|
Plagegeister aller Art und deren Bekämpfung: Antispy Safeguard: Daten sichern bzw. rettenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.10.2010, 17:34 | #1 |
| Antispy Safeguard: Daten sichern bzw. retten Hallo Leute!! Wie der Titel schon sagt, geht es um das schon bekannte Fake-Programm "Antispy Safeguard". Dieses ist eben auf meinen Laptop gekommen und ich werde es nicht los. Ich weiß nicht, wie es genau meinen Rechner ausgewählt hat, aber ich vermute so: Gestern hab ich, mal wieder, auf YouTube vorbeischauen wollen. Hab das halt in Google eingegeben, dann das erste ergebnis genommen. Im Hintergrund hat sich, statt YT, ein HTML, vollgeschrieben mit irg. Zahlen, Buchstaben, geöffnet. Tja, dann eben die Meldung, von wegen ein Virus wäre auf meinem PC, ich soll das Programm downloaden, usw. Seit dem Download kommt jedes Mal beim anmelden ein Fenster, dass ich meinen PC scannen MUSS (die Option "Später Scannen" ist deaktiviert). Dann blockiert es mir eben meine Browser, Task Manager, einfach alle wichtigen Prgrm. Ich hab halt versucht, es irgw. zu umgehen was mir dann so gelungen ist dass ich beim anmelden, bevor es ihn scannt, den Task manager öffne und es beende. Dann kommen eben keine Meldungen mehr. Erster Versuch: Ich wollte das System (Widows 7) auf einen gewissen Tag zurücksetzen, bevor ich es heruntergeladen hab. OK, wurde zuerst nicht blockiert, dann eben PC wieder neu gestartet. Jedoch kommt es dann einfach wieder, ich umgehe es, und dann kommt die Fehlermeldung, das ein Prgrm. Windows daran gehindert hätte, das System zurückzusetzen, und es hätte sogar den Wiederherstellungspunkt gelöscht. -- wieder nix. (wobei mich wundert, dass so ein kleines progrm. sogar Windows Befehle erteilt) Letzter Versuch: Ich habe den Malware-Entferner aus euerer Seite heruntergeladen, hab den PC gescannt und 8 Infizierungen gefunden (ich glaub: 2x Datei, 4x HKEY..... usw, und noch 2x andere). Dann eben, Neustart, und oh Überraschung, es kommt wieder. JETZT: Nun hab ich die Nase voll und will meinen PC einfach neuaufsetzten, weil ich glaube, dass das der einfachste sicherste effektivste Weg ist, endlich diesen Mist loszuwerden. !ABER! Ich wollte vorher noch meine Daten auf meine, kürzlich gekaufte und noch unbenutzte ext. Festplatte kopieren. Jedoch: 1. Wie kann ich verhindern, dass das Prgrm., wenn ich meine Festplatte an den infizierten PC anstecke (USB), auf die Festpatte kommt und dann vl. wieder auf das frische Win7? Oder muss ich mich da nicht sorgen? 2. Es sind zwar überwiegend Daten (Bilder, Dokumente, Musik,...) aber ich habe auch sehr teuere Programme (zb: Adobe) oben. Ich glaub die Programme kann ich vergessen (ODER NICHT?). Wären aber auch die normalen Datendateien 100% "sauber"? Ich meine, das ist doch kein Wurm, der sich in Datendateien versteckt, oder so was? 3. Habt ihr 'ne Empfehlung für ein Antivirusprogramm (seriös)? Muss nicht unbedingt umsonst, ABER SICHER sein. 4. Ich geb meinen Laptop in ein Geschäft, um Win7 neu raufzuspielen. Aber: In der Packung war keine CD dabei mit dem Betribssystem (Laptop ist "HP"). Jedoch gibt es einen Teil auf der Festplatte (ca. 4GB), den man nicht ändern darf und ich vermute, dass es vl dort drauf ist. Könnt ihr mir da helfen??? KURZ GESAGT: Ich möchte mir sicher sein, dass ich das Prgrm. los bin, ich aber meine Musik, Bilder, Videos, Dokumente nicht löschen muss. Falls es auch eine Chance gibt, meine Programme Komplett (und damit meine ich wirklich 100000%ig) davon zu befreien und zu retten, dann möge er sich bitte melden. (Ich geb zu 'n bisschen zu lang geraten, der Post) Für Antworten wäre ich sehr erfreut !!!!!!!!!!!!!!!! DANKE DANKE DANKE schon mal im Vorraus euer Lex24681 |
11.10.2010, 17:56 | #2 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten hi, kannst du mir den infizierten link oder den suchbegriff mal als private nachicht schicken?
