokeh
"Brainworx BX Digital VST RTAS_is1" = Brainworx BX Digital VST RTAS v2.0.2
"Browser Defender_is1" = Browser Defender 2.0.6.15
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dfine 2.0" = Dfine 2.0
"East West EWQLSO Gold Edition" = East West EWQLSO Gold Edition
"East West Symphonic Choirs" = East West Symphonic Choirs
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Exposure 2" = Alien Skin Exposure 2
"FabFilter Timeless VST RTAS_is1" = FabFilter Timeless VST RTAS v2.00
"Firebird SQL Server UK" = Firebird SQL Server - MAGIX Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"HijackThis" = HijackThis 2.0.2
"iZotope Alloy_is1" = iZotope Alloy
"iZotope RX_is1" = iZotope RX
"iZotope Spectron_is1" = iZotope Spectron
"JBridge" = JBridge
"JDownloader" = JDownloader
"Lexicon PSP 42 1.5.3 32bit" = Lexicon PSP 42 1.5.3 32bit
"Magic Bullet Suite 2.0" = Magic Bullet Suite 2.0
"Magic ISO Maker v5.5 (build 0274)" = Magic ISO Maker v5.5 (build 0274)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Moog Modular V 2_is1" = Moog Modular V 2.5
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Alicias Keys" = Native Instruments Alicias Keys
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Komplete 6" = Native Instruments Komplete 6
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Service Center" = Native Instruments Service Center
"Oddity" = GForce - Oddity
"PCM Native Reverb VST Plug-in" = PCM Native Reverb VST Plug-in
"Project SAM Symphobia_is1" = Project SAM Symphobia 1.0
"PSP MixPack2 2.0.3" = PSP MixPack2 2.0.3
"PSP Nitro 1.1.2" = PSP Nitro 1.1.2
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Rob Papen Albino 3" = Rob Papen Albino 3
"Roger Nichols Digital SIGNATURE Bundle VST RTAS_is1" = Roger Nichols Digital SIGNATURE Bundle VST RTAS v1.9.3
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Silver Efex Pro" = Silver Efex Pro
"Snap Art 2" = Alien Skin Snap Art 2
"SoundToys Native Effects VST RTAS_is1" = SoundToys Native Effects VST RTAS v3.1.2
"SPL Analog Code EQ Rangers Volume One VST RTAS_is1" = SPL Analog Code EQ Rangers Volume One VST RTAS v1.2
"SPL Analog Code Transient Designer VST RTAS_is1" = SPL Analog Code Transient Designer VST RTAS v1.2
"SPL Analog Code TwinTube Processor VST RTAS_is1" = SPL Analog Code TwinTube Processor VST RTAS v1.2
"SPL Analog Code Vitalizer MK2-T VST RTAS_is1" = SPL Analog Code Vitalizer MK2-T VST RTAS v1.2
"Spyder3Pro" = Spyder3Pro
"Spyware Doctor" = Spyware Doctor 7.0
"Tassman 4" = Applied Acoustics Systems - Tassman 4 v4.1.3
"Tone2 BiFilter2_is1" = BiFilter v2.2
"Tone2 FilterBank3_is1" = FilterBank v3.2
"Tone2 FireBird+_is1" = FireBird+ v1.9
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Tone2 Warmverb multi-FX full_is1" = Tone2 Warmverb multi-FX full
"Uninstall_is1" = Uninstall 1.0.0.1
"Vember Audio SURGE" = Vember Audio SURGE
"Virsyn Tera VSTi RTAS_is1" = Virsyn Tera VSTi RTAS v3.2.1
"Viveza" = Viveza
"VLC media player" = VLC media player 1.0.5
"VoipStunt_is1" = VoipStunt
"Waldorf Largo" = Waldorf Largo
"WaveLabPro" = WaveLab 6
"Waves API Collection" = Waves API Collection
"Waves Mercury Complete VST DX RTAS_is1" = Waves Mercury Complete VST DX RTAS v1.01
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.05.2010 07:29:26 | Computer Name = Pierre-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.05.2010 07:29:26 | Computer Name = Pierre-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15497719
 
Error - 05.05.2010 07:29:26 | Computer Name = Pierre-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15497719
 
