| |
| |||||||
Log-Analyse und Auswertung: Beim öffnen von Programmen Keine RückmeldungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.06.2010, 16:42
| #1 |
| |  Beim öffnen von Programmen Keine Rückmeldung Moin ich habe vollgendes Problem immer wenn ich irgendein eines meiner Programme öffnen will dauert es erstmal mal (teilweise mehr als 5 minuten) um es zu öffnen und dann wenn es offen ist und ich es anklicke kommt die Meldung Keine Rückmeldung. Das Problem trat zum erstenmal auf nachdem ich durch einen PC Absturz mein System wiederherstellen musste. Bei dem PC Absturz bekam ich einen Bluescreen. Danach konnte Windows nicht mehr gestartet werden es kam folgende Meldung: Windows konnte nicht gestartet werden da folgende Datei fehlt C:\WINDOWS\system32\config Darauf habe ich dann mit meiner Windows XP CD mein System Repariert. Seitdem Habe ich das Problem. Daher habe ich schon folgendes Getan um dem Entgegenzuwirken : Den Guide h**p://www.trojaner-board.de/71631-pc-wird-immer-langsamer-tun.html Abgearbeitet und Malwarebytes Antimalware Ausgefuert RSIT durchgefuert Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4214
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
19.06.2010 16:18:45
mbam-log-2010-06-19 (16-18-45).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 118696
Laufzeit: 20 Minute(n), 2 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\win32 (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
log.txt RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.07 (written by random/random) Run by Admin at 2010-06-19 16:40:16 Microsoft Windows XP Professional Service Pack 3 System drive C: has 10 GB (37%) free of 26 GB Total RAM: 3582 MB (89% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:40:34, on 19.06.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\Explorer.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\ADVANC~1\wh_exec.exe C:\Programme\Google\Update\GoogleUpdate.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Dokumente und Einstellungen\Admin\Desktop\RSIT.exe C:\Programme\trend micro\Admin.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.weareone.fm/google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.alice-dsl.de R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file) O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: *.moove.com O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - Unknown owner - F:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (file missing) O23 - Service: Google Update Service (gupdate1c9f463bd3facba) (gupdate1c9f463bd3facba) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe -- End of file - 4293 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1085031214-725345543-1003.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1085031214-725345543-1003.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440] "WheelMouse"=C:\ADVANC~1\wh_exec.exe [2008-10-08 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutorun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\ICQ6.5\ICQ.exe"="E:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6" "E:\Steam\steamapps\chester017\counter-strike source\hl2.exe"="E:\Steam\steamapps\chester017\counter-strike source\hl2.exe:*:Enabled:hl2" "F:\Far Cry 2\bin\FarCry2.exe"="F:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2" "F:\Far Cry 2\bin\FC2Launcher.exe"="F:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater" "F:\Far Cry 2\bin\FC2Editor.exe"="F:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "E:\Warcraft III\Warcraft III.exe"="E:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\Steam\steamapps\chester017\team fortress 2\hl2.exe"="E:\Steam\steamapps\chester017\team fortress 2\hl2.exe:*:Enabled:hl2" "E:\Warcraft III\War3.exe"="E:\Warcraft III\War3.exe:*:Enabled:Warcraft III" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player " "E:\Steam\steamapps\nokid36\counter-strike source\hl2.exe"="E:\Steam\steamapps\nokid36\counter-strike source\hl2.exe:*:Enabled:hl2" "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX-Diagnoseprogramm" "C:\Programme\Vuze\Azureus.exe"="C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus" "F:\Farcry\Bin32\FarCry.exe"="F:\Farcry\Bin32\FarCry.exe:*:Enabled:Far Cry" "F:\S4 LEAGUE\S4Client.exe"="F:\S4 LEAGUE\S4Client.exe:*:Enabled:Project S4 Client.exe" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console" "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "F:\battlefield 2\BF2.exe"="F:\battlefield 2\BF2.exe:*:Enabled:Battlefield 2" "F:\assassins creed\AssassinsCreed_Dx9.exe"="F:\assassins creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9" "F:\assassins creed\AssassinsCreed_Dx10.exe"="F:\assassins creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10" "F:\assassins creed\AssassinsCreed_Launcher.exe"="F:\assassins creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update" "F:\C&C stunde null\game.dat"="F:\C&C stunde null\game.dat:*:Enabled:game" "E:\Steam\steamapps\chester017\half-life 2\hl2.exe"="E:\Steam\steamapps\chester017\half-life 2\hl2.exe:*:Enabled:hl2" "C:\Dokumente und Einstellungen\Admin\Desktop\PickupLIST\pickup.listchecker.exe"="C:\Dokumente und Einstellungen\Admin\Desktop\PickupLIST\pickup.listchecker.exe:*:Enabled:pickup.listchecker" "C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary" "C:\Programme\Xfire\Xfire.exe"="C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "E:\Steam\steamapps\chester017\condition zero\hl.exe"="E:\Steam\steamapps\chester017\condition zero\hl.exe:*:Enabled:Half-Life Launcher" "C:\Programme\Opera\opera.exe"="C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser" "F:\Crysis\Bin32\Crysis.exe"="F:\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32" "F:\Crysis\Bin32\CrysisDedicatedServer.exe"="F:\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" "E:\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe"="E:\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe:*:Enabled:Shattered Horizon" "C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher" "F:\Assassin's Creed II\AssassinsCreedIIGame.exe"="F:\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II" "F:\Assassin's Creed II\AssassinsCreedII.exe"="F:\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update" "F:\Assassin's Creed II\UPlayBrowser.exe"="F:\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay" "F:\Battlefield\BFBC2Updater.exe"="F:\Battlefield\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2" "F:\Battlefield\BFBC2Game.exe"="F:\Battlefield\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2" "F:\Dragon Age\bin_ship\daorigins.exe"="F:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins -Spiel" "F:\Dragon Age\DAOriginsLauncher.exe"="F:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins -Launcher" "C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.exe"="C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.exe:*:Enabled:VMLoad" "C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.jar"="C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.jar:*:Enabled:VMLoad" "C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoadUpdater.jar"="C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoadUpdater.jar:*:Enabled:VMLoad Updater" "C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe"="C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe:*:Enabled:Java(TM) Platform SE binary" "F:\AOEEE\Empire Earth.exe"="F:\AOEEE\Empire Earth.exe:*:Enabled:Empire Earth" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen" "C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "F:\call oft duty 4 modern warfare\iw3mp.exe"="F:\call oft duty 4 modern warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) " "F:\Dragon Age\bin_ship\daupdatersvc.service.exe"="F:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins -Inhaltsupdater" "E:\Steam\steamapps\chester017\counter-strike\hl.exe"="E:\Steam\steamapps\chester017\counter-strike\hl.exe:*:Enabled:Counter-Strike" "F:\Counter Strike 1.6 Reloaded\hl.exe"="F:\Counter Strike 1.6 Reloaded\hl.exe:*:Enabled:Half-Life Launcher" "F:\Mass Effect 2\Binaries\MassEffect2.exe"="F:\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 -Spiel" "F:\Mass Effect 2\MassEffect2Launcher.exe"="F:\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 -Launcher" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b161687e-680d-11df-87aa-001fd08e02c3}] shell\AutoRun\command - H:\AutoRun.exe ======List of files/folders created in the last 1 months====== 2010-06-19 16:40:16 ----D---- C:\rsit 2010-06-19 16:40:16 ----D---- C:\Programme\trend micro 2010-06-19 05:16:02 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Malwarebytes 2010-06-19 05:11:23 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-06-19 05:10:54 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-06-19 04:24:03 ----D---- C:\Programme\Defraggler 2010-06-19 03:45:50 ----D---- C:\Programme\CCleaner 2010-06-19 01:28:48 ----D---- C:\WINDOWS\pss 2010-06-18 03:35:24 ----D---- C:\Advanced Wheel Mouse 2010-06-18 03:34:45 ----D---- C:\Programme\GIGABYTE 2010-06-17 01:05:50 ----A---- C:\WINDOWS\PCCT.INI 2010-06-17 01:04:30 ----HD---- C:\WINDOWS\PIF 2010-06-17 00:49:22 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\MAGIX 2010-06-17 00:49:00 ----A---- C:\WINDOWS\installation.ini 2010-06-17 00:47:46 ----A---- C:\WINDOWS\system32\TTIC32.dll 2010-06-17 00:47:46 ----A---- C:\WINDOWS\system32\TTI32.dll 2010-06-17 00:47:46 ----A---- C:\WINDOWS\system32\STRING32.dll 2010-06-17 00:47:46 ----A---- C:\WINDOWS\system32\MXRestore.exe 2010-06-17 00:47:46 ----A---- C:\WINDOWS\system32\mgxcdr.txt 2010-06-17 00:47:45 ----A---- C:\WINDOWS\system32\DLLTPO32.dll 2010-06-17 00:47:45 ----A---- C:\WINDOWS\system32\DLLRES32.dll 2010-06-17 00:47:45 ----A---- C:\WINDOWS\system32\DLLRD32.dll 2010-06-17 00:47:44 ----A---- C:\WINDOWS\system32\DLLPTL32.dll 2010-06-17 00:47:44 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll 2010-06-17 00:47:44 ----A---- C:\WINDOWS\system32\DLLPRF32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLPNT32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLMSC32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLIX.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLISO32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLIO32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLIMG32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLDRV32.dll 2010-06-17 00:47:43 ----A---- C:\WINDOWS\system32\DLLDIR32.dll 2010-06-17 00:47:42 ----A---- C:\WINDOWS\system32\DLLDEV32.dll 2010-06-17 00:47:42 ----A---- C:\WINDOWS\system32\DLLCPY32.dll 2010-06-17 00:47:42 ----A---- C:\WINDOWS\system32\DLLCDF32.dll 2010-06-17 00:47:42 ----A---- C:\WINDOWS\system32\DLLCDA32.dll 2010-06-17 00:47:41 ----A---- C:\WINDOWS\system32\DLLAV32.dll 2010-06-17 00:47:03 ----A---- C:\WINDOWS\system32\msxml4r.dll 2010-06-17 00:47:03 ----A---- C:\WINDOWS\system32\msxml4a.dll 2010-06-17 00:47:01 ----A---- C:\WINDOWS\system32\msxml4.dll 2010-06-17 00:46:08 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX 2010-06-17 00:45:43 ----D---- C:\Programme\MAGIX 2010-06-17 00:45:43 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll 2010-06-17 00:38:41 ----D---- C:\Programme\Gemeinsame Dateien\MAGIX Services 2010-06-16 01:42:16 ----A---- C:\WINDOWS\system32\ptpusb.dll 2010-06-16 01:41:58 ----A---- C:\WINDOWS\system32\ptpusd.dll 2010-06-13 00:56:01 ----A---- C:\WINDOWS\system32\XAudio2_7.dll 2010-06-13 00:56:01 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll 2010-06-13 00:56:01 ----A---- C:\WINDOWS\system32\xactengine3_7.dll 2010-06-13 00:55:59 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll 2010-06-13 00:55:57 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll 2010-06-13 00:55:54 ----A---- C:\WINDOWS\system32\d3dx11_43.dll 2010-06-13 00:55:51 ----A---- C:\WINDOWS\system32\d3dx10_43.dll 2010-06-13 00:55:47 ----A---- C:\WINDOWS\system32\D3DX9_43.dll 2010-06-13 00:55:44 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-06-13 00:55:44 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-06-13 00:55:34 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-06-13 00:55:27 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-06-07 17:35:38 ----A---- C:\WINDOWS\system32\nvwddi.dll 2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrsth.dll 2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrseng.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrszht.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrshe.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsel.dll 2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsda.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrstr.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssv.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssl.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssk.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsru.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspt.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspl.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsno.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsko.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsja.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsit.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrshu.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrses.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsde.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrscs.dll 2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsar.dll 2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmctray.dll 2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmccs.dll 2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcpl.dll 2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcolor.exe 2010-06-04 14:36:49 ----A---- C:\WINDOWS\system32\OpenCL.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcuda.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcodins.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvcod.dll 2010-06-04 14:36:48 ----A---- C:\WINDOWS\system32\nvapi.dll 2010-06-04 14:29:13 ----A---- C:\WINDOWS\system32\TUKernel.exe 2010-05-28 20:48:05 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt 2010-05-25 16:59:30 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2010-05-25 16:57:14 ----D---- C:\Programme\Mobile Partner 2010-05-22 19:37:39 ----D---- C:\Mozilla Firefox ======List of files/folders modified in the last 1 months====== 2010-06-19 16:40:16 ----RD---- C:\Programme 2010-06-19 16:39:52 ----SD---- C:\WINDOWS\Tasks 2010-06-19 16:28:31 ----D---- C:\WINDOWS\Temp 2010-06-19 16:27:35 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-19 16:22:02 ----D---- C:\WINDOWS\system32\drivers 2010-06-19 16:21:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-19 16:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-06-19 15:49:01 ----D---- C:\WINDOWS 2010-06-19 15:44:11 ----D---- C:\WINDOWS\system32 2010-06-19 15:23:44 ----D---- C:\WINDOWS\system32\NtmsData 2010-06-19 05:11:23 ----D---- C:\WINDOWS\Prefetch 2010-06-19 03:52:20 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Media Player Classic 2010-06-19 03:51:37 ----D---- C:\WINDOWS\Debug 2010-06-19 03:32:22 ----SHD---- C:\WINDOWS\Installer 2010-06-19 03:32:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software 2010-06-19 03:22:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2010-06-19 03:01:17 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2010-06-19 02:38:25 ----D---- C:\Programme\VstPlugins 2010-06-19 02:35:57 ----D---- C:\Programme\Elaborate Bytes 2010-06-18 17:13:19 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\vlc 2010-06-18 13:01:15 ----D---- C:\WINDOWS\Registration 2010-06-18 03:36:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-06-18 03:35:40 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-06-18 03:35:28 ----HD---- C:\WINDOWS\inf 2010-06-17 16:33:23 ----D---- C:\Programme\TeamSpeak 3 Client 2010-06-17 01:28:16 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-06-17 01:22:22 ----D---- C:\WINDOWS\system32\DirectX 2010-06-17 01:19:13 ----D---- C:\Programme\Gemeinsame Dateien\DVDVideoSoft 2010-06-17 01:14:35 ----D---- C:\Programme\Gemeinsame Dateien\Akamai 2010-06-17 00:54:42 ----D---- C:\WINDOWS\system32\config 2010-06-17 00:42:50 ----D---- C:\WINDOWS\Help 2010-06-17 00:38:42 ----D---- C:\Programme\NVIDIA Corporation 2010-06-17 00:38:41 ----D---- C:\Programme\Gemeinsame Dateien 2010-06-14 18:23:25 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\DivX 2010-06-13 00:54:50 ----D---- C:\WINDOWS\Logs 2010-06-13 00:51:43 ----D---- C:\Dokumente und Einstellungen 2010-06-12 22:42:48 ----A---- C:\WINDOWS\system32\wpa.bak 2010-06-12 22:31:34 ----D---- C:\Programme\Registry Mechanic 2010-06-12 21:38:26 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX 2010-06-12 21:38:04 ----D---- C:\Programme\Gemeinsame Dateien\DivX Shared 2010-06-12 21:38:00 ----D---- C:\Programme\DivX 2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvudisp.exe 2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll 2010-06-07 22:39:33 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\dvdcss 2010-06-04 14:35:11 ----HD---- C:\Programme\InstallShield Installation Information 2010-06-04 14:29:13 ----RSH---- C:\boot.ini 2010-06-01 19:40:58 ----RSD---- C:\WINDOWS\assembly 2010-05-30 11:50:57 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2010-05-30 11:50:14 ----D---- C:\Programme\AGEIA Technologies 2010-05-30 11:49:31 ----D---- C:\Programme\Gemeinsame Dateien\BioWare 2010-05-28 17:39:35 ----A---- C:\WINDOWS\system32\PnkBstrB.exe 2010-05-28 12:58:26 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2010-05-26 22:27:51 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Hamachi 2010-05-26 21:54:10 ----A---- C:\WINDOWS\system.ini 2010-05-26 17:32:42 ----D---- C:\WINDOWS\system32\ias 2010-05-25 18:40:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-05-25 18:40:24 ----D---- C:\WINDOWS\system32\inetsrv ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-11-03 278984] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-11-03 25416] R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-09 3968] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-28 25280] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784] S3 a49129jb;a49129jb; C:\WINDOWS\system32\drivers\a49129jb.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384] S3 cel90xbe;cel90xbe; \??\C:\DOKUME~1\Admin\LOKALE~1\Temp\cel90xbe.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102400] S3 KBFiltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\KBFiltr.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112] S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [] S3 PD0620VID;Creative WebCam Instant; C:\WINDOWS\system32\DRIVERS\P0620Vid.sys [2004-07-29 91577] S3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 XDva347;XDva347; \??\C:\WINDOWS\system32\XDva347.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-23 267432] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gupdate1c9f463bd3facba;Google Update Service (gupdate1c9f463bd3facba); C:\Programme\Google\Update\GoogleUpdate.exe [2009-06-24 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater; F:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-29 3110016] S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Programme\WinPcap\rpcapd.exe [2005-08-02 86016] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-03-19 75064] -----------------EOF----------------- info.txt [CODE]info.txtRSIT Logfile: Code:
ATTFilter logfile of random's system information tool 1.06 2010-06-19 16:40:36
======Uninstall list======
-->"F:\Neuer Ordner (3)\PokerStarsUninstall.exe" /u:PokerStars.net
-->"F:\Sniper - Art of Victory\unins000.exe"
-->"F:\Sniper\unins000.exe"
-->"F:\XnView\unins000.exe"
-->F:\DivX\DivXConverterUninstall.exe /CONVERTER
-->F:\DivX\DivXConverterUninstall.exe /CONVERTER
-->F:\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
-->F:\HDRR\EAUninstall.exe
-->F:\nfsmw\EAUninstall.exe
-->F:\serius\Serious Sam 2\Bin\Uninstall.exe
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1A View 1.0-->"C:\Programme\1A View\unins000.exe"
AC3Filter (remove only)-->C:\Programme\AC3Filter\uninstall.exe
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Programme\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Advanced Wheel Mouse 6.0.0.005-->C:\ADVANC~1\uninst.exe
Aion-->"C:\Programme\InstallShield Installation Information\{7984BE91-9CF6-45EB-9EB3-9B2E84ACB278}\setup.exe" -runfromtemp -l0x0007 -removeonly
Aion-->"C:\Programme\InstallShield Installation Information\{A9276190-4D4E-4B0D-8A5D-50A2C65BB2DB}\setup.exe" -runfromtemp -l0x0007 -removeonly
Assassin's Creed II-->"C:\Programme\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0007 -removeonly
Assassin's Creed-->C:\Programme\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7 -removeonly
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Programme\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Programme\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Programme\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Programme\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Programme\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Programme\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
Command & Conquer Generals-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and Conquer(TM) Generäle Die Stunde Null -->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike: Source-->"E:\Steam\steam.exe" steam://uninstall/240
Creative WebCam Instant Driver (1.01.02.0729)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script PD0620.uns -unsext NT -plugin P0620Pin.dll -pluginres P0620Pin.crl
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Day of Defeat: Source-->"E:\Steam\steam.exe" steam://uninstall/300
Defraggler-->"C:\Programme\Defraggler\uninst.exe"
DEVIL MAY CRY 4-->MsiExec.exe /I{D4E5A687-797D-44B1-8F96-4FD7A24166A9}
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
DivX-Setup-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DotAzilla-->C:\Programme\DotAzilla\Uninstall.exe
Dragon Age: Origins-->C:\Programme\Gemeinsame Dateien\BioWare\Uninstall Dragon Age.exe
Empire Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe"
Far Cry 2-->"C:\Programme\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Far Cry-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}
Freez FLV to MP3 Converter-->"C:\Programme\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
GM-M8000-->MsiExec.exe /I{B3EE9807-E29C-4DCF-BF08-A658DB708B99}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto San Andreas-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{086BADF8-9B1F-4E89-B207-2EDA520972D6}\setup.exe" -l0x7 -removeonly
Half-Life 2: Episode Two-->"E:\Steam\steam.exe" steam://uninstall/420
Half-Life 2-->"E:\Steam\steam.exe" steam://uninstall/220
Hamachi 1.0.3.0-->C:\Programme\Hamachi\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
INsanes Small HUD 8 Black-->E:\Steam\steamapps\chester017\day of defeat source\dod\uninst INsanes Small HUD 8 Black.exe
IrfanView (remove only)-->E:\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
K-Lite Mega Codec Pack 5.5.1-->"C:\Programme\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Mass Effect 2-->C:\Programme\Gemeinsame Dateien\BioWare\Uninstall Mass Effect 2.exe
Messenger Plus! Live-->"C:\Programme\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Professional 2007-Testversion-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mobile Partner-->C:\Programme\Mobile Partner\uninst.exe
Mozilla Firefox (3.6.3)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
NCsoft Launcher-->C:\Programme\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0007 -removeonly
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Programme\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
Oblivion-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x7 -removeonly
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Overlord-->C:\Programme\InstallShield Installation Information\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}\setup.exe -runfromtemp -l0x0007 -removeonly
PunkBuster Services-->C:\WINDOWS\system32\pbsvc_bc2.exe -u
Razer Copperhead-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D6D5CFB3-7095-4073-B6B7-B7E909838C57}\setup.exe"
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Programme\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x0007 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
Registry Mechanic 7.0-->"C:\Programme\Registry Mechanic\unins000.exe"
S4 League_EU-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8A28F77E-E3C5-4F31-B593-1BE994088820}\setup.exe" -l0x9
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shattered Horizon-->"E:\Steam\steam.exe" steam://uninstall/18110
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SL-6555-SBK-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7AB86D35-DF3B-407F-B43E-468345DABF29}\setup.exe" -l0x9 -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
System Requirements Lab-->MsiExec.exe /I{9EBDAF91-DADA-47CE-94F2-F5B004007934}
Team Fortress 2-->"E:\Steam\steam.exe" steam://uninstall/440
TeamSpeak 2 RC2-->C:\Programme\Teamspeak2_RC2\unins000.exe
TeamSpeak 3 Client-->"C:\Programme\TeamSpeak 3 Client\uninstall.exe"
The Witcher-->"C:\Programme\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x0007 -removeonly
Ubisoft Game Launcher-->"C:\Programme\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Unreal Anthology-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}\Setup.exe" -l0x7 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb981726)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {2C69BACE-1151-41C0-8C8D-F6026D510BD4}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VLC media player 1.0.5-->C:\Programme\VideoLAN\VLC\uninstall.exe
VMLoad-->C:\Programme\VMLoad\uninst.exe
Vuze-->C:\Programme\Vuze\uninstall.exe
WC3Banlist-->"E:\WC3Banlist\unins000.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinPcap 3.1-->C:\Programme\WinPcap\uninstall.exe
WinRAR-->C:\Programme\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Programme\Xfire\uninst.exe"
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: PROGAMER
Event Code: 29
Message: Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen
konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb
der nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung
mit der Quelle herzustellen.
Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Record Number: 13222
Source Name: W32Time
Time Written: 20100612163547.000000+120
Event Type: error
User:
Computer Name: PROGAMER
Event Code: 17
Message: Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer
"time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten
wiederholt.
Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751)
Record Number: 13221
Source Name: W32Time
Time Written: 20100612163547.000000+120
Event Type: error
User:
Computer Name: PROGAMER
Event Code: 29
Message: Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen
konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb
der nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung
mit der Quelle herzustellen.
Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Record Number: 13220
Source Name: W32Time
Time Written: 20100612163546.000000+120
Event Type: error
User:
Computer Name: PROGAMER
Event Code: 17
Message: Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer
"time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten
wiederholt.
Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751)
Record Number: 13219
Source Name: W32Time
Time Written: 20100612163546.000000+120
Event Type: error
User:
Computer Name: PROGAMER
Event Code: 55
Message: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Record Number: 13216
Source Name: Ntfs
Time Written: 20100612163507.000000+120
Event Type: error
User:
=====Application event log=====
Computer Name: PROGAMER
Event Code: 0
Message: Configuration section system.serviceModel.activation already exists in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Record Number: 447
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090816134833.000000+120
Event Type: warning
User:
Computer Name: PROGAMER
Event Code: 0
Message: Configuration section system.runtime.serialization already exists in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Record Number: 446
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090816134833.000000+120
Event Type: warning
User:
Computer Name: PROGAMER
Event Code: 0
Message: Configuration section system.serviceModel already exists in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Record Number: 445
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090816134833.000000+120
Event Type: warning
User:
Computer Name: PROGAMER
Event Code: 0
Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly.
If you believe this message is an error, check your IIS installation to make sure it is installed properly.