__________________eigendlich kannst du das system selbst neu aufsetzen, einfach nur die recovery partition startn, sollte nach pc im boot menü zu finden sein, mit f12 ists meist zu erreichen. wir können aber auch bereinigen bzw uns das system ansehen, hast du nen zweiten pc mit brenner zur verfügung? |
11.10.2010, 18:18 | #3 | ||
| Antispy Safeguard: Daten sichern bzw. rettenZitat:
Zitat:
ja, ich hab schon einen mit brenner. (meinst du die methode mit linux usw...?) |
11.10.2010, 18:20 | #4 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten nein kein linux. download: How to Set BIOS to Boot from CDROM - www.hiren.info • Dein System sollte jetzt einen REATOGO-X-PE Desktop anzeigen. • Mache einen doppel Klick auf das OTLPE Icon. • Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes. • Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes. • entferne den haken bei "Automatically Load All Remaining Users" wenn er gesetzt ist. • OTL sollte nun starten. • Drücke Run Scan um den Scan zu starten. • Wenn er fertig ist werden die Dateien in C:\otl.txt gesichert • Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast. poste beide logs neu aufsetzen kannst du dann immernoch, aber ich möchte unbekannte dateien auf jeden fall einsammeln und mir nen überblick verschaffen. |
14.10.2010, 18:38 | #5 |
| Antispy Safeguard: Daten sichern bzw. retten EXTRAS LOGFILE:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.10.2010 22:17:36 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Melnik\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 88,00% Memory free 8,00 Gb Paging File | 8,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,24 Gb Total Space | 263,55 Gb Free Space | 58,28% Space Free | Partition Type: NTFS Drive D: | 13,23 Gb Total Space | 2,20 Gb Free Space | 16,66% Space Free | Partition Type: NTFS Drive G: | 1,87 Gb Total Space | 1,60 Gb Free Space | 85,62% Space Free | Partition Type: FAT Computer Name: MELNIK-PC | User Name: Melnik | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit) "{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager "{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent "{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3 "{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish "{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets "{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR} "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard "{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding "{26A24AE4-039D-4CA4-87B4-2F83216017F0}" = Java(TM) 6 Update 17 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian "{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = Microtek FineReader OCR Engine "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3 "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3 "{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content "{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver "{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3 "{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant "{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New "{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3 "{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash "{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French "{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{73E81E9B-7319-43AD-B7CC-1C61405E5089}" = Adobe After Effects CS3 Template Projects & Footage "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All "{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3 "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content "{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish "{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian "{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German "{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3 "{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8E6EBF1E-1E77-4A42-A28F-EBE09F93DE3C}" = Adobe Setup "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92A300C0-E97B-48CC-9702-AB1AAED167E1}" = Adobe Soundbooth CS3 Scores "{93B3CB99-4889-4156-872C-D93543926118}" = Adobe Creative Suite 3 Master Collection "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3 "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5 "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish "{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant "{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3 "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech "{C09F1573-6262-47F2-8B90-5B2290A58B12}" = MAGIX Speed 2 (MSI) "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3 "{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3 "{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3 "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3 "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish "{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3 "{D5A3BDAF-542A-43DF-B530-23DD0148ED1B}" = Halo 2 Dedicated Server "{D801B39E-CE01-409F-8E7C-B7976EA3C9DC}_is1" = Audiosurf "{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English "{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler "{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3 "{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean "{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F1D93F5B-881F-49E3-BA56-B4B8FA991059}" = Adobe Encore CS3 Library "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3 "Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.4 Professional "Adobe Acrobat 8 Professional - English, Français, Deutsch_824" = Adobe Acrobat 8.2.4 - CPSID_83708 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "Adobe_dfd2069092cb19bffcf6e736bd79ae1" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen "Age of Empires 2.0" = Microsoft Age of Empires II "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Brother HL-5130" = Brother HL-5130 "Collab" = Collab "DivX Setup.divx.com" = DivX-Setup "EasyBits Magic Desktop" = Magic Desktop "Eye-One Match_is1" = Eye-One Match 3.6.2 "FL Studio 8" = FL Studio 8 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3 "Free DVD Video Converter_is1" = Free DVD Video Converter version 1.4 "Free YouTube Download_is1" = Free YouTube Download 2.8 "Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.5 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9 "FrostWire" = FrostWire 4.18.5 "Halo" = Microsoft Halo "Halo 2" = Halo 2 for Windows Vista "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IL Download Manager" = IL Download Manager "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D5A3BDAF-542A-43DF-B530-23DD0148ED1B}" = Halo 2 Dedicated Server "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "IsoBuster_is1" = IsoBuster 2.8 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic) "KRISTAL Audio Engine" = KRISTAL Audio Engine "Live 8.0.4" = Live 8.0.4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "PoiZone" = PoiZone "rgc:audio sfz VSTi_is1" = rgc:audio sfz VSTi v1.96 "Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.12.2.4 "Sylenth1_is1" = Sylenth1 v2.20 "Toxic Biohazard" = Toxic Biohazard "Uninstall_is1" = Uninstall 1.0.0.1 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "WildTangent hp Master Uninstall" = HP Games "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite_Wave3" = Windows Live Essentials "Zoo Tycoon 1.0" = Microsoft Zoo Tycoon ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "493772c2b42d22b9" = Click MusicalKEYS "QUICKMEDIACONVERTER" = Player ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
14.10.2010, 18:43 | #6 |
| Antispy Safeguard: Daten sichern bzw. retten OTL logfile:OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.10.2010 22:17:36 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Melnik\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 88,00% Memory free 8,00 Gb Paging File | 8,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,24 Gb Total Space | 263,55 Gb Free Space | 58,28% Space Free | Partition Type: NTFS Drive D: | 13,23 Gb Total Space | 2,20 Gb Free Space | 16,66% Space Free | Partition Type: NTFS Drive G: | 1,87 Gb Total Space | 1,60 Gb Free Space | 85,62% Space Free | Partition Type: FAT Computer Name: MELNIK-PC | User Name: Melnik | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Melnik\Desktop\OTL.exe (OldTimer Tools) ========== Modules (SafeList) ========== MOD - C:\Users\Melnik\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (IDT, Inc.) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Andrea Electronics Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (Adobe Version Cue CS3) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated) SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\Drivers\SSPORT.sys File not found DRV:64bit: - (PDIHWCTL) -- C:\Windows\SysNative\drivers\pdihwctl.sys File not found DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\Drivers\DgiVecp.sys File not found DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (EyeOne) -- C:\Windows\SysNative\drivers\EyeOneX64.sys (Thesycon GmbH, Germany) DRV - (BrPar) -- C:\Windows\System32\drivers\BrPar.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, Unterhaltung, Nachrichten, Sport, Jobs, Immobilien und mehr bei MSN AT IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 79 2D 59 9C 46 CB 01 [binary data] IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.0.1 FF - prefs.js..extensions.enabledItems: {86FA6F53-95FE-7A69-D8C3-E1454281F8B6}:3.5.2 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.10 12:49:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.10 12:49:56 | 000,000,000 | ---D | M] [2010.01.06 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\mozilla\Extensions [2010.10.10 10:52:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions [2010.08.16 03:51:43 | 000,000,000 | ---D | M] (PacFox) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66} [2010.09.10 06:19:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.08.16 03:51:43 | 000,000,000 | ---D | M] (In The Dark) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{86FA6F53-95FE-7A69-D8C3-E1454281F8B6} [2010.08.28 16:59:17 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.16 03:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.16 03:51:44 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66} [2010.01.06 15:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66}\chrome\global\extensions [2010.01.06 15:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66}\chrome\mozapps\extensions [2010.01.06 15:23:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{86FA6F53-95FE-7A69-D8C3-E1454281F8B6}\chrome\mozapps\extensions [2010.08.25 17:57:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.07.17 11:12:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.25 17:57:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.08.25 17:57:05 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.12 13:25:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.12 13:25:11 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.12 13:25:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.12 13:25:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.12 13:25:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3:64bit: - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube Download - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000 Winlogon: Shell - (C:\Users\Melnik\AppData\Roaming\hotfix.exe) - C:\Users\Melnik\AppData\Roaming\hotfix.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell - "" = AutoRun O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\directx\command - "" = F:\DirectX\dxsetup.exe -- File not found O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\setup\command - "" = F:\setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\Windows\SysWow64\SL_ANET.ACM (Sipro Lab Telecom Inc.) Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org) Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation) Drivers32: VIDC.MP42 - C:\Windows\SysWow64\MPG4C32.DLL (Microsoft Corporation) Drivers32: VIDC.MPG4 - C:\Windows\SysWow64\MPG4C32.DLL (Microsoft Corporation) Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2010.10.14 22:12:52 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Melnik\Desktop\OTL.exe [2010.10.10 18:32:54 | 000,000,000 | ---D | C] -- C:\Users\Melnik\AppData\Roaming\Malwarebytes [2010.10.10 18:32:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.10.10 18:32:44 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.10.10 18:32:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.10.10 18:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.10 18:32:09 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Melnik\Desktop\mbam-setup.exe [2010.10.10 11:39:01 | 000,035,928 | ---- | C] (Adobe Systems