Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
.Exe lädt ewig :/

.Exe lädt ewig :/


Log-Analyse und Auswertung: .Exe lädt ewig :/

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 29.06.2010, 11:27   #1
HighLight
 
.Exe lädt ewig :/ - Ausrufezeichen

.Exe lädt ewig :/


Hi,
ich habe folgendes problem. Seit dem ich Windows 7 benutze, kann ich keine .exe mehr ausführen. Es lädt ewig udn wenn ich den Desktop anklicke stürzt sozusagen der Desktop ab...
Wollte jetzt das spiel Cabal (online mmorpg) installieren aber die exe lädt ewig und ich kann nichts machen.. Helft mir bitte!

Alt 29.06.2010, 11:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
.Exe lädt ewig :/ - Standard

.Exe lädt ewig :/


Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 29.06.2010, 16:43   #3
HighLight
 
.Exe lädt ewig :/ - Standard

.Exe lädt ewig :/


Hier der Bericht von Malwarebytes:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4253

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29.06.2010 17:42:13
mbam-log-2010-06-29 (17-42-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Durchsuchte Objekte: 292593
Laufzeit: 1 Stunde(n), 47 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\$Recycle.Bin\S-1-5-21-2870089509-1740805688-74480012-1001\$RBM0JY1.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Metin2 Ordner\Metin2_07\M2 MultiversionHack by banjo1 v3.91.exe (Trojan.Swizyn) -> Quarantined and deleted successfully.
C:\Projekt_Metin3\Metin3_Backup\M2 MultiversionHack by banjo1 v3.91.exe (Trojan.Swizyn) -> Quarantined and deleted successfully.
C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Users\Sascha\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
OLT:

Code:
ATTFilter
OTL logfile created on: 29.06.2010 17:50:05 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Sascha\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151.27 Gb Total Space | 84.49 Gb Free Space | 55.85% Space Free | Partition Type: NTFS
Drive D: | 314.39 Gb Total Space | 292.78 Gb Free Space | 93.13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 952.19 Mb Total Space | 752.11 Mb Free Space | 78.99% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: PC
Current User Name: Sascha
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sascha\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe ()
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Programme\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Sascha\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\rswin_3725.dll ()
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe ()
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (mi-raysat_3dsmax2010_32) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek                                            )
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 39 3C 7A 5A E7 E9 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.29 17:48:28 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Sascha\Desktop\OTL.exe
[2010.06.29 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Malwarebytes
[2010.06.29 15:48:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.29 15:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.29 15:48:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.29 15:48:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.29 15:45:26 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sascha\Desktop\mbam-setup.exe
[2010.06.29 03:33:34 | 000,000,000 | ---D | C] -- C:\Projekt_Metin3
[2010.06.29 03:27:09 | 000,000,000 | ---D | C] -- C:\Modding
[2010.06.29 03:17:36 | 000,000,000 | ---D | C] -- C:\Metin2 Ordner
[2010.06.29 02:02:20 | 889,375,638 | ---- | C] (Gameforge 4D GmbH                                           ) -- C:\Users\Sascha\Desktop\CABAL_DE_20091208.exe
[2010.06.27 22:00:48 | 000,000,000 | ---D | C] -- C:\root
[2010.06.27 18:07:01 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2010.06.27 18:06:59 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.06.27 18:06:27 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.06.27 18:06:25 | 000,000,000 | ---D | C] -- C:\Programme\Softonic-Eng7
[2010.06.25 23:37:57 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.06.25 20:49:15 | 459,065,269 | ---- | C] (Z8Games.com                                                 ) -- C:\Users\Sascha\Desktop\CrossFire_Setup_v1045.exe
[2010.06.24 03:01:06 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 03:01:06 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 03:01:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 22:35:43 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.06.23 22:35:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.06.23 22:35:41 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.06.23 22:35:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.06.20 19:54:46 | 000,000,000 | ---D | C] -- C:\Programme\Screaming Bee
[2010.06.20 19:43:05 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Avnex
[2010.06.20 19:41:56 | 000,000,000 | ---D | C] -- C:\Programme\AV Vcs 7.0 DIAMOND
[2010.06.20 02:49:06 | 000,000,000 | ---D | C] -- C:\Users\Sascha\Desktop\EasyMetin2_de_ - Kopie
[2010.06.11 12:17:17 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.06.11 12:17:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.11 12:17:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.11 12:17:12 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.11 12:17:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.11 12:17:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.11 12:17:06 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.11 12:17:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.09 15:19:11 | 000,000,000 | ---D | C] -- C:\Programme\RadioBar
[2010.06.04 21:37:41 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\teamspeak2
[2010.06.04 21:37:37 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.06.04 21:37:23 | 000,000,000 | ---D | C] -- C:\Programme\Teamspeak2_RC2
[2010.06.03 02:05:28 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.05.30 20:01:04 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Screaming Bee
[2010.05.30 19:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.29 18:09:14 | 002,883,584 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat
[2010.06.29 17:54:12 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.29 17:54:12 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.29 17:48:48 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sascha\Desktop\OTL.exe
[2010.06.29 17:45:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.29 17:45:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.29 17:45:17 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.29 17:44:38 | 007,499,598 | -H-- | M] () -- C:\Users\Sascha\AppData\Local\IconCache.db
[2010.06.29 15:48:40 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.29 15:45:34 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sascha\Desktop\mbam-setup.exe
[2010.06.29 03:01:41 | 889,375,638 | ---- | M] (Gameforge 4D GmbH                                           ) -- C:\Users\Sascha\Desktop\CABAL_DE_20091208.exe
[2010.06.27 18:16:54 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.06.25 23:38:15 | 001,510,228 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.25 23:38:15 | 000,650,340 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.25 23:38:15 | 000,611,672 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.25 23:38:15 | 000,129,358 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.25 23:38:15 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.25 20:49:53 | 459,065,269 | ---- | M] (Z8Games.com                                                 ) -- C:\Users\Sascha\Desktop\CrossFire_Setup_v1045.exe
[2010.06.24 03:16:31 | 000,524,288 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000002.regtrans-ms
[2010.06.24 03:16:31 | 000,524,288 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000001.regtrans-ms
[2010.06.24 03:16:31 | 000,065,536 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TM.blf
[2010.06.21 00:06:47 | 000,036,950 | ---- | M] () -- C:\Users\Sascha\Desktop\boni.png
[2010.06.20 19:54:49 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk
[2010.06.19 13:05:15 | 000,000,531 | ---- | M] () -- C:\Users\Public\Desktop\3ds max 7.lnk
[2010.06.14 14:48:48 | 000,019,040 | -HS- | M] () -- C:\Users\Sascha\Desktop\Folder.jpg
[2010.06.14 14:48:48 | 000,004,791 | -HS- | M] () -- C:\Users\Sascha\Desktop\AlbumArtSmall.jpg
[2010.06.12 11:41:47 | 002,194,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.04 21:37:37 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.06.03 02:07:10 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.01 19:37:48 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2010.06.29 15:48:40 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.27 18:07:00 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.06.21 22:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000002.regtrans-ms
[2010.06.21 22:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000001.regtrans-ms
[2010.06.21 22:36:49 | 000,065,536 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TM.blf
[2010.06.20 19:54:49 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk
[2010.06.19 13:05:15 | 000,000,531 | ---- | C] () -- C:\Users\Public\Desktop\3ds max 7.lnk
[2010.06.14 14:47:55 | 000,019,040 | -HS- | C] () -- C:\Users\Sascha\Desktop\Folder.jpg
[2010.06.14 14:47:55 | 000,004,791 | -HS- | C] () -- C:\Users\Sascha\Desktop\AlbumArtSmall.jpg
[2010.06.03 02:07:10 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.03 20:53:23 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2010.05.02 14:48:54 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
< End of report >
Extras Datei:

Code:
ATTFilter
OTL Extras logfile created on: 29.06.2010 17:50:05 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Sascha\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151.27 Gb Total Space | 84.49 Gb Free Space | 55.85% Space Free | Partition Type: NTFS
Drive D: | 314.39 Gb Total Space | 292.78 Gb Free Space | 93.13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 952.19 Mb Total Space | 752.11 Mb Free Space | 78.99% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: PC
Current User Name: Sascha
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F92AB933-9FE7-4335-92BD-D1C3BA27613C}" = 3ds max 7
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"FileZilla Client" = FileZilla Client 3.3.2.1
"Fraps" = Fraps (remove only)
"FrostWire" = FrostWire 4.20.1
"Granny Viewer_is1" = Granny Viewer 2.8.35.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.0
"RadioBar" = RadioBar Toolbar
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MT2Connect" = MT2Connect
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 22.06.2010 17:51:22 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: metin2client.bin, Version: 0.0.0.0,
 Zeitstempel: 0x4bdac5a2  Name des fehlerhaften Moduls: Adapter.dll, Version: 1.0.0.1,
 Zeitstempel: 0x4c0f66c9  Ausnahmecode: 0x40000015  Fehleroffset: 0x000a59c0  ID des fehlerhaften
 Prozesses: 0x11ec  Startzeit der fehlerhaften Anwendung: 0x01cb1253e2707579  Pfad der
 fehlerhaften Anwendung: C:\Users\Sascha\Desktop\Metin2 DE\metin2client.bin  Pfad 
des fehlerhaften Moduls: C:\Users\Sascha\Desktop\EasyMetin2_de_ - Kopie\Adapter.dll
Berichtskennung:
 4b51b2c1-7e48-11df-a4b7-001d607b2878
 