Record Number: 443
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090816134832.000000+120
Event Type: warning
User:
Computer Name: PROGAMER
Event Code: 1020
Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Record Number: 433
Source Name: ASP.NET 2.0.50727.0
Time Written: 20090816134805.000000+120
Event Type: warning
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Danke schonmal im Vorraus und Mit freundlichen Grüßen Cheser |
|
19.06.2010, 19:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Beim öffnen von Programmen Keine Rückmeldung Hallo und
__________________ bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
20.06.2010, 10:39
| #3 |
| | Beim öffnen von Programmen Keine Rückmeldung moin so hier noch der Malwarebytes Antimalware Vollscan
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4214
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
20.06.2010 08:28:57
mbam-log-2010-06-20 (08-28-57).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 254120
Laufzeit: 3 Stunde(n), 28 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter OTL logfile created on: 20.06.2010 11:24:55 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free 5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2047 2047 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 25,66 Gb Total Space | 11,76 Gb Free Space | 45,82% Space Free | Partition Type: NTFS Drive D: | 465,75 Gb Total Space | 255,04 Gb Free Space | 54,76% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 9,87 Gb Free Space | 20,21% Space Free | Partition Type: NTFS Drive F: | 12,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PROGAMER Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\VideoLAN\VLC\vlc.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Advanced Wheel Mouse\wh_exec.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Advanced Wheel Mouse\wh_hook.dll () MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (DAUpdaterSvc) -- File not found SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies) ========== Driver Services (SafeList) ========== DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys () DRV - (Razerlow) -- C:\WINDOWS\system32\drivers\Razerlow.sys (Razer (Asia-Pacific) Pte Ltd) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies) DRV - (PD0620VID) -- C:\WINDOWS\system32\drivers\P0620Vid.sys (Creative Technology Ltd.) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.alice-dsl.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.weareone.fm/google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "FearFM Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT273466&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "FearFM Customized Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {bab31fc4-cb97-46f4-9565-26d65225cc2c}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {464F169E-ACE1-4C5F-A778-A433A3DABBAE}:1.0 FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.14 02:27:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.06 14:13:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.18 05:41:54 | 000,000,000 | ---D | M] [2009.08.05 14:05:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions [2009.08.05 14:05:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions\IMVUClientXUL@imvu.com [2010.06.20 00:59:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions [2009.09.04 04:18:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.02.05 20:17:46 | 000,000,000 | ---D | M] (FearFM Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions\{bab31fc4-cb97-46f4-9565-26d65225cc2c} [2009.06.12 07:52:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions\searchrecs@veoh.com [2009.05.19 12:03:04 | 000,000,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\searchplugins\conduit.xml [2009.07.29 10:25:16 | 000,002,375 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\searchplugins\Schnell Sucher.xml [2010.06.20 00:59:45 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.05.02 18:50:25 | 000,000,000 | ---D | M] (VMLoad) -- C:\Programme\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE} [2010.04.16 15:40:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2007.02.12 21:30:16 | 000,164,352 | ---- | M] (Indiepath Ltd) -- C:\Programme\Mozilla Firefox\plugins\npigl.dll [2009.09.27 20:02:33 | 000,000,673 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\weareone.xml O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - Reg Error: Value error. File not found O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - Reg Error: Value error. File not found O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe () O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found O15 - HKCU\..Trusted Domains: moove.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.05.19 19:40:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006.04.27 21:30:08 | 000,000,041 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{b161687e-680d-11df-87aa-001fd08e02c3}\Shell - "" = AutoRun O33 - MountPoints2\{b161687e-680d-11df-87aa-001fd08e02c3}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b161687e-680d-11df-87aa-001fd08e02c3}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.20 05:01:04 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe [2010.06.19 16:40:16 | 000,000,000 | ---D | C] -- C:\Programme\trend micro [2010.06.19 16:40:16 | 000,000,000 | ---D | C] -- C:\rsit [2010.06.19 05:16:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Malwarebytes [2010.06.19 05:11:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.06.19 05:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.06.19 05:10:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.06.19 05:10:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.06.19 04:24:03 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler [2010.06.19 04:04:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Admin\Recent [2010.06.19 03:45:50 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.06.19 01:28:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2010.06.18 03:35:24 | 000,000,000 | ---D | C] -- C:\Advanced Wheel Mouse [2010.06.18 03:34:45 | 000,000,000 | ---D | C] -- C:\Programme\GIGABYTE [2010.06.17 01:05:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\MAGIX Speed [2010.06.17 01:04:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010.06.17 00:49:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\MAGIX [2010.06.17 00:48:09 | 000,014,208 | ---- | C] (MAGIX) -- C:\WINDOWS\System32\drivers\disksec.sys [2010.06.17 00:47:46 | 000,995,328 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\MXRestore.exe [2010.06.17 00:47:46 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll [2010.06.17 00:47:46 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTIC32.dll [2010.06.17 00:47:46 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTI32.dll [2010.06.17 00:47:45 | 000,274,432 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll [2010.06.17 00:47:45 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLTPO32.dll [2010.06.17 00:47:45 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRD32.dll [2010.06.17 00:47:44 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll [2010.06.17 00:47:44 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPTL32.dll [2010.06.17 00:47:44 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRJ32.dll [2010.06.17 00:47:43 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll [2010.06.17 00:47:43 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll [2010.06.17 00:47:43 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll [2010.06.17 00:47:43 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIMG32.dll [2010.06.17 00:47:43 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLMSC32.dll [2010.06.17 00:47:43 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLISO32.dll [2010.06.17 00:47:43 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDIR32.dll [2010.06.17 00:47:43 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIX.dll [2010.06.17 00:47:42 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll [2010.06.17 00:47:42 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll [2010.06.17 00:47:42 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDA32.dll [2010.06.17 00:47:42 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDF32.dll [2010.06.17 00:47:41 | 000,720,896 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll [2010.06.17 00:47:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll [2010.06.17 00:47:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll [2010.06.17 00:46:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2010.06.17 00:45:43 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX [2010.06.17 00:38:41 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Services [2010.06.16 01:42:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010.06.16 01:42:13 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys [2010.06.16 01:41:58 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010.06.13 00:56:01 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010.06.13 00:56:01 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010.06.13 00:56:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010.06.13 00:55:59 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010.06.13 00:55:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010.06.13 00:55:54 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010.06.13 00:55:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010.06.13 00:55:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010.06.13 00:55:44 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010.06.13 00:55:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010.06.13 00:55:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010.06.13 00:55:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010.06.12 21:20:21 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys [2010.06.12 21:20:10 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys [2010.06.07 17:35:38 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2010.06.07 17:35:30 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2010.06.07 17:35:30 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2010.06.07 17:35:28 | 000,331,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2010.06.07 17:35:28 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2010.06.07 17:35:28 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2010.06.07 17:35:28 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2010.06.07 17:35:28 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2010.06.07 17:35:28 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2010.06.07 17:35:28 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2010.06.07 17:35:26 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2010.06.07 17:35:26 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2010.06.07 17:35:26 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2010.06.07 17:35:26 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2010.06.07 17:35:26 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2010.06.07 17:35:26 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2010.06.07 17:35:26 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2010.06.07 17:35:26 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2010.06.07 17:35:26 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2010.06.07 17:35:26 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2010.06.07 17:35:26 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2010.06.07 17:35:26 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2010.06.07 17:35:24 | 000,277,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll [2010.06.07 17:35:24 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2010.06.07 17:35:22 | 013,902,440 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2010.06.07 17:35:22 | 000,145,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2010.06.04 14:36:49 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010.06.04 14:36:48 | 015,192,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2010.06.04 14:36:48 | 010,256,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2010.06.04 14:36:48 | 004,554,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2010.06.04 14:36:48 | 002,632,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2010.06.04 14:36:48 | 002,165,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2010.06.04 14:36:48 | 001,359,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2010.06.04 14:36:48 | 000,232,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll [2010.06.04 14:36:48 | 000,232,040 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll [2010.06.04 14:29:13 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe [2010.05.25 22:14:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\cod patch [2010.05.25 16:57:53 | 000,621,056 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys [2010.05.25 16:57:53 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [2010.05.25 16:57:53 | 000,102,656 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys [2010.05.25 16:57:53 | 000,102,400 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [2010.05.25 16:57:53 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [2010.05.25 16:57:14 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner [2010.05.22 19:37:39 | 000,000,000 | ---D | C] -- C:\Mozilla Firefox [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.06.20 05:01:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe [2010.06.20 04:59:16 | 000,002,013 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Steam.lnk [2010.06.20 02:48:37 | 000,069,160 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2010.06.19 16:39:52 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1085031214-725345543-1003.job [2010.06.19 16:39:52 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1085031214-725345543-1003.job [2010.06.19 16:37:40 | 000,824,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\RSIT.exe [2010.06.19 16:28:15 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.06.19 16:24:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.06.19 16:23:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.06.19 16:21:31 | 017,563,648 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT [2010.06.19 15:44:35 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.06.19 05:12:48 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.19 04:24:36 | 000,001,544 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Defraggler.lnk [2010.06.19 04:16:20 | 001,980,697 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\AutoRuns.arn [2010.06.19 04:09:31 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.06.19 04:09:30 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.06.19 03:57:43 | 000,002,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\cc_20100619_035621.reg [2010.06.19 03:55:58 | 000,488,926 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\cc_20100619_035316.reg [2010.06.19 03:45:51 | 000,001,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\CCleaner.lnk [2010.06.18 03:34:58 | 000,002,048 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\GM_M8000.lnk [2010.06.17 20:52:26 | 000,000,016 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\WarcraftIIIAutoRefresh_Config.dat [2010.06.17 01:06:06 | 000,000,046 | ---- | M] () -- C:\WINDOWS\PCCT.INI [2010.06.17 00:49:00 | 000,000,111 | ---- | M] () -- C:\WINDOWS\installation.ini [2010.06.17 00:37:22 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010.06.17 00:37:22 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2010.06.17 00:36:42 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010.06.17 00:36:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2010.06.17 00:19:55 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010.06.15 23:22:14 | 000,022,016 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.13 16:02:17 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Admin\ntuser.ini [2010.06.13 09:23:45 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.06.12 22:42:48 | 000,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2010.06.12 22:25:00 | 000,008,192 | ---- | M] () -- C:\s-1-5-21-515967899-1085031214-725345543-1005.rrr [2010.06.12 22:24:56 | 017,113,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\s-1-5-21-515967899-1085031214-725345543-1003.rrr [2010.06.12 21:40:11 | 002,109,234 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.06.12 21:38:01 | 000,001,484 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\DivX Movies.lnk [2010.06.12 21:36:21 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk [2010.06.12 21:35:56 | 000,000,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk [2010.06.12 21:33:26 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010.06.08 01:57:00 | 015,192,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2010.06.08 01:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2010.06.08 01:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys [2010.06.08 01:57:00 | 010,256,384 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2010.06.08 01:57:00 | 006,300,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2010.06.08 01:57:00 | 004,554,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2010.06.08 01:57:00 | 002,632,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2010.06.08 01:57:00 | 002,186,342 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin [2010.06.08 01:57:00 | 002,165,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2010.06.08 