Error - 05.05.2010 08:49:56 | Computer Name = Pierre-PC | Source = Application Hang | ID = 1002
Description = Programm gotnewupdate.exe, Version 0.1.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 954    Startzeit: 
01caec5105b5b602    Endzeit: 0    Anwendungspfad: C:\Users\Pierre\AppData\Roaming\0341DBC05260C44F2CC57CEECF978A5F\gotnewupdate.exe

Berichts-ID:
 b31d7bb4-5844-11df-9af1-0025221ec7a8  
 
Error - 05.05.2010 14:59:40 | Computer Name = Pierre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: osam.exe, Version: 5.0.11922.0, Zeitstempel:
 0x4ab3b1aa  Name des fehlerhaften Moduls: smum32.dll, Version: 7.0.0.11, Zeitstempel:
 0x4b85aea8  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00001957  ID des fehlerhaften Prozesses:
 0xc0c  Startzeit der fehlerhaften Anwendung: 0x01caec84f3cbc034  Pfad der fehlerhaften
 Anwendung: C:\Users\Pierre\AppData\Local\Temp\Rar$EX01.922\osam.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Spyware Doctor\smum32.dll  Berichtskennung: 5b3421b3-5878-11df-b96e-0025221ec7a8
 
Error - 05.05.2010 15:02:28 | Computer Name = Pierre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: osam.exe, Version: 5.0.11922.0, Zeitstempel:
 0x4ab3b1aa  Name des fehlerhaften Moduls: smum32.dll, Version: 7.0.0.11, Zeitstempel:
 0x4b85aea8  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00001957  ID des fehlerhaften Prozesses:
 0xa24  Startzeit der fehlerhaften Anwendung: 0x01caec856f350b33  Pfad der fehlerhaften
 Anwendung: C:\Users\Pierre\AppData\Local\Temp\Rar$EX22.984\osam.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Spyware Doctor\smum32.dll  Berichtskennung: bf2225ac-5878-11df-b96e-0025221ec7a8
 
Error - 10.05.2010 05:19:26 | Computer Name = Pierre-PC | Source = Application Hang | ID = 1002
Description = Programm Cubase5.exe, Version 5.1.1.120 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 108    Startzeit: 
01caf0111537e657    Endzeit: 1499    Anwendungspfad: C:\Program Files (x86)\Steinberg\Cubase
 5\Cubase5.exe    Berichts-ID: 1c5c2249-5c15-11df-932a-0025221ec7a8  
 
Error - 10.05.2010 05:24:08 | Computer Name = Pierre-PC | Source = Application Hang | ID = 1002
Description = Programm Cubase5.exe, Version 5.1.1.120 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e08    Startzeit: 
01caf021e3d48d60    Endzeit: 26    Anwendungspfad: C:\Program Files (x86)\Steinberg\Cubase
 5\Cubase5.exe    Berichts-ID: c7e5428a-5c15-11df-932a-0025221ec7a8  
 
Error - 10.05.2010 05:24:36 | Computer Name = Pierre-PC | Source = Application Hang | ID = 1002
Description = Programm ViennaEnsemble_x64.exe, Version 0.0.0.0 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 12ec    Startzeit: 01caf00d6b95bc9c    Endzeit: 0    Anwendungspfad: 
C:\Program Files\Vienna Ensemble\ViennaEnsemble_x64.exe    Berichts-ID:   
 
Error - 10.05.2010 08:15:12 | Computer Name = Pierre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16450,
 Zeitstempel: 0x4aebab8d  Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16532,
 Zeitstempel: 0x4b7cf381  Ausnahmecode: 0xc000041d  Fehleroffset: 0x00000000000999a8
ID
 des fehlerhaften Prozesses: 0x86c  Startzeit der fehlerhaften Anwendung: 0x01caf00c59491fde
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\SHELL32.dll  Berichtskennung: ae9ec8c9-5c2d-11df-932a-0025221ec7a8
 
[ System Events ]
Error - 06.05.2010 05:00:29 | Computer Name = Pierre-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 06.05.2010 05:00:29 | Computer Name = Pierre-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 06.05.2010 05:00:29 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:29 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.05.2010 05:00:30 | Computer Name = Pierre-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >

Alt 10.05.2010, 13:40   #7
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


...und die OTL Logfile

Code:
ATTFilter
OTL logfile created on: 10.05.2010 14:19:12 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Pierre\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 21,00% Memory free
16,00 Gb Paging File | 9,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 5,87 Gb Free Space | 7,89% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 43,43 Gb Free Space | 4,66% Space Free | Partition Type: NTFS
Drive E: | 596,16 Gb Total Space | 32,32 Gb Free Space | 5,42% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 465,76 Gb Total Space | 28,14 Gb Free Space | 6,04% Space Free | Partition Type: NTFS
 
Computer Name: PIERRE-PC
Current User Name: Pierre
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\SysWow64\firefacemix.exe File not found
PRC - C:\Windows\SysWow64\fireface.exe File not found
PRC - C:\Users\Pierre\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files (x86)\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files (x86)\Novation\Automap\MidiAutomapClient.exe ()
PRC - C:\Program Files (x86)\Novation\Automap\AutomapServer.exe (Novation DMS Ltd.)
PRC - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Programme\Vienna Ensemble Pro\vsldaemon.exe ()
PRC - C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe (Steinberg Media Technologies)
PRC - C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe (VoipStunt)
PRC - C:\PROGRA~2\ELICEN~1\POS\SYNSOPOS.exe (Steinberg Media Technologies GmbH)
PRC - C:\Program Files (x86)\WinRAR\WinRAR.exe ()
PRC - C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Pierre\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Spyware Doctor\smum32.dll (PC Tools)
MOD - C:\Program Files (x86)\Spyware Doctor\pctgmhk.dll (PC Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll ()
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (sdCoreService) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (ASTSRV) -- C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (fireface) Service for Fireface (WDM) -- C:\Windows\SysNative\drivers\fireface_64.sys (RME)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (automap) -- C:\Windows\SysNative\drivers\automap.sys (Novation Digital Music Systems Limited)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (synusb64) -- C:\Windows\SysNative\drivers\synusb64.sys (Steinberg Media Technologies GmbH)
DRV:64bit: - (RTL8187B) RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) -- C:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Spyder3) -- C:\Windows\SysNative\drivers\Spyder3.sys ()
DRV - (adfs) -- C:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 C5 EB 28 35 C0 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.05 20:33:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.15 14:20:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.04.05 20:34:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.04.05 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\mozilla\Extensions
[2010.04.05 20:34:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pierre\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.02.26 16:41:01 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\jxs9sop4.default\extensions
[2010.05.10 08:56:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.03.05 10:52:17 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.02.26 17:21:15 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [FirefaceMixTray] C:\Windows\SysNative\firefacemix.exe (RME)
O4:64bit: - HKLM..\Run: [FirefaceTray] C:\Windows\SysNative\fireface.exe (RME)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [RegistryMechanic]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk E:\
O32 - AutoRun File - [2010.02.26 10:52:33 | 000,000,000 | ---- | M] () - L:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.05 20:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.05.05 20:33:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.05 14:25:57 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010.05.05 14:25:57 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010.05.05 14:25:57 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010.05.05 14:04:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Uniblue
[2010.05.05 13:59:40 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2010.05.05 13:59:40 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2010.05.05 13:59:39 | 000,233,488 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2010.05.05 13:59:37 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2010.05.05 13:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2010.05.05 13:59:25 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\PC Tools