Error - 22.06.2010 18:36:39 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: metin2client.bin, Version: 0.0.0.0,
 Zeitstempel: 0x4bdac5a2  Name des fehlerhaften Moduls: Adapter.dll, Version: 1.0.0.1,
 Zeitstempel: 0x4c0f66c9  Ausnahmecode: 0x40000015  Fehleroffset: 0x000a59c0  ID des fehlerhaften
 Prozesses: 0x1e58  Startzeit der fehlerhaften Anwendung: 0x01cb125514d25b9e  Pfad der
 fehlerhaften Anwendung: C:\Users\Sascha\Desktop\Metin2 DE\metin2client.bin  Pfad 
des fehlerhaften Moduls: C:\Users\Sascha\Desktop\EasyMetin2_de_ - Kopie\Adapter.dll
Berichtskennung:
 9ebdc011-7e4e-11df-a4b7-001d607b2878
 
Error - 23.06.2010 21:39:15 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 25.06.2010 07:06:17 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 28.06.2010 21:14:51 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 5dc    Startzeit: 01cb17274465ccfb    Endzeit: 60000    Anwendungspfad:
 C:\Windows\Explorer.EXE    Berichts-ID: 8696358c-831b-11df-b581-001d607b2878  
 
Error - 28.06.2010 22:40:44 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 29.06.2010 06:14:19 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: bcc    Startzeit: 01cb172a14864dec    Endzeit: 68    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: 10ef0336-8367-11df-b581-001d607b2878  
 
Error - 29.06.2010 09:46:55 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 159c    Startzeit: 01cb1773d68ae93a    Endzeit: 95    Anwendungspfad:
 C:\Windows\explorer.exe    Berichts-ID: c49eff07-8384-11df-b581-001d607b2878  
 
Error - 29.06.2010 09:59:45 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 4.2.0.163 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 500    Startzeit: 
01cb1790b80eb349    Endzeit: 446    Anwendungspfad: C:\Program Files\Skype\Phone\Skype.exe

Berichts-ID:
 6aba9cf6-8386-11df-b581-001d607b2878  
 
Error - 29.06.2010 11:47:31 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 948    Startzeit: 01cb17a21b5fe1c2    Endzeit: 47    Anwendungspfad: 
C:\Windows\Explorer.EXE    Berichts-ID: 9d3deb9a-8395-11df-8ce2-001d607b2878  
 
[ System Events ]
Error - 27.06.2010 12:10:30 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 28.06.2010 21:12:43 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 28.06.2010 21:24:36 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 28.06.2010 21:54:08 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 29.06.2010 01:28:56 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 29.06.2010 01:37:26 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 29.06.2010 09:57:00 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 29.06.2010 10:03:00 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
Error - 29.06.2010 10:03:23 | Computer Name = PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.06.2010 12:06:03 | Computer Name = PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%861-Echtzeitschutzfunktion.     Funktion: %%834     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%838
 
 
< End of report >
OTL Datei:

Code:
ATTFilter
OTL logfile created on: 29.06.2010 17:50:05 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Sascha\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151.27 Gb Total Space | 84.49 Gb Free Space | 55.85% Space Free | Partition Type: NTFS
Drive D: | 314.39 Gb Total Space | 292.78 Gb Free Space | 93.13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 952.19 Mb Total Space | 752.11 Mb Free Space | 78.99% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: PC
Current User Name: Sascha
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sascha\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe ()
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Programme\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Sascha\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\rswin_3725.dll ()
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe ()
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (mi-raysat_3dsmax2010_32) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek                                            )
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 39 3C 7A 5A E7 E9 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Programme\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Programme\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.29 17:48:28 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Sascha\Desktop\OTL.exe
[2010.06.29 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Malwarebytes
[2010.06.29 15:48:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.29 15:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.29 15:48:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.29 15:48:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.29 15:45:26 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Sascha\Desktop\mbam-setup.exe
[2010.06.29 03:33:34 | 000,000,000 | ---D | C] -- C:\Projekt_Metin3
[2010.06.29 03:27:09 | 000,000,000 | ---D | C] -- C:\Modding
[2010.06.29 03:17:36 | 000,000,000 | ---D | C] -- C:\Metin2 Ordner
[2010.06.29 02:02:20 | 889,375,638 | ---- | C] (Gameforge 4D GmbH                                           ) -- C:\Users\Sascha\Desktop\CABAL_DE_20091208.exe
[2010.06.27 22:00:48 | 000,000,000 | ---D | C] -- C:\root
[2010.06.27 18:07:01 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2010.06.27 18:06:59 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.06.27 18:06:27 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.06.27 18:06:25 | 000,000,000 | ---D | C] -- C:\Programme\Softonic-Eng7
[2010.06.25 23:37:57 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.06.25 20:49:15 | 459,065,269 | ---- | C] (Z8Games.com                                                 ) -- C:\Users\Sascha\Desktop\CrossFire_Setup_v1045.exe
[2010.06.24 03:01:06 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 03:01:06 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 03:01:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 22:35:43 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.06.23 22:35:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.06.23 22:35:41 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.06.23 22:35:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.06.20 19:54:46 | 000,000,000 | ---D | C] -- C:\Programme\Screaming Bee
[2010.06.20 19:43:05 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Avnex
[2010.06.20 19:41:56 | 000,000,000 | ---D | C] -- C:\Programme\AV Vcs 7.0 DIAMOND
[2010.06.20 02:49:06 | 000,000,000 | ---D | C] -- C:\Users\Sascha\Desktop\EasyMetin2_de_ - Kopie
[2010.06.11 12:17:17 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.06.11 12:17:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.11 12:17:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.11 12:17:12 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.11 12:17:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.11 12:17:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.11 12:17:06 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.11 12:17:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.09 15:19:11 | 000,000,000 | ---D | C] -- C:\Programme\RadioBar
[2010.06.04 21:37:41 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\teamspeak2
[2010.06.04 21:37:37 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.06.04 21:37:23 | 000,000,000 | ---D | C] -- C:\Programme\Teamspeak2_RC2
[2010.06.03 02:05:28 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.05.30 20:01:04 | 000,000,000 | ---D | C] -- C:\Users\Sascha\AppData\Roaming\Screaming Bee
[2010.05.30 19:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.29 18:09:14 | 002,883,584 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat
[2010.06.29 17:54:12 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.29 17:54:12 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.29 17:48:48 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sascha\Desktop\OTL.exe
[2010.06.29 17:45:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.29 17:45:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.29 17:45:17 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.29 17:44:38 | 007,499,598 | -H-- | M] () -- C:\Users\Sascha\AppData\Local\IconCache.db
[2010.06.29 15:48:40 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.29 15:45:34 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Sascha\Desktop\mbam-setup.exe
[2010.06.29 03:01:41 | 889,375,638 | ---- | M] (Gameforge 4D GmbH                                           ) -- C:\Users\Sascha\Desktop\CABAL_DE_20091208.exe
[2010.06.27 18:16:54 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.06.25 23:38:15 | 001,510,228 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.25 23:38:15 | 000,650,340 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.25 23:38:15 | 000,611,672 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.25 23:38:15 | 000,129,358 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.25 23:38:15 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.25 20:49:53 | 459,065,269 | ---- | M] (Z8Games.com                                                 ) -- C:\Users\Sascha\Desktop\CrossFire_Setup_v1045.exe
[2010.06.24 03:16:31 | 000,524,288 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000002.regtrans-ms
[2010.06.24 03:16:31 | 000,524,288 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000001.regtrans-ms
[2010.06.24 03:16:31 | 000,065,536 | -HS- | M] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TM.blf
[2010.06.21 00:06:47 | 000,036,950 | ---- | M] () -- C:\Users\Sascha\Desktop\boni.png
[2010.06.20 19:54:49 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk
[2010.06.19 13:05:15 | 000,000,531 | ---- | M] () -- C:\Users\Public\Desktop\3ds max 7.lnk
[2010.06.14 14:48:48 | 000,019,040 | -HS- | M] () -- C:\Users\Sascha\Desktop\Folder.jpg
[2010.06.14 14:48:48 | 000,004,791 | -HS- | M] () -- C:\Users\Sascha\Desktop\AlbumArtSmall.jpg
[2010.06.12 11:41:47 | 002,194,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.04 21:37:37 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.06.03 02:07:10 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.06.01 19:37:48 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2010.06.29 15:48:40 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.27 18:07:00 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.06.21 22:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000002.regtrans-ms
[2010.06.21 22:36:49 | 000,524,288 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TMContainer00000000000000000001.regtrans-ms
[2010.06.21 22:36:49 | 000,065,536 | -HS- | C] () -- C:\Users\Sascha\ntuser.dat{208ff3ab-7d73-11df-b4b2-001d607b2878}.TM.blf
[2010.06.20 19:54:49 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk
[2010.06.19 13:05:15 | 000,000,531 | ---- | C] () -- C:\Users\Public\Desktop\3ds max 7.lnk
[2010.06.14 14:47:55 | 000,019,040 | -HS- | C] () -- C:\Users\Sascha\Desktop\Folder.jpg
[2010.06.14 14:47:55 | 000,004,791 | -HS- | C] () -- C:\Users\Sascha\Desktop\AlbumArtSmall.jpg
[2010.06.03 02:07:10 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.03 20:53:23 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2010.05.02 14:48:54 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
< End of report >
__________________
Geändert von HighLight (29.06.2010 um 17:29 Uhr)