Incorporated.) -- C:\Windows\SysNative\AdobePDF64.dll [2010.10.07 18:17:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\High-Logic [2010.10.06 09:26:31 | 000,000,000 | ---D | C] -- C:\Users\Melnik\Patrik [2010.10.04 16:09:22 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.10.04 16:09:22 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.10.04 15:54:40 | 000,047,104 | ---- | C] (Thesycon GmbH, Germany) -- C:\Windows\SysNative\drivers\i1io2_x64.sys [2010.10.04 15:54:40 | 000,047,104 | ---- | C] (Thesycon GmbH, Germany) -- C:\Windows\SysNative\drivers\EyeOneX64.sys [2010.10.04 15:54:40 | 000,007,808 | ---- | C] (GretagMacbeth LLC) -- C:\Windows\SysNative\drivers\SeqCal.sys [2010.10.04 15:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GretagMacbeth [2010.10.01 20:42:27 | 000,000,000 | ---D | C] -- C:\Users\Melnik\USB [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.14 21:59:11 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.10.14 21:59:11 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.10.14 21:59:11 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.10.14 21:59:11 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.10.14 21:59:11 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.10.14 21:49:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.14 21:49:24 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2010.10.14 19:14:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Melnik\Desktop\OTL.exe [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:22:03 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.10.11 19:57:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.11 19:57:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.10 18:36:34 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Melnik\Desktop\mbam-setup.exe [2010.10.10 18:32:49 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.10 18:28:54 | 000,364,032 | ---- | M] () -- C:\Users\Melnik\Desktop\rkill.com [2010.10.10 11:10:14 | 000,654,336 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2010.10.10 11:10:14 | 000,000,141 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\asdsada.bat [2010.10.07 18:28:36 | 000,000,146 | ---- | M] () -- C:\Windows\fcp5.cfg [2010.10.06 19:02:33 | 000,001,199 | ---- | M] () -- C:\Users\Melnik\Desktop\DVDVideoSoft Free Studio.lnk [2010.10.04 20:07:37 | 000,000,908 | ---- | M] () -- C:\Users\Melnik\Desktop\QUICKMEDIACONVERTER.lnk [2010.10.04 16:09:23 | 000,002,354 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2010.10.04 16:09:23 | 000,002,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.10 18:32:49 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.10 18:26:06 | 000,364,032 | ---- | C] () -- C:\Users\Melnik\Desktop\rkill.com [2010.10.10 11:10:14 | 000,654,336 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2010.10.10 11:10:14 | 000,000,141 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\asdsada.bat [2010.10.07 18:32:40 | 000,000,290 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.10.07 18:18:02 | 000,000,146 | ---- | C] () -- C:\Windows\fcp5.cfg [2010.10.04 15:54:41 | 000,002,354 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2010.10.04 15:54:41 | 000,002,242 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2010.06.27 22:39:13 | 000,022,016 | ---- | C] () -- C:\Users\Melnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.24 13:46:09 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.06.24 13:34:24 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010.05.28 19:48:38 | 000,000,088 | RHS- | C] () -- C:\ProgramData\26D6F3F3A0.sys [2010.05.28 19:48:37 | 000,005,330 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.01.10 14:44:09 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys [2010.01.10 14:44:09 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys [2010.01.10 14:16:36 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2010.01.10 14:16:34 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.01.10 14:04:22 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\BROSNMP.DLL [2010.01.10 14:04:22 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\BRGSRC32.DLL [2010.01.10 14:04:22 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\BRGSRC16.DLL [2010.01.10 14:04:19 | 000,015,108 | ---- | C] () -- C:\Windows\HL-5130.INI [2010.01.10 13:49:06 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2010.01.10 13:49:06 | 000,000,052 | ---- | C] () -- C:\Windows\brpp2ka.ini [2010.01.10 13:49:06 | 000,000,040 | ---- | C] () -- C:\Windows\BRDIAG.INI [2010.01.10 13:49:06 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini [2010.01.10 13:49:06 | 000,000,000 | ---- | C] () -- C:\Windows\bw5130.ini [2010.01.10 13:49:06 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2010.01.08 18:50:38 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.12.18 12:25:24 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2009.12.14 22:05:12 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\wklnhst.dat [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\QSwitch.txt [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\DSwitch.txt [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\AtStart.txt [2009.12.14 21:11:04 | 000,000,462 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009.11.05 02:18:35 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009.11.05 02:18:25 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009.11.05 02:18:06 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009.11.05 02:17:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009.11.05 02:16:55 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009.10.01 20:46:48 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009.10.01 20:43:09 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009.10.01 20:41:40 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009.10.01 20:41:01 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009.07.15 17:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll ========== LOP Check ========== [2010.08.15 07:37:44 | 000,000,000 | ---D | M] -- C:\Users\AppData\AppData\Roaming\Ableton [2010.08.16 03:48:40 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Ableton [2010.05.27 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\avidemux [2010.08.02 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FreeVideoConverter [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FrostWire [2009.12.20 