01:57:00 | 001,359,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2010.06.08 01:57:00 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe [2010.06.08 01:57:00 | 000,232,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll [2010.06.08 01:57:00 | 000,232,040 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll [2010.06.08 01:57:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010.06.08 01:57:00 | 000,025,836 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu [2010.06.08 01:57:00 | 000,007,959 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb [2010.06.07 17:35:38 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2010.06.07 17:35:30 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2010.06.07 17:35:30 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2010.06.07 17:35:28 | 000,331,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2010.06.07 17:35:28 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2010.06.07 17:35:28 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2010.06.07 17:35:28 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2010.06.07 17:35:28 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2010.06.07 17:35:28 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2010.06.07 17:35:28 | 000,126,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2010.06.07 17:35:26 | 000,335,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2010.06.07 17:35:26 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2010.06.07 17:35:26 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2010.06.07 17:35:26 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2010.06.07 17:35:26 | 000,278,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2010.06.07 17:35:26 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2010.06.07 17:35:26 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2010.06.07 17:35:26 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2010.06.07 17:35:26 | 000,262,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2010.06.07 17:35:26 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2010.06.07 17:35:26 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2010.06.07 17:35:26 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2010.06.07 17:35:26 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2010.06.07 17:35:26 | 000,229,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2010.06.07 17:35:24 | 000,277,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll [2010.06.07 17:35:24 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2010.06.07 17:35:22 | 013,902,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2010.06.07 17:35:22 | 000,145,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2010.06.04 14:29:13 | 002,288,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe [2010.06.04 14:29:13 | 000,000,389 | RHS- | M] () -- C:\boot.ini [2010.06.02 04:55:30 | 000,527,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010.06.02 04:55:30 | 000,239,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010.06.02 04:55:30 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010.05.28 17:39:42 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.05.28 12:58:26 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE [2010.05.26 21:54:11 | 000,001,919 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010.05.26 21:54:10 | 000,000,250 | ---- | M] () -- C:\WINDOWS\system.ini [2010.05.26 18:29:02 | 000,000,435 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2010.05.26 16:02:51 | 000,218,808 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.05.26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010.05.26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010.05.26 11:41:02 | 001,868,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010.05.26 11:41:02 | 000,470,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010.05.26 11:41:02 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010.05.25 18:40:26 | 001,044,152 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.05.25 18:40:26 | 000,448,806 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.05.25 18:40:26 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.05.25 18:40:26 | 000,079,882 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.05.25 18:40:26 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.05.25 16:57:57 | 000,000,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.06.20 02:48:21 | 000,032,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\FRITZRENEW.EXE [2010.06.19 16:37:39 | 000,824,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\RSIT.exe [2010.06.19 05:12:47 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.19 04:24:36 | 000,001,544 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Defraggler.lnk [2010.06.19 04:16:20 | 001,980,697 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\AutoRuns.arn [2010.06.19 03:56:50 | 000,002,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\cc_20100619_035621.reg [2010.06.19 03:54:25 | 000,488,926 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\cc_20100619_035316.reg [2010.06.19 03:45:51 | 000,001,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\CCleaner.lnk [2010.06.18 03:34:58 | 000,002,048 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\GM_M8000.lnk [2010.06.17 20:52:24 | 000,000,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\WarcraftIIIAutoRefresh_Config.dat [2010.06.17 01:37:08 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1085031214-725345543-1003.job [2010.06.17 01:05:50 | 000,000,046 | ---- | C] () -- C:\WINDOWS\PCCT.INI [2010.06.17 00:49:00 | 000,000,111 | ---- | C] () -- C:\WINDOWS\installation.ini [2010.06.17 00:47:42 | 000,038,492 | ---- | C] () -- C:\WINDOWS\System32\DLLAV32.lib [2010.06.17 00:45:43 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2010.06.17 00:37:22 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010.06.17 00:36:42 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010.06.17 00:36:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010.06.17 00:36:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2010.06.17 00:27:12 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2010.06.12 22:23:30 | 017,113,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\s-1-5-21-515967899-1085031214-725345543-1003.rrr [2010.06.12 21:36:21 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Player.lnk [2010.06.12 21:35:56 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk [2010.06.12 21:33:26 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010.06.04 14:36:44 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010.06.04 13:55:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.05.25 16:57:57 | 000,000,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk [2010.05.07 15:01:41 | 000,000,186 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2010.02.12 19:08:01 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2009.12.27 13:00:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009.12.27 13:00:44 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009.12.27 13:00:44 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009.12.27 13:00:43 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009.12.27 13:00:41 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009.12.27 13:00:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009.12.27 12:25:48 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.11.03 19:13:52 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009.11.03 19:13:52 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009.10.15 02:01:24 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009.08.27 20:19:05 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009.08.26 19:45:40 | 000,000,064 | ---- | C] () -- C:\WINDOWS\MyProg.ini [2009.08.10 07:11:37 | 000,000,289 | ---- | C] () -- C:\WINDOWS\game.ini [2009.07.28 05:41:41 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2009.07.28 05:41:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2009.07.27 17:45:53 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009.07.27 01:10:25 | 000,091,072 | ---- | C] () -- C:\WINDOWS\System32\RoseCo2.dll [2009.07.23 08:38:56 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\mp3Media2.dll [2009.05.25 18:51:24 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009.05.22 22:22:44 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009.05.19 22:19:56 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009.05.19 22:19:56 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009.05.19 22:19:56 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2009.05.19 21:27:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini [2009.05.19 20:45:52 | 000,008,192 | ---- | C] () -- C:\WINDOWS\suecmdial.dll [2009.05.19 20:27:13 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll [2009.05.19 20:27:08 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll [2009.05.19 20:27:08 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll [2009.05.19 20:27:07 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll [2009.05.19 20:27:07 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys [2009.05.19 20:27:07 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007.01.25 17:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys [2005.08.02 23:24:01 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2004.04.06 23:16:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PVAdoCtl.dll < End of report > Code:
ATTFilter OTL Extras logfile created on: 20.06.2010 11:24:55 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2047 2047 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 25,66 Gb Total Space | 11,76 Gb Free Space | 45,82% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 255,04 Gb Free Space | 54,76% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 9,87 Gb Free Space | 20,21% Space Free | Partition Type: NTFS
Drive F: | 12,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PROGAMER
Current User Name: Admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Betrachten mit XnView] -- "F:\XnView\xnview.exe" "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1038:TCP" = 1038:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\ICQ6.5\ICQ.exe" = E:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"E:\Steam\steamapps\chester017\counter-strike source\hl2.exe" = E:\Steam\steamapps\chester017\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"F:\Far Cry 2\bin\FarCry2.exe" = F:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- File not found
"F:\Far Cry 2\bin\FC2Launcher.exe" = F:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- File not found
"F:\Far Cry 2\bin\FC2Editor.exe" = F:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- File not found
"E:\Warcraft III\Warcraft III.exe" = E:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"E:\Steam\steamapps\chester017\team fortress 2\hl2.exe" = E:\Steam\steamapps\chester017\team fortress 2\hl2.exe:*:Enabled:hl2 -- ()
"E:\Warcraft III\War3.exe" = E:\Warcraft III\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"E:\Steam\steamapps\nokid36\counter-strike source\hl2.exe" = E:\Steam\steamapps\nokid36\counter-strike source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX-Diagnoseprogramm -- (Microsoft Corporation)
"C:\Programme\Vuze\Azureus.exe" = C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"F:\Farcry\Bin32\FarCry.exe" = F:\Farcry\Bin32\FarCry.exe:*:Enabled:Far Cry -- File not found
"F:\S4 LEAGUE\S4Client.exe" = F:\S4 LEAGUE\S4Client.exe:*:Enabled:Project S4 Client.exe -- File not found
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"F:\battlefield 2\BF2.exe" = F:\battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- File not found
"F:\assassins creed\AssassinsCreed_Dx9.exe" = F:\assassins creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- File not found
"F:\assassins creed\AssassinsCreed_Dx10.exe" = F:\assassins creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- File not found
"F:\assassins creed\AssassinsCreed_Launcher.exe" = F:\assassins creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- File not found
"F:\C&C stunde null\game.dat" = F:\C&C stunde null\game.dat:*:Enabled:game -- File not found
"E:\Steam\steamapps\chester017\half-life 2\hl2.exe" = E:\Steam\steamapps\chester017\half-life 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\Dokumente und Einstellungen\Admin\Desktop\PickupLIST\pickup.listchecker.exe" = C:\Dokumente und Einstellungen\Admin\Desktop\PickupLIST\pickup.listchecker.exe:*:Enabled:pickup.listchecker -- File not found
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"E:\Steam\steamapps\chester017\condition zero\hl.exe" = E:\Steam\steamapps\chester017\condition zero\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"F:\Crysis\Bin32\Crysis.exe" = F:\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- File not found
"F:\Crysis\Bin32\CrysisDedicatedServer.exe" = F:\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- File not found
"E:\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe" = E:\Steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe:*:Enabled:Shattered Horizon -- (Futuremark)
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"F:\Assassin's Creed II\AssassinsCreedIIGame.exe" = F:\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II -- File not found
"F:\Assassin's Creed II\AssassinsCreedII.exe" = F:\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update -- File not found
"F:\Assassin's Creed II\UPlayBrowser.exe" = F:\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay -- File not found
"F:\Battlefield\BFBC2Updater.exe" = F:\Battlefield\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"F:\Battlefield\BFBC2Game.exe" = F:\Battlefield\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"F:\Dragon Age\bin_ship\daorigins.exe" = F:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins -Spiel -- File not found
"F:\Dragon Age\DAOriginsLauncher.exe" = F:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins -Launcher -- File not found
"C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.exe" = C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.exe:*:Enabled:VMLoad -- ()
"C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.jar" = C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.jar:*:Enabled:VMLoad -- ()
"C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoadUpdater.jar" = C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoadUpdater.jar:*:Enabled:VMLoad Updater -- ()
"C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe" = C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\AOEEE\Empire Earth.exe" = F:\AOEEE\Empire Earth.exe:*:Enabled:Empire Earth -- File not found
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"F:\call oft duty 4 modern warfare\iw3mp.exe" = F:\call oft duty 4 modern warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- File not found
"F:\Dragon Age\bin_ship\daupdatersvc.service.exe" = F:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins -Inhaltsupdater -- File not found
"E:\Steam\steamapps\chester017\counter-strike\hl.exe" = E:\Steam\steamapps\chester017\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"F:\Counter Strike 1.6 Reloaded\hl.exe" = F:\Counter Strike 1.6 Reloaded\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"F:\Mass Effect 2\Binaries\MassEffect2.exe" = F:\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 -Spiel -- File not found
"F:\Mass Effect 2\MassEffect2Launcher.exe" = F:\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 -Launcher -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}" = Unreal Anthology
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7984BE91-9CF6-45EB-9EB3-9B2E84ACB278}" = Aion
"{7AB86D35-DF3B-407F-B43E-468345DABF29}" = SL-6555-SBK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A28F77E-E3C5-4F31-B593-1BE994088820}" = S4 League_EU
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9276190-4D4E-4B0D-8A5D-50A2C65BB2DB}" = Aion
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B3EE9807-E29C-4DCF-BF08-A658DB708B99}" = GM-M8000
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"1A View_is1" = 1A View 1.0
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729)
"Defraggler" = Defraggler
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX-Setup
"DotAzilla" = DotAzilla
"Freez FLV to MP3 Converter v1.5_is1" = Freez FLV to MP3 Converter
"Hamachi" = Hamachi 1.0.3.0
"INsanes Small HUD" = INsanes Small HUD 8 Black
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROR" = Microsoft Office Professional 2007-Testversion
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Steam App 18110" = Shattered Horizon
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"VMLoad" = VMLoad
"WheelMouse" = Advanced Wheel Mouse 6.0.0.005
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.05.2010 07:08:09 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung s4client.exe, Version 1.8.34.5937, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 15.05.2010 07:08:41 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung s4client.exe, Version 1.8.34.5937, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 15.05.2010 07:09:40 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung s4client.exe, Version 1.8.34.5937, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 15.05.2010 11:40:00 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oblivion.exe, Version 1.2.0.214, fehlgeschlagenes
Modul oblivion.exe, Version 1.2.0.214, Fehleradresse 0x000ac444.