Alt 29.06.2010, 23:11   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
.Exe lädt ewig :/ - Standard

.Exe lädt ewig :/


Zitat:
C:\Metin2 Ordner\Metin2_07\M2 MultiversionHack by banjo1 v3.91.exe (Trojan.Swizyn) -> Quarantined and deleted successfully.
C:\Projekt_Metin3\Metin3_Backup\M2 MultiversionHack by banjo1 v3.91.exe (Trojan.Swizyn) -> Quarantined and deleted successfully.
Wo hast Du diese dubiosen Hacks her??
Du weißt, dass man solche zweifelhafte Software max mit der Kneifzange anfässt?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu .Exe lädt ewig :/
desktop, folge, folgendes, helft, installiere, installieren, klicke, lädt, nichts, spiel, stürzt, windows, windows 7


« Nach Virusbefall (als Virenscanner getarnt) Ist mein PC wieder sauber? | Prozesse doppelt, PC sehr sehr langsam, hängt sich auf, noch zu retten? »


Ähnliche Themen: .Exe lädt ewig :/


  1. Windows lädt beim starten ewig das Internet/Virensoftware
    Plagegeister aller Art und deren Bekämpfung - 02.04.2015 (5)
  2. Mein Rechner macht Mätzchen (lädt ewig etc.)
    Log-Analyse und Auswertung - 21.10.2014 (7)
  3. Benutzerprofildienst lädt ewig
    Plagegeister aller Art und deren Bekämpfung - 28.07.2014 (7)
  4. Laptop braucht ewig zum starten, friert plötzlich ein, braucht für jede Aktion ewig
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (16)
  5. Displaybeleuchtung braucht ewig, bis sie anspringt
    Alles rund um Windows - 02.01.2014 (3)
  6. Lap Win7 braucht ewig zum Seitenaufbau
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (11)
  7. Pc startet nicht bzw. lädt ewig
    Alles rund um Windows - 08.08.2012 (1)
  8. Hochfahren dauert ewig
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (3)
  9. Mein PC lädt runter und lädt runter..
    Log-Analyse und Auswertung - 26.08.2010 (22)
  10. Taskleiste lädt ewig beim Start
    Alles rund um Windows - 01.05.2010 (3)
  11. désintoxiquai ewig in Autostart!?
    Plagegeister aller Art und deren Bekämpfung - 14.04.2009 (0)
  12. Ewig langes hochfahren
    Alles rund um Windows - 21.01.2009 (0)
  13. PC-Start dauert ewig
    Log-Analyse und Auswertung - 18.11.2008 (3)
  14. pc zickt rum... runterfahren dauert ewig, etc.
    Mülltonne - 02.11.2008 (0)
  15. Ewig langsamer Rechner
    Log-Analyse und Auswertung - 21.02.2008 (0)
  16. und ewig rollt die taschenlampe...
    Alles rund um Windows - 05.06.2007 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema .Exe lädt ewig :/ - Hi, ich habe folgendes problem. Seit dem ich Windows 7 benutze, kann ich keine .exe mehr ausführen. Es lädt ewig udn wenn ich den Desktop anklicke stürzt sozusagen der Desktop - .Exe lädt ewig :/...
Archiv
Du betrachtest: .Exe lädt ewig :/ auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131