00:18:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\iWin [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Leawo [2010.08.16 03:48:57 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\MAGIX [2009.12.15 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\PlayFirst [2010.08.16 03:51:44 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Rapid Evolution 2 [2010.05.27 21:16:42 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Uniblue [2009.12.14 21:34:51 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WildTangent [2009.12.14 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\_MDLogs [2009.07.14 07:08:49 | 000,031,374 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.10.11 22:22:03 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.08.16 03:48:40 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Ableton [2010.10.10 10:34:39 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Adobe [2009.12.14 21:10:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\ATI [2010.05.27 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\avidemux [2010.05.18 05:37:53 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Avira [2010.05.15 14:47:08 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\AVS4YOU [2010.08.16 03:48:43 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Corel [2010.03.30 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\CyberLink [2010.06.25 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DivX [2010.08.02 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FreeVideoConverter [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FrostWire [2009.12.16 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Google [2010.04.06 14:43:28 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Hewlett-Packard [2010.04.06 14:41:46 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HP Support Assistant [2009.12.14 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HP TCS [2010.04.06 14:38:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\hpqlog [2010.04.06 14:41:46 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HpUpdate [2009.12.14 21:10:15 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Identities [2009.12.20 00:18:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\iWin [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Leawo [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Macromedia [2010.08.16 03:48:57 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\MAGIX [2010.10.10 18:32:54 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Malwarebytes [2009.11.05 11:26:32 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Media Center Programs [2010.08.16 03:51:41 | 000,000,000 | --SD | M] -- C:\Users\Melnik\AppData\Roaming\Microsoft [2010.04.20 18:46:28 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Microsoft Game Studios [2010.08.16 03:49:06 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Mozilla [2009.12.15 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\PlayFirst [2010.08.16 03:51:44 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Rapid Evolution 2 [2010.07.11 16:22:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Real [2010.05.27 21:16:42 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Uniblue [2009.12.14 21:34:51 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WildTangent [2010.04.19 06:30:25 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WinRAR [2009.12.14 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\_MDLogs < %APPDATA%\*.exe /s > [2010.10.10 11:10:14 | 000,654,336 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2009.12.16 20:30:53 | 000,000,000 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.05.17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:66B13F37 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6152D44C < End of report > |
14.10.2010, 18:45 | #7 |
| Antispy Safeguard: Daten sichern bzw. retten OTL logfile:OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.10.2010 22:17:36 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Melnik\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 88,00% Memory free 8,00 Gb Paging File | 8,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,24 Gb Total Space | 263,55 Gb Free Space | 58,28% Space Free | Partition Type: NTFS Drive D: | 13,23 Gb Total Space | 2,20 Gb Free Space | 16,66% Space Free | Partition Type: NTFS Drive G: | 1,87 Gb Total Space | 1,60 Gb Free Space | 85,62% Space Free | Partition Type: FAT Computer Name: MELNIK-PC | User Name: Melnik | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Melnik\Desktop\OTL.exe (OldTimer Tools) ========== Modules (SafeList) ========== MOD - C:\Users\Melnik\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (IDT, Inc.) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Andrea Electronics Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (Adobe Version Cue CS3) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated) SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\Drivers\SSPORT.sys File not found DRV:64bit: - (PDIHWCTL) -- C:\Windows\SysNative\drivers\pdihwctl.sys File not found DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\Drivers\DgiVecp.sys File not found DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (EyeOne) -- C:\Windows\SysNative\drivers\EyeOneX64.sys (Thesycon GmbH, Germany) DRV - (BrPar) -- C:\Windows\System32\drivers\BrPar.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, Unterhaltung, Nachrichten, Sport, Jobs, Immobilien und mehr bei MSN AT IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 79 2D 59 9C 46 CB 01 [binary data] IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.0.1 FF - prefs.js..extensions.enabledItems: {86FA6F53-95FE-7A69-D8C3-E1454281F8B6}:3.5.2 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.10 12:49:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.10 12:49:56 | 000,000,000 | ---D | M] [2010.01.06 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\mozilla\Extensions [2010.10.10 10:52:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions [2010.08.16 03:51:43 | 000,000,000 | ---D | M] (PacFox) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66} [2010.09.10 06:19:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.08.16 03:51:43 | 000,000,000 | ---D | M] (In The Dark) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{86FA6F53-95FE-7A69-D8C3-E1454281F8B6} [2010.08.28 16:59:17 