[2010.05.05 13:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.05.05 13:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2010.05.05 13:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.05.04 16:30:23 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Malwarebytes
[2010.05.04 16:29:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.05.04 16:29:25 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.05.04 16:29:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.05.04 16:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.04 16:02:10 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\0341DBC05260C44F2CC57CEECF978A5F
[2010.05.03 14:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010.05.02 11:03:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundPerformanceLab
[2010.04.29 22:05:50 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Waldorf
[2010.04.29 09:04:26 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\MeldaProduction MFreeformEqualizer
[2010.04.29 09:01:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\MeldaProduction MAutoEqualizer
[2010.04.29 09:00:49 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\112dB
[2010.04.29 08:07:31 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.04.29 08:07:31 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010.04.29 08:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MTexturedStyles
[2010.04.25 15:49:26 | 000,000,000 | ---D | C] -- C:\Trilian
[2010.04.22 00:59:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WLAN
[2010.04.22 00:59:12 | 000,000,000 | ---D | C] -- C:\Users\Pierre\Desktop\DVD COVER
[2010.04.21 19:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brainworx Music
[2010.04.20 17:02:30 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Avira
[2010.04.20 08:50:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Blue Cat Audio
[2010.04.20 08:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IK Multimedia
[2010.04.19 18:58:37 | 000,000,000 | ---D | C] -- C:\Programme\Cakewalk
[2010.04.19 18:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spectrasonics
[2010.04.19 15:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\KORG
[2010.04.19 15:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KORG
[2010.04.19 15:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scanned Synth Pro
[2010.04.19 14:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirSyn Software Synthesizer
[2010.04.16 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSPaudioware
[2010.04.15 22:38:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.04.15 15:43:39 | 000,000,000 | ---D | C] -- C:\AdobeTemp
[2010.04.15 14:21:19 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2010.04.15 10:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\reFX
[2010.04.14 21:01:49 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.14 21:01:49 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 21:01:48 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.14 21:01:48 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.14 21:01:48 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.14 13:14:18 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 13:14:18 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 13:14:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 13:14:18 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.13 22:21:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A518DCBE-06AD-461B-8F2E-C53AA3525C15}
[2010.04.13 22:20:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8BFD9D89-5EBF-4CAE-AA58-6AE68629BA0B}
[2010.04.13 20:24:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Waves
[2010.04.13 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Waves Audio
[2010.04.13 18:57:28 | 000,000,000 | ---D | C] -- C:\Audio
[2010.04.13 18:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2010.04.13 16:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2010.04.12 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arturia
[2010.04.12 15:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RNDigital
[2010.04.12 14:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SoundToys
[2010.04.12 14:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\VST3 Presets
[2010.04.12 14:46:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundToys
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.10 14:21:18 | 005,242,880 | -HS- | M] () -- C:\Users\Pierre\NTUSER.DAT