Error - 15.05.2010 11:40:33 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oblivion.exe, Version 1.2.0.214, fehlgeschlagenes
Modul oblivion.exe, Version 1.2.0.214, Fehleradresse 0x000ac444.
Error - 15.05.2010 11:45:20 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oblivion.exe, Version 1.2.0.214, fehlgeschlagenes
Modul oblivion.exe, Version 1.2.0.214, Fehleradresse 0x000ac444.
Error - 16.05.2010 08:39:12 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oblivion.exe, Version 1.2.0.214, fehlgeschlagenes
Modul oblivion.exe, Version 1.2.0.214, Fehleradresse 0x000cee5b.
Error - 16.05.2010 10:20:22 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung oblivion.exe, Version 1.2.0.214, fehlgeschlagenes
Modul oblivion.exe, Version 1.2.0.214, Fehleradresse 0x004ab2b8.
Error - 16.05.2010 11:21:40 | Computer Name = PROGAMER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 1.0.5.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 23.05.2010 21:14:14 | Computer Name = PROGAMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung javaw.exe, Version 6.0.200.2, fehlgeschlagenes
Modul java.dll, Version 6.0.200.2, Fehleradresse 0x00005875.
[ System Events ]
Error - 20.06.2010 04:22:17 | Computer Name = PROGAMER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit
folgendem dienstspezifischem Fehler beendet: 2147942402 (0x80070002).
Error - 20.06.2010 04:22:47 | Computer Name = PROGAMER | Source = DCOM | ID = 10010
Description = Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 20.06.2010 04:22:47 | Computer Name = PROGAMER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit
folgendem dienstspezifischem Fehler beendet: 2147942402 (0x80070002).
Error - 20.06.2010 04:23:17 | Computer Name = PROGAMER | Source = DCOM | ID = 10010
Description = Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 20.06.2010 04:23:19 | Computer Name = PROGAMER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit
folgendem dienstspezifischem Fehler beendet: 2147942402 (0x80070002).
Error - 20.06.2010 04:23:49 | Computer Name = PROGAMER | Source = DCOM | ID = 10010
Description = Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 20.06.2010 04:23:49 | Computer Name = PROGAMER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit
folgendem dienstspezifischem Fehler beendet: 2147942402 (0x80070002).
Error - 20.06.2010 04:24:19 | Computer Name = PROGAMER | Source = DCOM | ID = 10010
Description = Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 20.06.2010 04:24:19 | Computer Name = PROGAMER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit
folgendem dienstspezifischem Fehler beendet: 2147942402 (0x80070002).
Error - 20.06.2010 04:24:49 | Computer Name = PROGAMER | Source = DCOM | ID = 10010
Description = Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
|
|
20.06.2010, 15:20
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung Sieht rel. unauffällig aus, aber ich würde mal einen Durchgang mit CF vorschlagen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.06.2010, 16:38
| #5 |
| | Beim öffnen von Programmen Keine Rückmeldung Ich hab nen problem ich soll ja Antivir schließen nur das geht irgendwie nich hab den Regenschirm nich im tray und kann es auch nicht ueber den Task-Manager schließen kommt immer die Meldung: Der Vorgang konnte nicht beendet werden Zugriff verweigert. |
|
20.06.2010, 16:59
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung Notfalls AntiVir deinstallieren!
__________________ --> Beim öffnen von Programmen Keine Rückmeldung |
|
20.06.2010, 17:49
| #7 |
| | Beim öffnen von Programmen Keine Rückmeldung so hier der log von ComboFix Code:
ATTFilter ComboFix 10-06-19.04 - Admin 20.06.2010 18:22:37.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3582.3202 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\cofi.exe
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\win32ini
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
.
((((((((((((((((((((((( Dateien erstellt von 2010-05-20 bis 2010-06-20 ))))))))))))))))))))))))))))))
.
2010-06-19 14:40 . 2010-06-19 14:40 -------- d-----w- C:\rsit
2010-06-19 14:40 . 2010-06-19 14:40 -------- d-----w- c:\programme\trend micro
2010-06-19 03:16 . 2010-06-19 03:16 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Malwarebytes
2010-06-19 03:11 . 2010-04-29 10:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-19 03:11 . 2010-06-19 03:11 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-06-19 03:10 . 2010-04-29 10:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-19 03:10 . 2010-06-19 03:13 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2010-06-19 02:24 . 2010-06-19 02:24 -------- d-----w- c:\programme\Defraggler
2010-06-19 01:45 . 2010-06-19 01:45 -------- d-----w- c:\programme\CCleaner
2010-06-18 01:35 . 2010-06-18 01:35 -------- d-----w- C:\Advanced Wheel Mouse
2010-06-18 01:35 . 2010-06-18 01:35 49152 ----a-r- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\UNINST_Uninstall_G_ABF4E3362B5B45E69A52EEAF1C98F172.exe
2010-06-18 01:35 . 2010-06-18 01:35 45056 ----a-r- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\GM_M8000.exe21_45643C25457B4883B78E9444882502AA.exe
2010-06-18 01:35 . 2010-06-18 01:35 45056 ----a-r- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\GM_M8000.exe2_186D725B72104964BD040EE7DD661C21.exe
2010-06-18 01:35 . 2010-06-18 01:35 45056 ----a-r- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Microsoft\Installer\{B3EE9807-E29C-4DCF-BF08-A658DB708B99}\ARPPRODUCTICON.exe
2010-06-18 01:34 . 2010-06-18 01:34 -------- d-----w- c:\programme\GIGABYTE
2010-06-16 23:04 . 2010-06-16 23:04 -------- d--h--w- c:\windows\PIF
2010-06-16 22:49 . 2010-06-16 22:49 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\MAGIX
2010-06-16 22:48 . 2008-04-04 16:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys
2010-06-16 22:46 . 2010-06-16 23:21 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\MAGIX
2010-06-16 22:45 . 2010-06-16 23:21 -------- d-----w- c:\programme\MAGIX
2010-06-16 22:45 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-06-16 22:38 . 2010-06-16 22:38 -------- d-----w- c:\programme\Gemeinsame Dateien\MAGIX Services
2010-06-16 22:37 . 2010-06-16 22:37 217180 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-06-16 22:36 . 2010-06-16 22:37 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-06-16 22:36 . 2010-06-16 22:36 217180 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-06-15 23:42 . 2001-08-18 02:54 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-06-15 23:42 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-06-15 23:42 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-06-15 23:41 . 2008-04-14 02:22 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-06-12 22:56 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-12 22:56 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-12 22:56 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-06-12 22:55 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-06-12 22:55 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-06-12 22:55 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-06-12 22:55 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-06-12 22:55 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-06-12 22:55 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-06-12 22:55 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-06-12 22:55 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-06-12 22:55 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-06-12 22:51 . 2010-06-12 22:51 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
2010-06-12 22:51 . 2010-06-12 22:51 -------- d-----w- c:\dokumente und einstellungen\Administrator\Startmenü
2010-06-12 22:51 . 2010-06-12 22:51 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten
2010-06-12 22:51 . 2010-06-12 22:51 -------- d-----w- c:\dokumente und einstellungen\Administrator
2010-06-12 22:51 . 2009-10-13 01:04 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft Help
2010-06-12 22:51 . 2009-10-13 01:04 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen
2010-06-12 19:38 . 2010-06-12 19:38 56765 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-06-12 19:37 . 2010-06-12 19:37 56997 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\WebPlayer\Uninstaller.exe
2010-06-12 19:37 . 2010-06-12 19:37 53600 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Update\Uninstaller.exe
2010-06-12 19:37 . 2010-06-12 19:37 57715 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Player\Uninstaller.exe
2010-06-12 19:36 . 2010-06-12 19:36 84062 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\TransferWizard\Uninstaller.exe
2010-06-12 19:36 . 2010-06-12 19:36 57054 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-12 19:36 . 2010-06-12 19:36 57532 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DSASPDecoder\Uninstaller.exe