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.16 03:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.16 03:51:44 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66} [2010.01.06 15:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66}\chrome\global\extensions [2010.01.06 15:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{0f97d130-bd1a-11dd-ad8b-0800200c9a66}\chrome\mozapps\extensions [2010.01.06 15:23:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melnik\AppData\Roaming\mozilla\Firefox\Profiles\xopzengh.default\extensions\{86FA6F53-95FE-7A69-D8C3-E1454281F8B6}\chrome\mozapps\extensions [2010.08.25 17:57:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.07.17 11:12:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.25 17:57:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.08.25 17:57:05 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.12 13:25:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.12 13:25:11 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.12 13:25:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.12 13:25:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.12 13:25:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3:64bit: - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube Download - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000 Winlogon: Shell - (C:\Users\Melnik\AppData\Roaming\hotfix.exe) - C:\Users\Melnik\AppData\Roaming\hotfix.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell - "" = AutoRun O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\directx\command - "" = F:\DirectX\dxsetup.exe -- File not found O33 - MountPoints2\{4482dd49-4ef1-11df-95ea-00269e892f4d}\Shell\setup\command - "" = F:\setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\Windows\SysWow64\SL_ANET.ACM (Sipro Lab Telecom Inc.) Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org) Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation) Drivers32: VIDC.MP42 - C:\Windows\SysWow64\MPG4C32.DLL (Microsoft Corporation) Drivers32: VIDC.MPG4 - C:\Windows\SysWow64\MPG4C32.DLL (Microsoft Corporation) Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2010.10.14 22:12:52 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Melnik\Desktop\OTL.exe [2010.10.10 18:32:54 | 000,000,000 | ---D | C] -- C:\Users\Melnik\AppData\Roaming\Malwarebytes [2010.10.10 18:32:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.10.10 18:32:44 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.10.10 18:32:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.10.10 18:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.10 18:32:09 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Melnik\Desktop\mbam-setup.exe [2010.10.10 11:39:01 | 000,035,928 | ---- | C] (Adobe Systems Incorporated.) -- C:\Windows\SysNative\AdobePDF64.dll [2010.10.07 18:17:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\High-Logic [2010.10.06 09:26:31 | 000,000,000 | ---D | C] -- C:\Users\Melnik\Patrik [2010.10.04 16:09:22 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.10.04 16:09:22 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.10.04 15:54:40 | 000,047,104 | ---- | C] (Thesycon GmbH, Germany) -- C:\Windows\SysNative\drivers\i1io2_x64.sys [2010.10.04 15:54:40 | 000,047,104 | ---- | C] (Thesycon GmbH, Germany) -- C:\Windows\SysNative\drivers\EyeOneX64.sys [2010.10.04 15:54:40 | 000,007,808 | ---- | C] (GretagMacbeth LLC) -- C:\Windows\SysNative\drivers\SeqCal.sys [2010.10.04 15:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GretagMacbeth [2010.10.01 20:42:27 | 000,000,000 | ---D | C] -- C:\Users\Melnik\USB [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.14 21:59:11 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.10.14 21:59:11 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.10.14 21:59:11 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.10.14 21:59:11 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.10.14 21:59:11 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.10.14 21:49:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.14 21:49:24 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys [2010.10.14 19:14:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Melnik\Desktop\OTL.exe [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:22:03 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.10.11 19:57:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.11 19:57:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.10 18:36:34 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Melnik\Desktop\mbam-setup.exe [2010.10.10 18:32:49 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.10 18:28:54 | 000,364,032 | ---- | M] () -- C:\Users\Melnik\Desktop\rkill.com [2010.10.10 11:10:14 | 000,654,336 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2010.10.10 11:10:14 | 000,000,141 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\asdsada.bat [2010.10.07 18:28:36 | 000,000,146 | ---- | M] () -- C:\Windows\fcp5.cfg [2010.10.06 19:02:33 | 000,001,199 | ---- | M] () -- C:\Users\Melnik\Desktop\DVDVideoSoft Free Studio.lnk [2010.10.04 20:07:37 | 000,000,908 | ---- | M] () -- C:\Users\Melnik\Desktop\QUICKMEDIACONVERTER.lnk [2010.10.04 16:09:23 | 000,002,354 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2010.10.04 16:09:23 | 000,002,242 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.10 18:32:49 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.10 18:26:06 | 000,364,032 | ---- | C] () -- C:\Users\Melnik\Desktop\rkill.com [2010.10.10 11:10:14 | 000,654,336 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2010.10.10 11:10:14 | 000,000,141 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\asdsada.bat [2010.10.07 18:32:40 | 000,000,290 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.10.07 18:18:02 | 000,000,146 | ---- | C] () -- C:\Windows\fcp5.cfg [2010.10.04 15:54:41 | 000,002,354 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2010.10.04 15:54:41 | 000,002,242 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2010.06.27 22:39:13 | 000,022,016 | ---- | C] () -- C:\Users\Melnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.24 13:46:09 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.06.24 13:34:24 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010.05.28 19:48:38 | 000,000,088 | RHS- | C] () -- C:\ProgramData\26D6F3F3A0.sys [2010.05.28 19:48:37 | 000,005,330 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.01.10 