[2010.05.10 13:49:24 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
[2010.05.10 13:49:24 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.05.10 13:49:24 | 000,000,087 | ---- | M] () -- C:\Windows\SysWow64\ssprs.tgz
[2010.05.10 13:49:24 | 000,000,073 | ---- | M] () -- C:\Windows\SysWow64\ssprs.dll
[2010.05.10 13:49:24 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2010.05.10 11:25:04 | 000,000,095 | ---- | M] () -- C:\ProgramData\VSL.ini
[2010.05.10 11:25:01 | 000,000,110 | ---- | M] () -- C:\ProgramData\.vslensemble64_path
[2010.05.10 08:52:57 | 000,000,100 | ---- | M] () -- C:\ProgramData\.vsldaemon_path
[2010.05.10 08:52:31 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.10 08:52:31 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.10 08:51:33 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.05.10 08:51:33 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.05.10 08:51:33 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.05.10 08:51:33 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.05.10 08:51:33 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.05.10 08:45:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.10 08:45:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.10 08:45:08 | 2140,446,719 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.06 11:26:16 | 002,122,245 | -H-- | M] () -- C:\Users\Pierre\AppData\Local\IconCache.db
[2010.05.06 11:16:21 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Lightroom 2.6 64-Bit.lnk
[2010.05.06 11:16:21 | 000,000,874 | ---- | M] () -- C:\Users\Pierre\Desktop\Adobe Photoshop CS4 (64 Bit).lnk
[2010.05.06 11:16:11 | 021,157,613 | ---- | M] () -- C:\Users\Pierre\Desktop\Paul nicht so schön (1 von 1).psd
[2010.05.06 11:16:03 | 000,416,322 | ---- | M] () -- C:\Users\Pierre\Desktop\Paul mal anders.jpg
[2010.05.05 13:59:40 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010.05.04 15:56:31 | 000,035,175 | ---- | M] () -- C:\Users\Pierre\Desktop\rapidshare.rtf
[2010.05.04 12:02:06 | 000,256,550 | ---- | M] () -- C:\Users\Pierre\Desktop\Moderatoren.pdf
[2010.05.04 10:00:05 | 000,023,552 | ---- | M] () -- C:\Users\Pierre\Desktop\Sascha Georges und Co..doc
[2010.05.04 09:59:48 | 000,036,591 | ---- | M] () -- C:\Users\Pierre\Desktop\Sascha Georges und Co..rtf
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.27 10:47:57 | 053,747,530 | ---- | M] () -- C:\Users\Pierre\Desktop\Test Motion Tracking.avi
[2010.04.22 00:43:40 | 000,000,032 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss
[2010.04.22 00:43:40 | 000,000,032 | ---- | M] () -- C:\Windows\SysWow64\msvcsv60.dll
[2010.04.22 00:43:40 | 000,000,032 | ---- | M] () -- C:\Windows\msocreg32.dat
[2010.04.20 21:54:35 | 000,000,908 | ---- | M] () -- C:\Users\Pierre\Desktop\Stylus RMX SAGE Converter.lnk
[2010.04.15 21:30:25 | 000,000,700 | ---- | M] () -- C:\Users\Pierre\Desktop\Der Solist - Verknüpfung.lnk
[2010.04.15 15:41:27 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\drivers\adfs.sys
[2010.04.15 15:41:27 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysNative\drivers\adfs.sys
[2010.04.15 10:46:28 | 000,000,162 | -H-- | M] () -- C:\Users\Pierre\Desktop\~$nchronisations-Einstellungen in Cubase.rtf
[2010.04.14 13:13:47 | 000,000,000 | -H-- | M] () -- C:\Users\Pierre\AppData\Roaming\.E69B6F92ABB8C36B.sys
[2010.04.14 13:09:52 | 000,000,847 | ---- | M] () -- C:\Users\Pierre\Desktop\jBridger.lnk
[2010.04.14 10:03:19 | 047,262,363 | ---- | M] () -- C:\Users\Pierre\Desktop\Synchronisations-Einstellungen in Cubase.rtf
[2010.04.13 18:41:13 | 000,002,136 | ---- | M] () -- C:\Users\Pierre\Desktop\Cubase 5.lnk
[2010.04.13 09:43:38 | 000,951,808 | ---- | M] () -- C:\Users\Pierre\Desktop\Antimalware_Doctor_Removal_Tool.exe
[2010.04.12 23:45:51 | 000,353,571 | ---- | M] () -- C:\Users\Pierre\Test Audio to Midi.cpr
[2010.04.12 23:27:38 | 000,357,997 | ---- | M] () -- C:\Users\Pierre\Test Audio to Midi.bak
[2010.04.12 23:11:30 | 000,301,287 | ---- | M] () -- C:\Users\Pierre\Test Audio to Midi-02.bak
[2010.04.12 22:55:34 | 000,301,011 | ---- | M] () -- C:\Users\Pierre\Test Audio to Midi-03.bak
[2010.04.12 20:53:23 | 000,340,978 | ---- | M] () -- C:\Users\Pierre\Spur 1_1.wav.mdd
[2010.04.12 20:53:22 | 006,037,548 | ---- | M] () -- C:\Users\Pierre\Spur 1_1.wav
[2010.04.11 17:27:51 | 000,128,176 | ---- | M] () -- C:\Users\Pierre\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.11 17:04:30 | 003,030,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.11 16:51:11 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
 