2010-06-12 19:36 . 2010-06-12 19:36 54166 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 56458 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 54174 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DSAACDecoder\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 54153 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\DFXPlugin\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 54128 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Converter\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 54644 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\TranscodeEngine\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 56969 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\ASPEncoder\Uninstaller.exe
2010-06-12 19:35 . 2010-06-12 19:35 54101 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-12 19:33 . 2010-06-12 19:33 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-06-12 19:20 . 2001-08-17 10:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-06-12 19:20 . 2001-08-17 10:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-06-12 19:20 . 2008-04-13 18:40 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
2010-06-12 19:20 . 2008-04-13 18:40 5376 ----a-w- c:\windows\system32\drivers\viaide.sys
2010-06-04 12:36 . 2010-06-07 23:57 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-04 12:36 . 2010-06-07 23:57 4554752 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-04 12:36 . 2010-06-07 23:57 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-04 12:36 . 2010-06-07 23:57 232040 ----a-w- c:\windows\system32\nvcodins.dll
2010-06-04 12:36 . 2010-06-07 23:57 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-04 12:36 . 2010-06-07 23:57 2165352 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-04 12:36 . 2010-06-07 23:57 15192064 ----a-w- c:\windows\system32\nvoglnt.dll
2010-06-04 12:36 . 2010-06-07 23:57 1359872 ----a-w- c:\windows\system32\nvapi.dll
2010-06-04 12:36 . 2010-06-07 23:57 10256384 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-04 12:36 . 2010-06-07 23:57 2186342 ----a-w- c:\windows\system32\nvdata.bin
2010-06-04 12:29 . 2010-06-04 12:29 2288640 ----a-w- c:\windows\system32\TUKernel.exe
2010-06-04 11:55 . 2010-06-13 07:23 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-25 14:57 . 2009-02-17 18:34 112640 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-05-25 14:57 . 2008-12-30 09:55 102656 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2010-05-25 14:57 . 2008-12-13 09:26 102400 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-05-25 14:57 . 2008-04-14 07:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-05-25 14:57 . 2007-08-09 02:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-05-25 14:57 . 2010-05-25 14:58 -------- d-----w- c:\programme\Mobile Partner
2010-05-22 17:37 . 2010-05-22 17:37 -------- d-----w- C:\Mozilla Firefox
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-20 14:56 . 2010-05-10 15:09 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\vlc
2010-06-20 00:48 . 2009-05-19 18:34 69160 ----a-w- c:\dokumente und einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-06-19 01:52 . 2009-12-27 10:28 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Media Player Classic
2010-06-19 01:32 . 2010-03-19 20:16 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software
2010-06-19 01:22 . 2009-07-31 13:08 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-06-19 00:38 . 2009-07-18 00:23 -------- d-----w- c:\programme\VstPlugins
2010-06-19 00:35 . 2009-12-28 12:00 -------- d-----w- c:\programme\Elaborate Bytes
2010-06-17 14:33 . 2010-01-22 18:15 -------- d-----w- c:\programme\TeamSpeak 3 Client
2010-06-16 23:19 . 2009-05-23 01:13 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2010-06-16 23:14 . 2010-05-15 11:24 -------- d-----w- c:\programme\Gemeinsame Dateien\Akamai
2010-06-16 22:38 . 2010-03-19 19:51 -------- d-----w- c:\programme\NVIDIA Corporation
2010-06-14 16:23 . 2009-06-25 14:31 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\DivX
2010-06-12 19:38 . 2010-04-18 05:02 57344 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-12 19:38 . 2010-04-18 03:39 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX
2010-06-12 19:38 . 2009-05-19 21:26 -------- d-----w- c:\programme\Gemeinsame Dateien\DivX Shared
2010-06-12 19:38 . 2009-06-19 21:58 -------- d-----w- c:\programme\DivX
2010-06-12 19:34 . 2010-04-18 03:41 1062184 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Setup\Resource.dll
2010-06-12 19:34 . 2010-04-18 03:41 895256 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Setup\DivXSetup.exe
2010-06-07 23:57 . 2009-05-19 18:27 600680 ----a-w- c:\windows\system32\nvudisp.exe
2010-06-07 23:57 . 2007-06-28 16:43 6300544 ----a-w- c:\windows\system32\nv4_disp.dll
2010-06-07 23:57 . 2007-06-28 16:43 10531200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-06-07 20:39 . 2010-02-26 06:04 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\dvdcss
2010-06-04 12:35 . 2009-05-19 18:20 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-06-04 12:28 . 2010-03-21 02:34 5595136 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe
2010-05-30 09:50 . 2010-04-16 14:10 -------- d-----w- c:\programme\Gemeinsame Dateien\Wise Installation Wizard
2010-05-30 09:50 . 2010-04-16 14:11 -------- d-----w- c:\programme\AGEIA Technologies
2010-05-30 09:49 . 2010-04-16 13:40 -------- d-----w- c:\programme\Gemeinsame Dateien\BioWare
2010-05-28 15:39 . 2009-05-22 20:22 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-28 15:39 . 2009-05-22 20:22 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-28 10:58 . 2009-05-19 18:25 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-05-26 20:27 . 2009-08-28 17:35 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Hamachi
2010-05-25 16:40 . 2006-02-28 12:00 79882 ----a-w- c:\windows\system32\perfc007.dat
2010-05-25 16:40 . 2006-02-28 12:00 448806 ----a-w- c:\windows\system32\perfh007.dat
2010-05-10 01:40 . 2010-05-10 01:40 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Trymedia
2010-05-10 01:30 . 2010-05-10 01:30 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\InstallShield
2010-05-10 01:26 . 2009-05-19 18:20 -------- d-----w- c:\programme\Gemeinsame Dateien\InstallShield
2010-05-09 23:02 . 2010-05-09 23:02 -------- d-----w- c:\programme\Pando Networks
2010-05-09 08:38 . 2010-05-09 08:38 57409 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\ControlPanel\Uninstaller.exe
2010-05-08 00:36 . 2010-05-02 16:50 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\VMLoad
2010-05-07 13:08 . 2009-05-19 20:19 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-05-07 13:08 . 2009-05-19 20:19 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-05-07 13:08 . 2009-05-19 20:19 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-05-02 16:50 . 2010-05-02 16:50 -------- d-----w- c:\programme\VMLoad
2010-04-27 18:40 . 2009-05-19 21:26 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2009-05-19 21:26 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2009-05-19 21:26 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-04-27 18:40 . 2009-05-19 21:26 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-27 18:40 . 2009-05-19 21:26 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2009-05-19 21:26 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-23 13:42 . 2010-04-23 13:42 -------- d-----w- c:\programme\VID_1A34&PID_0802
2010-04-18 03:41 . 2010-04-18 03:41 52963 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-18 03:41 . 2010-04-18 03:41 54073 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\Qt4.5\Uninstaller.exe
2010-04-16 13:40 . 2010-04-16 13:40 503808 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-788a8b79-n\msvcp71.dll
2010-04-16 13:40 . 2010-04-16 13:40 499712 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-788a8b79-n\jmc.dll
2010-04-16 13:40 . 2010-04-16 13:40 348160 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-788a8b79-n\msvcr71.dll
2010-04-16 13:40 . 2010-04-16 13:40 61440 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-52d3f7a7-n\decora-sse.dll
2010-04-16 13:40 . 2010-04-16 13:40 12800 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-52d3f7a7-n\decora-d3d.dll
2010-04-12 15:29 . 2010-04-16 13:40 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-04 18:41 . 2009-05-22 20:29 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-04-03 23:52 . 2009-08-12 19:04 29803 ----a-w- c:\windows\DIIUnin.dat
2010-04-01 09:00 . 2010-04-01 09:00 41984 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\VMLoad\VMLoad.exe
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-10-08 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\ICQ6.5\\ICQ.exe"=
"e:\\Steam\\steamapps\\chester017\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Steam\\steamapps\\chester017\\team fortress 2\\hl2.exe"=
"e:\\Warcraft III\\War3.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Programme\\Vuze\\Azureus.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Steam\\steamapps\\chester017\\half-life 2\\hl2.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programme\\Xfire\\Xfire.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\Steam\\steamapps\\chester017\\condition zero\\hl.exe"=