14:44:09 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys [2010.01.10 14:44:09 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys [2010.01.10 14:16:36 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2010.01.10 14:16:34 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.01.10 14:04:22 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\BROSNMP.DLL [2010.01.10 14:04:22 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\BRGSRC32.DLL [2010.01.10 14:04:22 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\BRGSRC16.DLL [2010.01.10 14:04:19 | 000,015,108 | ---- | C] () -- C:\Windows\HL-5130.INI [2010.01.10 13:49:06 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2010.01.10 13:49:06 | 000,000,052 | ---- | C] () -- C:\Windows\brpp2ka.ini [2010.01.10 13:49:06 | 000,000,040 | ---- | C] () -- C:\Windows\BRDIAG.INI [2010.01.10 13:49:06 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini [2010.01.10 13:49:06 | 000,000,000 | ---- | C] () -- C:\Windows\bw5130.ini [2010.01.10 13:49:06 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2010.01.08 18:50:38 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.12.18 12:25:24 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2009.12.14 22:05:12 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Roaming\wklnhst.dat [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\QSwitch.txt [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\DSwitch.txt [2009.12.14 21:11:06 | 000,000,000 | ---- | C] () -- C:\Users\Melnik\AppData\Local\AtStart.txt [2009.12.14 21:11:04 | 000,000,462 | ---- | C] () -- C:\ProgramData\HPWALog.txt [2009.11.05 02:18:35 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [2009.11.05 02:18:25 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [2009.11.05 02:18:06 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [2009.11.05 02:17:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [2009.11.05 02:16:55 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [2009.10.01 20:46:48 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [2009.10.01 20:43:09 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [2009.10.01 20:41:40 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [2009.10.01 20:41:01 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [2009.07.15 17:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll ========== LOP Check ========== [2010.08.15 07:37:44 | 000,000,000 | ---D | M] -- C:\Users\AppData\AppData\Roaming\Ableton [2010.08.16 03:48:40 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Ableton [2010.05.27 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\avidemux [2010.08.02 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FreeVideoConverter [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FrostWire [2009.12.20 00:18:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\iWin [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Leawo [2010.08.16 03:48:57 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\MAGIX [2009.12.15 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\PlayFirst [2010.08.16 03:51:44 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Rapid Evolution 2 [2010.05.27 21:16:42 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Uniblue [2009.12.14 21:34:51 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WildTangent [2009.12.14 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\_MDLogs [2009.07.14 07:08:49 | 000,031,374 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.10.11 22:22:03 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.08.16 03:48:40 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Ableton [2010.10.10 10:34:39 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Adobe [2009.12.14 21:10:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\ATI [2010.05.27 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\avidemux [2010.05.18 05:37:53 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Avira [2010.05.15 14:47:08 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\AVS4YOU [2010.08.16 03:48:43 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Corel [2010.03.30 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\CyberLink [2010.06.25 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DivX [2010.08.02 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FreeVideoConverter [2010.08.16 03:51:41 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\FrostWire [2009.12.16 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Google [2010.04.06 14:43:28 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Hewlett-Packard [2010.04.06 14:41:46 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HP Support Assistant [2009.12.14 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HP TCS [2010.04.06 14:38:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\hpqlog [2010.04.06 14:41:46 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\HpUpdate [2009.12.14 21:10:15 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Identities [2009.12.20 00:18:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\iWin [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Leawo [2010.08.16 03:48:56 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Macromedia [2010.08.16 03:48:57 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\MAGIX [2010.10.10 18:32:54 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Malwarebytes [2009.11.05 11:26:32 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Media Center Programs [2010.08.16 03:51:41 | 000,000,000 | --SD | M] -- C:\Users\Melnik\AppData\Roaming\Microsoft [2010.04.20 18:46:28 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Microsoft Game Studios [2010.08.16 03:49:06 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Mozilla [2009.12.15 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\PlayFirst [2010.08.16 03:51:44 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Rapid Evolution 2 [2010.07.11 16:22:02 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Real [2010.05.27 21:16:42 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\Uniblue [2009.12.14 21:34:51 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WildTangent [2010.04.19 06:30:25 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\WinRAR [2009.12.14 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\Melnik\AppData\Roaming\_MDLogs < %APPDATA%\*.exe /s > [2010.10.10 11:10:14 | 000,654,336 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2009.12.16 20:30:53 | 000,000,000 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.05.17 21:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:66B13F37 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6152D44C < End of report > |