========== Files Created - No Company Name ==========
 
[2010.05.06 11:15:58 | 000,416,322 | ---- | C] () -- C:\Users\Pierre\Desktop\Paul mal anders.jpg
[2010.05.06 10:59:00 | 000,951,808 | ---- | C] () -- C:\Users\Pierre\Desktop\Antimalware_Doctor_Removal_Tool.exe
[2010.05.05 14:25:57 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010.05.05 14:25:57 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010.05.05 14:25:57 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010.05.05 14:25:57 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010.05.05 14:25:57 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010.05.05 13:59:40 | 000,007,357 | ---- | C] () -- C:\Windows\SysNative\drivers\pctgntdi64.cat
[2010.05.05 13:59:39 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctcore64.cat
[2010.05.05 13:59:38 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010.05.05 13:59:37 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctplsg64.cat
[2010.05.04 15:50:14 | 000,035,175 | ---- | C] () -- C:\Users\Pierre\Desktop\rapidshare.rtf
[2010.05.04 11:56:29 | 000,256,550 | ---- | C] () -- C:\Users\Pierre\Desktop\Moderatoren.pdf
[2010.05.04 10:00:05 | 000,023,552 | ---- | C] () -- C:\Users\Pierre\Desktop\Sascha Georges und Co..doc
[2010.05.03 12:36:19 | 000,036,591 | ---- | C] () -- C:\Users\Pierre\Desktop\Sascha Georges und Co..rtf
[2010.04.27 10:47:55 | 053,747,530 | ---- | C] () -- C:\Users\Pierre\Desktop\Test Motion Tracking.avi
[2010.04.19 18:58:39 | 000,000,908 | ---- | C] () -- C:\Users\Pierre\Desktop\Stylus RMX SAGE Converter.lnk
[2010.04.15 21:30:28 | 000,000,700 | ---- | C] () -- C:\Users\Pierre\Desktop\Der Solist - Verknüpfung.lnk
[2010.04.15 10:46:28 | 000,000,162 | -H-- | C] () -- C:\Users\Pierre\Desktop\~$nchronisations-Einstellungen in Cubase.rtf
[2010.04.14 13:13:47 | 000,000,000 | -H-- | C] () -- C:\Users\Pierre\AppData\Roaming\.E69B6F92ABB8C36B.sys
[2010.04.13 18:41:13 | 000,002,136 | ---- | C] () -- C:\Users\Pierre\Desktop\Cubase 5.lnk
[2010.04.12 23:45:51 | 000,353,571 | ---- | C] () -- C:\Users\Pierre\Test Audio to Midi.cpr
[2010.04.12 22:55:34 | 000,357,997 | ---- | C] () -- C:\Users\Pierre\Test Audio to Midi.bak
[2010.04.12 22:55:34 | 000,301,287 | ---- | C] () -- C:\Users\Pierre\Test Audio to Midi-02.bak
[2010.04.12 22:55:34 | 000,301,011 | ---- | C] () -- C:\Users\Pierre\Test Audio to Midi-03.bak
[2010.04.12 20:53:23 | 000,340,978 | ---- | C] () -- C:\Users\Pierre\Spur 1_1.wav.mdd
[2010.04.12 20:52:47 | 006,037,548 | ---- | C] () -- C:\Users\Pierre\Spur 1_1.wav
[2010.04.12 15:58:35 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2010.04.09 22:02:37 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2010.03.31 22:02:34 | 000,491,520 | ---- | C] () -- C:\Windows\SysWow64\libencdec.dll
[2010.03.13 16:29:55 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mdll32.dll
[2010.03.13 16:23:20 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.03.13 16:22:09 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.03.11 17:12:17 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.03.11 17:12:17 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2010.03.11 17:12:17 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2010.03.11 17:12:17 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.03.11 17:12:17 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2010.03.11 17:12:17 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2010.03.04 14:06:43 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.12.08 14:58:14 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\FxShared.dll
[2006.12.08 03:52:50 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\com.fxpansion.fxshared.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 258 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
Vielen vielen Dank!

Pierre

Alt 10.05.2010, 13:49   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
PRC - C:\Windows\SysWow64\firefacemix.exe File not found
PRC - C:\Windows\SysWow64\fireface.exe File not found
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll ()
O1 - Hosts: 127.0.0.1				activate.adobe.com
[2010.04.14 13:13:47 | 000,000,000 | -H-- | M] () -- C:\Users\Pierre\AppData\Roaming\.E69B6F92ABB8C36B.sys
[2010.05.05 14:25:57 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.05.2010, 17:32   #9
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Hallo Arne,

OTL stürzt leider ab. Er bleibt stehen, wenn in der untersten Zeile:

Processing PRC - C:\Windows\SysWow64\firefacemix.exe

steht. Kann es daran liegen, dass Avira noch läuft?

