| ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch Hallihallo, ich hoffe, ich mache hier alles richtig... Folgende Situation: Ich habe vor einigen Tagen ne .exe runtergeladen, die bei vielen Youtubevideos verlinkt war(gab viele positive Kommentare).. Sinn war das Spielen eines älteres Spiels über Netzwerk... Naja.. ich wusste, dass ein sehr hohen Risiko bestand... aber wegen der vielen positiven Kommentare... Naja.. die Exe verschwand und der Computer fuhr ziemlich schnell herunter. Der Neustart dauerte ewig... Antivir Free Personal zeigte nichts. War sogar deaktiviert. Dann habe ich mir Kaspersky besorgt, weil es glaube ich einer der aggressivsten Antivirenprogramme ist. Es hat 3 Viren in irgendwelchen Dateien von JAVA gefunden und gelöscht. Mit der Zeit gingen hin und wieder TABS im Firefox mit den unterschiedlichsten Seiten auf. Mal unseriöse Seiten, die auch teilweise geblockt wurde, mal Ebay, mal Adobe.. etc... ---------------------- Ich habe mir SpyBot Search&Destroy und mehrere andere Programme geladen und durchsuchen lassen.. auch Norten Antivirus, doch die AutoTABS gingen nicht weg. Hin und wieder berichtet Kaspersky von einem Zugriff der svhost.exe auf eine komische Seite(die Seite ist dann immer anders).. aber hat selbst keinen weiteren Bericht dazu. Es hieß lediglich "Der Link wurde in einer Datenbank gefunden". Ich hab gegoogelt und hab irgendwie nur Anleitungen für ältere Systeme gefunden ![]() Deshalb hab ich mich jetzt hier angemeldet... ---------------------- OTL.txt Code:
ATTFilter OTL logfile created on: 20.10.2010 20:06:38 - Run 1 OTL by OldTimer - Version Folder = C:\Users\IMM0rtalis\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 18,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 41,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 24,90 Gb Total Space | 0,02 Gb Free Space | 0,08% Space Free | Partition Type: NTFS Drive E: | 25,00 Gb Total Space | 14,10 Gb Free Space | 56,38% Space Free | Partition Type: NTFS Drive M: | 100,01 Gb Total Space | 19,98 Gb Free Space | 19,97% Space Free | Partition Type: NTFS Drive P: | 10,00 Gb Total Space | 8,02 Gb Free Space | 80,18% Space Free | Partition Type: NTFS Drive Q: | 50,01 Gb Total Space | 21,85 Gb Free Space | 43,69% Space Free | Partition Type: NTFS Drive S: | 80,01 Gb Total Space | 23,62 Gb Free Space | 29,53% Space Free | Partition Type: NTFS Drive V: | 616,49 Gb Total Space | 3,90 Gb Free Space | 0,63% Space Free | Partition Type: NTFS Drive W: | 232,89 Gb Total Space | 37,31 Gb Free Space | 16,02% Space Free | Partition Type: NTFS Drive X: | 130,00 Gb Total Space | 36,32 Gb Free Space | 27,94% Space Free | Partition Type: NTFS Drive Y: | 320,75 Gb Total Space | 232,09 Gb Free Space | 72,36% Space Free | Partition Type: NTFS Drive Z: | 40,00 Gb Total Space | 29,59 Gb Free Space | 73,97% Space Free | Partition Type: NTFS Computer Name: BGSTYLE | User Name: IMM0rtalis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\IMM0rtalis\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - e:\Norton AntiVirus\Engine\\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\MirandaFusion\miranda32.exe ( ) PRC - C:\Program Files (x86)\MirandaFusion\mfwd.exe (Miranda Fusion Team) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - P:\xampp\mysql\bin\mysqld.exe (MySQL AB) PRC - P:\xampp\xampp-control.exe (Apache Friends) PRC - P:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - P:\NetBeans 6.8\NetBeans 6.8\bin\netbeans.exe () PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - E:\VMPlayer\vmware-authd.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) ========== Modules (SafeList) ========== MOD - C:\Users\IMM0rtalis\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (sp_rssrv) -- E:\Spyware Terminator\sp_rsser.exe (Xacti LLC) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (NAV) -- e:\Norton AntiVirus\Engine\\ccSvcHst.exe (Symantec Corporation) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) SRV - (Hamachi2Svc) -- E:\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- E:\VMPlayer\vmware-authd.exe (VMware, Inc.) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) SRV - (ufad-ws60) -- E:\VMPlayer\vmware-ufad.exe (VMware, Inc.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymEFA64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SYMNETS) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\symnets.sys (Symantec Corporation) DRV:64bit: - (sp_rsdrv2) -- C:\Windows\SysNative\drivers\stflt.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\Ironx64.sys (Symantec Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymDS64.sys (Symantec Corporation) DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO) DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation) DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation) DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation) DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation) DRV:64bit: - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation) DRV:64bit: - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group) DRV:64bit: - (hxctlflt) -- C:\Windows\SysNative\drivers\hxctlflt.sys (Guillemot Corporation) DRV:64bit: - (PAC7302) -- C:\Windows\SysNative\drivers\PAC7302.SYS (PixArt Imaging Inc.) DRV:64bit: - (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s125mgmt.sys (MCCI Corporation) DRV:64bit: - (s125bus) Sony Ericsson Device 125 driver (WDM) -- C:\Windows\SysNative\drivers\s125bus.sys (MCCI Corporation) DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\Razerlow.sys (Razer (Asia-Pacific) Pte Ltd) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys (Symantec Corporation) DRV - (vstor2-ws60) -- E:\VMPlayer\vstor2-ws60.sys (VMware, Inc.) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 A9 22 0F 41 70 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}: FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}: FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: foxgame2@foxgame.org:2.0 Beta FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru: FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru: FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2010.10.20 19:07:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.20 18:09:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.20 18:09:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.10.17 03:52:33 | 000,000,000 | ---D | M] [2009.12.25 01:50:25 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Extensions [2010.10.20 11:35:02 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions [2010.01.31 23:34:31 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2010.01.31 23:34:27 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010.08.22 11:30:34 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.08.23 11:08:27 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8} [2010.05.07 06:28:04 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\firebug@software.joehewitt.com [2010.10.12 21:39:25 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\foxgame2@foxgame.org [2009.12.26 18:59:19 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\mozilla\Firefox\Profiles\jqbj77gh.default\extensions\RaNaN@ogeneral.de [2010.10.20 11:35:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.05.05 06:35:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.22 13:17:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.16 15:21:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.10.17 03:53:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2010.10.17 03:53:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.07.19 08:52:14 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.07.19 08:52:14 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.07.19 08:52:14 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.19 08:52:14 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.07.19 08:52:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.12.28 16:27:22 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: activate.adobe.com O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - e:\Norton AntiVirus\Engine\\IPSBHO.dll (Symantec Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpywareTerminatorUpdate] E:\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\VMPlayer\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - E:\VMPlayer\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\VMPlayer\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - E:\VMPlayer\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.06.26 20:47:52 | 000,000,000 | ---D | M] - E:\Autodesk Network License Manager -- [ NTFS ] O32 - AutoRun File - [2009.01.24 16:02:13 | 000,000,000 | ---- | M] () - Z:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.20 19:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2010.10.20 19:07:41 | 000,174,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2010.10.20 19:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2010.10.20 19:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2010.10.20 19:07:25 | 000,821,808 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymEFA64.sys [2010.10.20 19:07:25 | 000,715,824 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtsp64.sys [2010.10.20 19:07:25 | 000,450,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymDS64.sys [2010.10.20 19:07:25 | 000,381,488 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\symnets.sys [2010.10.20 19:07:25 | 000,168,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\Ironx64.sys [2010.10.20 19:07:25 | 000,040,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtspx64.sys [2010.10.20 19:07:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64 [2010.10.20 19:07:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1201000.025 [2010.10.20 19:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010.10.20 18:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010.10.20 18:51:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2010.10.20 18:47:53 | 103,702,528 | ---- | C] (Symantec Corporation) -- C:\Users\IMM0rtalis\Desktop\NAV_18.1.0.37_SYMTB_TMD-1ON1_LOEM_MRFTT_181_5417ST.exe [2010.10.20 18:41:49 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\Pavark [2010.10.20 18:28:21 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\AppData\Roaming\Spyware Terminator [2010.10.20 18:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2010.10.17 03:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2010.10.17 03:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2010.10.17 03:52:15 | 000,560,216 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.10.17 03:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2010.10.16 15:21:47 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.10.16 15:21:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.10.16 