14.10.2010, 18:55 | #8 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten • Starte bitte die OTL.exe. • Kopiere nun das Folgende in die Textbox. :OTL O20 - HKU\S-1-5-21-4056970072-597559089-3397928443-1000 Winlogon: Shell - (C:\Users\Melnik\AppData\Roaming\hotfix.exe) - C:\Users\Melnik\AppData\Roaming\hotfix.exe () [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:26:35 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.11 22:22:03 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.10.10 11:10:14 | 000,654,336 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\hotfix.exe [2010.10.10 11:10:14 | 000,000,141 | ---- | M] () -- C:\Users\Melnik\AppData\Roaming\asdsada.bat :FILES :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument dieses posten schau ob der pc jetzt im normalen modus läuft. |
15.10.2010, 14:22 | #9 |
| Antispy Safeguard: Daten sichern bzw. retten All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-4056970072-597559089-3397928443-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Melnik\AppData\Roaming\hotfix.exe deleted successfully. C:\Users\Melnik\AppData\Roaming\hotfix.exe moved successfully. C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 moved successfully. C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 moved successfully. C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job moved successfully. File C:\Users\Melnik\AppData\Roaming\hotfix.exe not found. C:\Users\Melnik\AppData\Roaming\asdsada.bat moved successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Annemarie User: annemarie.Melnik-PC ->Flash cache emptied: 42682 bytes User: AppData ->Flash cache emptied: 405 bytes User: Default User: Default User User: Gast User: Melnik ->Flash cache emptied: 34345 bytes User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Annemarie ->Temp folder emptied: 117061 bytes ->Temporary Internet Files folder emptied: 65536 bytes User: annemarie.Melnik-PC ->Temp folder emptied: 2036612 bytes ->Temporary Internet Files folder emptied: 1756499 bytes ->Java cache emptied: 7140 bytes ->FireFox cache emptied: 71678019 bytes ->Flash cache emptied: 0 bytes User: AppData ->Temp folder emptied: 78023 bytes ->Temporary Internet Files folder emptied: 6127200 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gast ->Temp folder emptied: 53923 bytes ->Temporary Internet Files folder emptied: 370891 bytes ->Java cache emptied: 0 bytes User: Melnik ->Temp folder emptied: 2529602596 bytes ->Temporary Internet Files folder emptied: 390228704 bytes ->Java cache emptied: 41852442 bytes ->FireFox cache emptied: 43887136 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 9473849 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes RecycleBin emptied: 127355327 bytes Total Files Cleaned = 3.075,00 mb OTL by OldTimer - Version 3.2.15.2 log created on 10152010_181329 Files\Folders moved on Reboot... C:\Users\Melnik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Also wie ich das neu gestartet hab, kam erst einmal, als ich mich angemeldet hab, lange ein schwarzer Bildschirn, und ich hab schon fast befürchtet dass es wieder kommt, aber es kam nicht mehr. Heisst das jetzt, dass ich es für immer los bin? |
15.10.2010, 14:55 | #10 |
| Antispy Safeguard: Daten sichern bzw. retten Also Windows ließ sich wieder ohne dieses Fenster von AntiSpy Safeguard starten. Es kam dann eben ein Fenster und jetzt will der PC von mir, dass ich den Produkt Key für Windows7 eingebe. Desktop Icons sind alle da. Minianwendungen auch. Desktophintergrund ist nach der Meldung nicht mehr da. |
15.10.2010, 15:00 | #11 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten hast du den win7 key? gib ihn ein und mach dann weiter: bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix |
15.10.2010, 15:34 | #12 |
| Antispy Safeguard: Daten sichern bzw. retten gibt's da einen anderen link dazu, weil bei meinem pc steht, dass es nur auf WinXP und Win2000 läuft. |
15.10.2010, 15:44 | #13 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten sorry meine schuld, du hast ja ein x64 bit system. 1. öffne mein computer c: dort _OTL rechtsklick auf Moved files und zu moved files.rar oder zip hinzufügen. das archi hochladen. http://www.trojaner-board.de/54791-a...ner-board.html dann gehts weiter. download malwarebytes: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten. schalte alle laufenden programme ab, trenne die internetverbindung. registerkarte scanner, komplett scan, funde entfernen, log posten. |
15.10.2010, 17:07 | #14 |
| Antispy Safeguard: Daten sichern bzw. rettenCode:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4835 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.10.2010 20:52:10 mbam-log-2010-10-15 (20-52-10).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 515296 Laufzeit: 56 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 4 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Program Files (x86)\Image-Line\Toxic Biohazard\Toxic Biohazard.dll (Trojan.Backdoor) -> Quarantined and deleted successfully. C:\Users\Melnik\Downloads\Jdownloader\Corel.VideoStudio.Pro.X3.13.6.0.272\keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully. C:\Users\Melnik\Music\Plug ins Ableton\keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\_OTL\MovedFiles\10152010_181329\C_Users\Melnik\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. |
15.10.2010, 17:10 | #15 |
/// Malware-holic | Antispy Safeguard: Daten sichern bzw. retten C:\Users\Melnik\Downloads\Jdownloader\Corel.VideoStudio.Pro.X3.13.6.0.272\keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully. C:\Users\Melnik\Music\Plug ins Ableton\keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. das sind 2 gründe aus denen ich dir nur noch hilfe zum neu aufsetzen geben kann. illegale software unterstützen wir nicht. |
Themen zu Antispy Safeguard: Daten sichern bzw. retten |
100%, adobe, blockiert, browser, dateien, dateien versteckt, daten sichern, fehlermeldung, festplatte, google, hintergrund, html, infizierte, laptop, löschen, musik, neu, neustart, programme, scan, seite, system, usb, virus, windows, wurm, zurücksetzen, ändern |