Grüße,

Pierre

Alt 10.05.2010, 19:56   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Probiers mit diesem Text:

Code:
ATTFilter
:OTL
[2010.04.14 13:13:47 | 000,000,000 | -H-- | M] () -- C:\Users\Pierre\AppData\Roaming\.E69B6F92ABB8C36B.sys
[2010.05.05 14:25:57 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
:Commands
[purity]
[resethosts]
[emptytemp]
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.05.2010, 15:24   #11
pierrehansen
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Diesmal hats geklappt.

Code:
ATTFilter
All processes killed
========== OTL ==========
C:\Users\Pierre\AppData\Roaming\.E69B6F92ABB8C36B.sys moved successfully.
C:\Windows\IDB.zip moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Pierre
->Temp folder emptied: 43987410 bytes
->Temporary Internet Files folder emptied: 1160097 bytes
->Java cache emptied: 12158741 bytes
->FireFox cache emptied: 87684170 bytes
->Flash cache emptied: 1984 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6318 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 6605037635 bytes
 
Total Files Cleaned = 6.437,00 mb
 
 
OTL by OldTimer - Version 3.2.4.1 log created on 05112010_221825

Files\Folders moved on Reboot...
C:\Users\Pierre\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Alt 11.05.2010, 15:52   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimalware Doctor lässt sich nicht entfernen - Standard

Antimalware Doctor lässt sich nicht entfernen


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Akamai NetSession Interface
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Antimalware Doctor lässt sich nicht entfernen
anti-malware, antimalware, cc cleaner, code, dateien, druck, entfernen, error, explorer, fehlermeldung, forum, gen, install, local\temp, log-file, lässt sich nicht entfernen, malware bytes, malwarebytes, malwarebytes' anti-malware, microsoft, nicht mehr, programm, rkill, rogue.antimalwaredoctor, rsit, software, spyware, spyware doctor, system, total, version, windows 7


« Spybot+Firefox hängen sich auf / Windows Security Alert lässt sich nicht entfernen | Trojaner (angeblich) gelöscht - System sauber? »


Ähnliche Themen: Antimalware Doctor lässt sich nicht entfernen


  1. win32.gen wurde von Spybot erkannt, von Antivir und Antimalware aber nicht, lässt sich nicht entfernen
    Log-Analyse und Auswertung - 28.07.2013 (15)
  2. Antimalware Doctor - Pc lässt sich nicht mehr hochfahren
    Alles rund um Windows - 20.03.2011 (14)
  3. Antimalware Doctor - Malware lässt sich nicht komplett entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.12.2010 (6)
  4. Antimalware doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.11.2010 (1)
  5. Antimalware Doctor lässt sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 02.09.2010 (29)
  6. Security Suite und Antimalware doctor lassen sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (12)
  7. Antimalware Doctor lässt rkill nicht zu
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (8)
  8. Problem: Anti Malware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.06.2010 (3)
  9. Antimalware Doctor lässt sich nicht entfernen - Variable used wihout being declared
    Mülltonne - 10.06.2010 (2)
  10. Antimalware Doctor lässt sich nicht entfernen (Anleitung vom Board benutzt)
    Plagegeister aller Art und deren Bekämpfung - 09.06.2010 (13)
  11. Antimalware Doctor lässt sich nicht vollständig entfernen
    Plagegeister aller Art und deren Bekämpfung - 08.06.2010 (4)
  12. Anti Malware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.06.2010 (5)
  13. Antimalware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.06.2010 (2)
  14. Antimalware Doctor lässt sich einfach nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 12.05.2010 (26)
  15. Antimalware Doctor lässt sich nicht GANZ entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.05.2010 (10)
  16. Antimalware Doctor lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 04.05.2010 (0)
  17. Antimalware doctor entfernen, Malwarebytes startet nicht usw.
    Plagegeister aller Art und deren Bekämpfung - 21.04.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Antimalware Doctor lässt sich nicht entfernen - Hallo, ich bin total erleichtert, dass ich dieses Forum gefunden habe und möchte mich an dieser Stelle schonmal im Voraus für eure Hilfe bedanken. ich habe mir den Antimalware Doctor - Antimalware Doctor lässt sich nicht entfernen...
Archiv
Du betrachtest: Antimalware Doctor lässt sich nicht entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131