"c:\\Programme\\Opera\\opera.exe"=
"e:\\Steam\\steamapps\\common\\shattered_horizon\\client_exe\\shattered_horizon.exe"=
"c:\\Programme\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Dokumente und Einstellungen\\Admin\\Anwendungsdaten\\VMLoad\\VMLoad.exe"=
"c:\\Dokumente und Einstellungen\\Admin\\Anwendungsdaten\\VMLoad\\VMLoad.jar"=
"c:\\Dokumente und Einstellungen\\Admin\\Anwendungsdaten\\VMLoad\\VMLoadUpdater.jar"=
"c:\\Programme\\Java\\jre6\\launch4j-tmp\\VMLoad.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"e:\\Steam\\steamapps\\chester017\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1038:TCP"= 1038:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [25.01.2007 17:45 6784]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.08.2009 20:19 691696]
S2 gupdate1c9f463bd3facba;Google Update Service (gupdate1c9f463bd3facba);c:\programme\Google\Update\GoogleUpdate.exe [24.06.2009 02:35 133104]
S3 cel90xbe;cel90xbe;\??\c:\dokume~1\Admin\LOKALE~1\Temp\cel90xbe.sys --> c:\dokume~1\Admin\LOKALE~1\Temp\cel90xbe.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;f:\dragon age\bin_ship\DAUpdaterSvc.Service.exe --> f:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [02.08.2005 23:10 32512]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [19.05.2009 20:30 19020]
S3 XDva347;XDva347;\??\c:\windows\system32\XDva347.sys --> c:\windows\system32\XDva347.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhalt des "geplante Tasks" Ordners
2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-06-24 00:35]
2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-06-24 00:35]
2010-06-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1085031214-725345543-1003.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-06-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1085031214-725345543-1003.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.weareone.fm/google
mStart Page = hxxp://www.alice-dsl.de
mWindow Title =
uInternet Settings,ProxyServer = 127.0.0.1:8080
uInternet Settings,ProxyOverride = local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
Trusted Zone: moove.com
FF - ProfilePath - c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT273466&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - FearFM Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - component: c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions\{bab31fc4-cb97-46f4-9565-26d65225cc2c}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\lgnv1668.default\extensions\{bab31fc4-cb97-46f4-9565-26d65225cc2c}\components\RadioWMPCore.dll
FF - component: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\programme\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\programme\Opera\program\plugins\np_gp.dll
FF - plugin: c:\programme\Opera\program\plugins\np_gp.dll
FF - plugin: c:\programme\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\programme\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\programme\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\programme\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
ActiveSetup-{CFC5AF4C-7AAC-44A7-E954-83F851F264D7} - c:\windows\system32\win32inni\svchost.exe
ActiveSetup-{F8EB32EB-FEDC-0845-B321-42C0B7AB91E8} - c:\windows\system32\win32ini\svchost.exe
AddRemove-DivX Plus DirectShow Filters - f:\divx\DivXDSFiltersUninstall.exe
AddRemove-PokerStars.net - f:\neuer ordner (3)\PokerStarsUninstall.exe
AddRemove-SeriousSam2 - f:\serius\Serious Sam 2\Bin\Uninstall.exe
AddRemove-Sniper2005_is1 - f:\sniper\unins000.exe
AddRemove-sniper_de_is1 - f:\sniper - art of victory\unins000.exe
AddRemove-XnView_is1 - f:\xnview\unins000.exe
AddRemove-{6E298B0A-558C-4138-0096-740677B382CD} - f:\hdrr\EAUninstall.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - f:\divx\DivXConverterUninstall.exe
AddRemove-{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF} - f:\nfsmw\EAUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - f:\divx\DivXConverterUninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-06-20 18:28
Windows 5.1.2600 Service Pack 3 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-515967899-1085031214-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:79,dd,f2,7f,7b,96,42,82,40,25,60,58,bc,9d,22,6b,78,cc,07,d3,30,36,75,
20,e4,6e,26,7c,21,56,5c,3e,74,47,e2,71,48,28,1d,1a,b7,00,39,d4,f1,87,64,18,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
[HKEY_USERS\S-1-5-21-515967899-1085031214-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:9a,97,c3,e3,da,83,3d,77,01,25,6d,25,ae,90,c6,72,e8,65,10,61,8e,
e8,de,47,e3,46,e7,e9,79,54,49,78,8c,e4,5f,59,9c,9a,37,cf,41,6f,91,0b,6b,67,\
"rkeysecu"=hex:12,8b,b8,56,3f,aa,a4,f2,85,c8,ba,a5,d3,e6,83,1e
.
Zeit der Fertigstellung: 2010-06-20 18:32:25
ComboFix-quarantined-files.txt 2010-06-20 16:32
Vor Suchlauf: 16 Verzeichnis(se), 12.780.199.936 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 12.770.897.920 Bytes frei
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=ZKBEVM /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=ZKBEVM-BAK
- - End Of File - - 4DCF92237BBBB004A8A22730AEE23E83
was ja auch richtig ist allerding kam beim neustarten die meldung von Windows: Wegen Hardware änderung muß Windows erneut Aktiviert werden jetzt wollte ich wissen ist das Normal ?? Da ich keine Hardware änderung vor genommen habe. So dann noch ne Frage soll ich Avira Antivir wieder installieren oder koennt ihr mir ein besseres programm nennen Ich danke schon mal im vorraus. |
|
20.06.2010, 18:35
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung Virenscanner kannst Du später installieren. Muss auch nicht unbedingt AntiVir sein. Du kannst auch für den reinen privaten Einsatz AVG Free oder Avast nutzen. Bitte mal den Avenger anwenden: 1.) Lade Dir von hier Avenger: Swandog46's Public Anti-Malware Tools (Download, linksseitig) 2.) Entpack das zip-Archiv, führe die Datei "avenger.exe" aus (unter Vista per Rechtsklick => als Administrator ausführen). Die Haken unten wie abgebildet setzen:  3.) Kopiere Dir exakt die Zeilen aus dem folgenden Code-Feld: Code:
ATTFilter Fils to delete:
c:\dokume~1\Admin\LOKALE~1\Temp\cel90xbe.sys
Drivers to delete:
cel90xbe
5.) Der Code-Text hier aus meinem Beitrag müsste nun unter "Input Script here" in "The Avenger" zu sehen sein. 6.) Falls dem so ist, klick unten rechts auf "Execute". Bestätige die nächste Abfrage mit "Ja", die Frage zu "Reboot now" (Neustart des Systems) ebenso. 7.) Nach dem Neustart erhältst Du ein LogFile von Avenger eingeblendet. Kopiere dessen Inhalt und poste ihn hier. 8.) Die Datei c:\avenger\backup.zip bei File-Upload.net hochladen und hier verlinken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.06.2010, 19:23
| #9 |
| | Beim öffnen von Programmen Keine Rückmeldung Das geht nicht es kommt diese Fehler Meldung:  |
|
20.06.2010, 19:34
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung Ups, ein Fipptehler  Nimm diesen Text  Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.06.2010, 20:26
| #11 |
| | Beim öffnen von Programmen Keine Rückmeldung So da bin ich wieder mal ne frage wie oft startet der den PC neu ?? Ist das normal das der 20 mal neustartet und das der Lade Bildschirm jedesmal 3-6minuten am laden ist ? und hier der LOG Code:
ATTFilter //////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 3)
Sun Jun 20 20:13:04 2010
20:13:04: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 3)
Sun Jun 20 20:27:37 2010
20:27:37: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 3)
Sun Jun 20 20:27:51 2010
20:27:51: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
|
|
20.06.2010, 20:51
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung hast Du den text 1:1 übernommen? Sieht nicht danach aus...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.06.2010, 22:32
| #13 |
| | Beim öffnen von Programmen Keine Rückmeldung ja mit STRG+A markiert und dann STRG+C kopiert und mit STRG+V eingefuegt |
|
21.06.2010, 22:38
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim öffnen von Programmen Keine Rückmeldung Probiers bitte nochmal aus.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.06.2010, 14:30
| #15 |
| | Beim öffnen von Programmen Keine Rückmeldung Hab noch was vielleicht von bedeutung sein koennte, nach dem ich The Avenger ausfuerte. Konnte den PC nur starten in dem ich "Letzte als bekannte Windows Funktion ausfuerte". |
|
| Themen zu Beim öffnen von Programmen Keine Rückmeldung |
| 5 minuten, absturz, antivir, antivir guard, ask toolbar, askbar, avgntflt.sys, avira, bho, bluescree, broken.opencommand, browser, browseui preloader, c:\windows\system32\rundll32.exe, call of duty, converter, counter-strike source, desktop, diagnostics, email, firefox, firefox.exe, flash player, fontcache, google, gupdate, helper, hijack, hijackthis, install.exe, internet browser, keine rückmeldung, logfile, malwarebytes' anti-malware, mmc.exe, mp3, msiexec, msiexec.exe, office 2007, opera.exe, pc absturz, pc langsam, problem, realtek, skype.exe, software, system, teamspeak, updates, windows, windows xp |
Linear-Darstellung