15:21:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.10.16 00:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.10.15 22:22:41 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\Documents\StarCraft II [2010.10.15 22:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.10.15 22:22:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010.10.15 02:25:19 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\Documents\TADS [2010.10.03 23:02:25 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\AppData\Roaming\MyPhoneExplorer [2010.09.30 17:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2010.09.30 17:23:58 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll [2010.09.30 17:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2010.09.30 17:23:55 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.09.30 17:23:55 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.09.30 17:23:55 | 000,122,968 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.09.30 17:23:55 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.09.30 17:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2010.09.29 21:36:48 | 000,000,000 | ---D | C] -- C:\Users\IMM0rtalis\AppData\Roaming\Thinstall [2010.09.29 17:12:59 | 000,000,000 | --SD | C] -- C:\Users\IMM0rtalis\Documents\Meine Shapes [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.20 19:08:08 | 001,458,328 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\Cat.DB [2010.10.20 19:07:41 | 000,174,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2010.10.20 19:07:41 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2010.10.20 19:07:41 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2010.10.20 19:07:29 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2010.10.20 18:51:28 | 103,702,528 | ---- | M] (Symantec Corporation) -- C:\Users\IMM0rtalis\Desktop\NAV_18.1.0.37_SYMTB_TMD-1ON1_LOEM_MRFTT_181_5417ST.exe [2010.10.20 18:43:09 | 000,284,610 | ---- | M] () -- C:\Users\IMM0rtalis\Desktop\gmer1.0.15.15279.zip [2010.10.20 18:11:13 | 001,480,120 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.10.20 18:11:13 | 000,645,744 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.10.20 18:11:13 | 000,610,214 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.10.20 18:11:13 | 000,127,648 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.10.20 18:11:13 | 000,105,118 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.10.20 18:09:39 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.20 18:09:39 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.20 18:04:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.20 18:04:28 | 1609,416,704 | -HS- | M] () -- C:\hiberfil.sys [2010.10.17 04:16:12 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010.10.17 04:16:12 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010.10.17 03:52:15 | 000,560,216 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.10.15 02:24:48 | 000,065,536 | ---- | M] () -- C:\Windows\TADSUINS.EXE [2010.10.10 15:52:00 | 000,001,553 | ---- | M] () -- C:\Users\IMM0rtalis\Desktop\polygontest5.wrl [2010.10.10 13:14:19 | 000,000,790 | ---- | M] () -- C:\Users\IMM0rtalis\Desktop\polygontest4.wrl [2010.10.07 17:14:59 | 000,233,960 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.10.07 17:14:59 | 000,233,960 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.10.05 21:49:37 | 000,096,768 | ---- | M] () -- C:\Users\IMM0rtalis\Desktop\gesamtquali10.xls [2010.09.30 22:43:58 | 000,063,488 | ---- | M] () -- C:\Users\IMM0rtalis\Desktop\Dok2.doc [2010.09.30 17:23:55 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.09.30 17:23:55 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.09.30 17:23:55 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.09.30 17:23:55 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.09.30 17:15:23 | 000,000,070 | ---- | M] () -- C:\Windows\SIERRA.INI [2010.09.29 21:07:52 | 000,000,029 | ---- | M] () -- C:\Windows\UML.INI [2010.09.29 16:59:07 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI [2010.09.23 17:12:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.23 16:24:40 | 000,000,300 | ---- | M] () -- C:\Windows\game.ini [2010.09.22 18:51:56 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.20 19:07:46 | 001,458,328 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\Cat.DB [2010.10.20 19:07:42 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2010.10.20 19:07:42 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2010.10.20 19:07:29 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2010.10.20 19:07:19 | 000,003,373 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymEFA.inf [2010.10.20 19:07:19 | 000,002,792 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymDS.inf [2010.10.20 19:07:19 | 000,001,445 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymNet.inf [2010.10.20 19:07:19 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtsp64.inf [2010.10.20 19:07:19 | 000,001,422 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtspx64.inf [2010.10.20 19:07:19 | 000,000,771 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\Iron.inf [2010.10.20 19:07:12 | 000,007,414 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtspx64.cat [2010.10.20 19:07:12 | 000,007,412 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymEFA64.cat [2010.10.20 19:07:12 | 000,007,410 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\symnet64.cat [2010.10.20 19:07:12 | 000,007,410 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\srtsp64.cat [2010.10.20 19:07:12 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\SymDS64.cat [2010.10.20 19:07:12 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\iron.cat [2010.10.20 19:07:12 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1201000.025\isolate.ini [2010.10.20 18:43:08 | 000,284,610 | ---- | C] () -- C:\Users\IMM0rtalis\Desktop\gmer1.0.15.15279.zip [2010.10.17 03:53:05 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2010.10.17 03:53:05 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2010.10.15 02:25:20 | 000,065,536 | ---- | C] () -- C:\Windows\TADSUINS.EXE [2010.10.10 15:52:00 | 000,001,553 | ---- | C] () -- C:\Users\IMM0rtalis\Desktop\polygontest5.wrl [2010.10.10 13:12:11 | 000,000,790 | ---- | C] () -- C:\Users\IMM0rtalis\Desktop\polygontest4.wrl [2010.09.30 22:45:30 | 000,063,488 | ---- | C] () -- C:\Users\IMM0rtalis\Desktop\Dok2.doc [2010.09.29 21:07:52 | 000,000,029 | ---- | C] () -- C:\Windows\UML.INI [2010.09.29 16:59:07 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI [2010.07.01 22:40:22 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini [2010.04.11 19:25:01 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.02.28 00:58:52 | 000,000,226 | ---- | C] () -- C:\Windows\ACTIVEJP.INI [2010.02.26 21:22:52 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini [2010.02.09 02:05:24 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010.02.08 16:50:04 | 001,500,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.02.04 19:20:28 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll [2010.02.04 19:20:28 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll [2010.02.04 19:20:28 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll [2010.02.04 19:20:28 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll [2010.02.04 19:20:28 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll [2010.02.04 19:20:28 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010.01.01 23:30:38 | 000,000,070 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.12.27 01:45:25 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.INI [2009.12.26 15:55:10 | 000,007,605 | ---- | C] () -- C:\Users\IMM0rtalis\AppData\Local\Resmon.ResmonCfg [2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2002.08.23 10:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL [2002.08.23 10:00:00 | 000,132,096 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL ========== LOP Check ========== [2010.06.26 19:56:08 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Autodesk [2009.12.27 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\DAEMON Tools Lite [2010.05.06 17:51:55 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Miranda Fusion [2010.10.03 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\MyPhoneExplorer [2010.03.04 00:49:51 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Opera [2010.10.20 18:32:35 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Spyware Terminator [2009.12.28 17:01:06 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Subversion [2010.03.04 00:52:54 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\TeamViewer [2010.09.04 09:23:39 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\temp [2010.09.29 21:36:48 | 000,000,000 | ---D | M] -- C:\Users\IMM0rtalis\AppData\Roaming\Thinstall [2010.10.16 00:11:20 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 20.10.2010 20:06:38 - Run 1 OTL by OldTimer - Version Folder = C:\Users\IMM0rtalis\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 18,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 41,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 24,90 Gb Total Space | 0,02 Gb Free Space | 0,08% Space Free | Partition Type: NTFS Drive E: | 25,00 Gb Total Space | 14,10 Gb Free Space | 56,38% Space Free | Partition Type: NTFS Drive M: | 100,01 Gb Total Space | 19,98 Gb Free Space | 19,97% Space Free | Partition Type: NTFS Drive P: | 10,00 Gb Total Space | 8,02 Gb Free Space | 80,18% Space Free | Partition Type: NTFS Drive Q: | 50,01 Gb Total Space | 21,85 Gb Free Space | 43,69% Space Free | Partition Type: NTFS Drive S: | 80,01 Gb Total Space | 23,62 Gb Free Space | 29,53% Space Free | Partition Type: NTFS Drive V: | 616,49 Gb Total Space | 3,90 Gb Free Space | 0,63% Space Free | Partition Type: NTFS Drive W: | 232,89 Gb Total Space | 37,31 Gb Free Space | 16,02% Space Free | Partition Type: NTFS Drive X: | 130,00 Gb Total Space | 36,32 Gb Free Space | 27,94% Space Free | Partition Type: NTFS Drive Y: | 320,75 Gb Total Space | 232,09 Gb Free Space | 72,36% Space Free | Partition Type: NTFS Drive Z: | 40,00 Gb Total Space | 29,59 Gb Free Space | 73,97% Space Free | Partition Type: NTFS Computer Name: BGSTYLE | User Name: IMM0rtalis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode "{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{36A415C2-7181-421D-92C9-8255766E0FF3}" = TortoiseSVN (64 bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4BE91685-1632-47FC-B563-A8A542C6664C}" = Autodesk Network License Manager "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{7C9D315B-1320-4AA9-AA58-DA61B75D8079}" = Slik Subversion 1.6.12 (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{A35001F0-F1E4-11DD-A38B-005056C00008}" = Paragon Partition Manager™ 10.0 Professional "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4 "{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22 "{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help "{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help "{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007 "{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch "{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12 "{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}" = Hercules Classic Link "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{C3C44248-B8F7-4B20-A5C7-994870B60F55}" = Hercules Webcam Station Evolution SE "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4 "{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX "{e28bce1d-1092-4f7e-ab67-7510a2fd4c12}" = Nero 9 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EDA12670-56B5-4459-BA21-D010F0E3EBA1}" = Emergency 4 Deluxe "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby "{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "CINEMA 4D Release 10" = CINEMA 4D Release 10 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09 "Der VerkehrsGigant-Gold Edition" = Der VerkehrsGigant-Gold Edition "EasyBCD" = EasyBCD 1.7.2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "htmltads.exe" = HTML TADS Player Kit "InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "LogMeIn Hamachi" = LogMeIn Hamachi "MirandaFusion" = Miranda Fusion 2.0.23 "mIRC" = mIRC "Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11) "MPE" = MyPhoneExplorer "NAV" = Norton AntiVirus "nbi-nb-base-" = NetBeans IDE 6.8 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PunkBusterSvc" = PunkBuster Services "Spyware Terminator_is1" = Spyware Terminator "StarCraft II" = StarCraft II "Steam App 240" = Counter-Strike: Source "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "UltraISO_is1" = UltraISO Premium V9.32 "VISPRO" = Microsoft Office Visio Professional 2007 "VLC media player" = VLC media player 1.0.5 "VMware_Player" = VMware Player "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Faraday's Electromagnetic Lab" = Faraday's Electromagnetic Lab "Winamp Detect" = Winamp Anwendungserkennung "XBMC" = XBMC ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > ![]() mfg |
![]() | #2 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch 1. norton und kaspersky sollten nicht auf dem selben pc laufen, welches wirst du deinstalieren?
__________________2. download malwarebytes: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten. schalte alle laufenden programme ab, trenne die internetverbindung. registerkarte scanner, komplett scan, funde entfernen, log posten. |
![]() | #3 |
| ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatischCode:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4895 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.10.2010 23:20:19 mbam-log-2010-10-20 (23-20-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|P:\|Q:\|S:\|) Durchsuchte Objekte: 458340 Laufzeit: 1 Stunde(n), 39 Minute(n), 3 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: E:\Adobe\Adobe Premiere Pro CS4\adobe.premiere.pro.cs4. (Trojan.Downloader) -> Not selected for removal. P:\xampp\htdocs\sonstiges\BACKUP\14.01.07\PPS\Adobe_Photoshop_CS2\MSVCP60.DLL (Malware.Packer.Gen) -> Quarantined and deleted successfully. S:\RECYCLER\S-1-5-21-436374069-1284227242-1801674531-500\Dg1\3D SexVilla 2 - Everlust\Binaries\fc3DSexVilla.dll (Trojan.Agent) -> Quarantined and deleted successfully. ![]() Hab Norten nur installiert gehabt, um nach dem Virus zu suchen.. erfolglos.. ist wieder deinstalliert. mfg |
![]() | #4 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch sorry mein computer war kaputt ootl: Systemscan mit OTL download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten. |
![]() | #5 |
| ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch hallihallo... hat sich erledigt... durchs hin und herschieben von partitionen mittels paragon partitionsmanager sind meine festplatten gecrasehd und ich war seit/bin seit donnerstag mit datenrecovery beschäftigt... virus ist weg, da ich das betriebssystem neu aufgespielt habe... mfg |
![]() | #6 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch ich würde dir, falls gewünscht, noch tipps zum absichern gebn damit so was nicht mehr passiert. |
![]() | #7 |
| ![]() Win7 64Bit | Firefox-> TABS öffnen sich automatisch soo.. jetzt hab ich endlich einigermaßen ordnung geschaffen.. :/ naja.. ich kanns vereiden, indem ich nicht mehr versuche, cracks zu suchen ![]() e aber im ernst: wie kann ich mich vor solchen .exe-dateien schützen, wenn ich den inhalt nicht kenne aber eigentlich davon "ausgehe", es sei was richtiges.. ? |
![]() |
Themen zu Win7 64Bit | Firefox-> TABS öffnen sich automatisch |
64-bit, 7-zip, adblock, analysis, antivirus, avp.exe, bho, c:\windows\system32\rundll32.exe, call of duty, components, computer, ebay, error, excel, firefox, firefox.exe, flash player, format, ftp, ieframe.dll, install.exe, internet security 2011, intrusion prevention, kaspersky, langs, location, logfile, microsoft office word, mozilla, oldtimer, otl.exe, plug-in, programdata, registry, rundll, saver, scan, searchplugins, security, security update, senden, shell32.dll, shortcut, sich automatisch, software, spielen, sptd.sys, spyware, spyware terminator, symantec, system neu, syswow64, tabs öffnen, tastatur, teamspeak, unseriöse seiten, vlc media player, webcheck, win7 64bit, windows, windows xp |