| |
| |||||||
Log-Analyse und Auswertung: PC lahmt & Shot Online Game stürzt abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.11.2010, 09:43
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PC lahmt & Shot Online Game stürzt ab Ja das ist normal. Lass und erstmal mit ORL nachsehen, MBAM können wir später nochmal probieren: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.11.2010, 10:48
| #17 |
 | PC lahmt & Shot Online Game stürzt ab Hier nun die beiden Logs von OTL.
__________________OTL.txt OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 24.11.2010 10:06:23 - Run 4 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 33,02 Gb Free Space | 44,31% Space Free | Partition Type: NTFS Drive D: | 149,05 Gb Total Space | 130,50 Gb Free Space | 87,56% Space Free | Partition Type: NTFS Drive E: | 8,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 73,06 Gb Total Space | 68,18 Gb Free Space | 93,32% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Java\jre6\bin\javaws.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Java\jre6\bin\javaw.exe (Sun Microsystems, Inc.) PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Java\Java Update\jaucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics Incorporated) PRC - C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe () PRC - C:\Windows\vspc1030.exe (Sonix) PRC - C:\Program Files\Common Files\AccSys\accvssvc.exe (AccSys GmbH) PRC - C:\Program Files\Toshiba TEMPO\TempoSVC.exe (Toshiba Europe GmbH) PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) PRC - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Users\***\Desktop\PC-Wecker 4.00 by IP-MAN.exe (IP-MANs Software) PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe () PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (TOSHIBA Bluetooth Service) -- File not found SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe File not found SRV - (Automatisches LiveUpdate - Scheduler) -- File not found SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe () SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (ACPService) -- C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (accvssvc) -- C:\Program Files\Common Files\AccSys\accvssvc.exe (AccSys GmbH) SRV - (TempoMonitoringService) -- C:\Program Files\Toshiba TEMPO\TempoSVC.exe (Toshiba Europe GmbH) SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation) SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (TpChoice) -- C:\Windows\System32\DRIVERS\TpChoice.sys File not found DRV - (Point32) -- C:\Windows\System32\DRIVERS\point32k.sys File not found DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\Windows\System32\DRIVERS\LV561AV.SYS File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (LVUVC) QuickCam Communicate Deluxe(UVC) -- C:\Windows\System32\DRIVERS\lvuvc.sys File not found DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys File not found DRV - (lvpopflt) -- C:\Windows\System32\DRIVERS\lvpopflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (igfx) -- C:\Windows\System32\DRIVERS\igdkmd32.sys File not found DRV - (EagleNT) -- C:\Users\***\AppData\Local\Temp\EagleNT.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. ) DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (SPC1030) USB2.0 PC Camera (SPC1030) -- C:\Windows\System32\drivers\spc1030.sys () DRV - (phaudlwr) -- C:\Windows\System32\drivers\phaudlwr.sys (Philips Applied Technologies) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (NWUSBPort) -- C:\Windows\System32\drivers\nwusbser.sys (Novatel Wireless Inc.) DRV - (NWUSBModem) -- C:\Windows\System32\drivers\nwusbmdm.sys (Novatel Wireless Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc) DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.) DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.) DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments) DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION) DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation) DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV - (se58bus) Sony Ericsson Device 088 driver (WDM) -- C:\Windows\System32\drivers\se58bus.sys (MCCI) DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.icq.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.02.23 18:49:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010.11.24 08:07:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010.11.11 17:46:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.11.10 20:08:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.02.23 18:49:39 | 000,000,000 | ---D | M] [2010.11.21 09:54:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.02.16 18:21:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe () O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [spc1030] C:\Windows\vspc1030.exe (Sonix) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008.02.26 18:28:20 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{04b9ff7d-6b72-11dd-a19f-9c7b365ad2e8}\Shell - "" = AutoRun O33 - MountPoints2\{04b9ff7d-6b72-11dd-a19f-9c7b365ad2e8}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found O33 - MountPoints2\{2f93bf5c-e86f-11df-824f-fdd1708a4fd5}\Shell - "" = AutoRun O33 - MountPoints2\{2f93bf5c-e86f-11df-824f-fdd1708a4fd5}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{2f93bf5d-e86f-11df-824f-fdd1708a4fd5}\Shell - "" = AutoRun O33 - MountPoints2\{2f93bf5d-e86f-11df-824f-fdd1708a4fd5}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{7c2f5e2a-8040-11dd-b13d-001de0a2a16d}\Shell\verb1\command - "" = desktop.exe O33 - MountPoints2\{8c062fae-79c0-11dd-b7b7-001de0a2a16d}\Shell - "" = AutoRun O33 - MountPoints2\{8c062fae-79c0-11dd-b7b7-001de0a2a16d}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found O33 - MountPoints2\{a2a1cf65-f597-11df-926f-c75c8a900c02}\Shell - "" = AutoRun O33 - MountPoints2\{a2a1cf65-f597-11df-926f-c75c8a900c02}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a2a1cf66-f597-11df-926f-c75c8a900c02}\Shell - "" = AutoRun O33 - MountPoints2\{a2a1cf66-f597-11df-926f-c75c8a900c02}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{ab514589-9238-11dd-b2e2-001de0a2a16d}\Shell - "" = AutoRun O33 - MountPoints2\{ab514589-9238-11dd-b2e2-001de0a2a16d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{ab51459e-9238-11dd-b2e2-001de0a2a16d}\Shell - "" = AutoRun O33 - MountPoints2\{ab51459e-9238-11dd-b2e2-001de0a2a16d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{c9f64298-8334-11dd-8f45-001de0a2a16d}\Shell - "" = AutoRun O33 - MountPoints2\{c9f64298-8334-11dd-8f45-001de0a2a16d}\Shell\AutoRun\command - "" = E:\starter.exe -- File not found O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.24 08:07:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.11.24 08:07:20 | 000,000,000 | -HSD | C] -- \Config.Msi [2010.11.23 15:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.11.23 15:04:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.11.23 15:04:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.11.23 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.11.23 15:04:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.11.22 17:41:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.11.21 19:29:33 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.11.21 19:11:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.11.21 19:11:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.11.21 19:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.11.21 19:09:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\MFtools [2010.11.21 11:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\ShotOnline [2010.11.21 10:02:21 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.11.21 10:02:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.11.21 10:02:20 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.11.21 10:02:20 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.11.21 10:02:20 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.11.21 10:02:20 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.11.21 10:02:19 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.11.21 10:02:19 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.11.21 10:02:18 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.11.21 10:02:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.11.21 10:02:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.11.21 10:02:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.11.21 10:02:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.11.21 10:02:13 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010.11.21 10:02:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010.11.21 10:02:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010.11.21 10:02:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010.11.21 10:02:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.11.21 10:02:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010.11.21 10:02:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.11.21 10:02:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010.11.21 10:02:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010.11.21 10:02:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010.11.21 10:02:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010.11.21 10:02:09 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.11.21 10:02:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010.11.21 10:02:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.11.21 10:02:08 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.11.21 10:02:08 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.11.21 10:02:07 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010.11.21 10:02:07 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010.11.21 10:02:07 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010.11.21 10:02:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010.11.21 09:10:42 | 000,000,000 | ---D | C] -- C:\PMB Files [2010.11.21 09:10:42 | 000,000,000 | ---D | C] -- \PMB Files [2010.11.11 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\AVG Security Toolbar [2010.11.11 17:48:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AVG10 [2010.11.11 17:46:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010.11.11 17:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar [2010.11.11 17:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010.11.11 17:43:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG [2010.11.11 17:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2010.11.09 22:20:58 | 000,299,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010.11.05 22:28:48 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010.11.05 22:28:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010.11.05 22:28:48 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010.11.05 22:28:46 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010.11.05 22:28:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010.11.05 22:28:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010.11.05 22:28:43 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010.11.05 22:28:43 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010.11.05 22:28:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010.11.05 22:28:42 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010.11.05 22:28:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010.11.05 22:28:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010.11.05 22:28:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010.11.05 22:28:35 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010.11.05 22:28:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010.11.05 22:28:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010.11.05 22:28:33 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010.11.05 22:28:33 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010.11.05 22:28:30 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010.11.05 22:28:29 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010.11.05 22:28:28 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010.11.05 22:28:28 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010.11.05 22:28:25 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010.11.05 22:28:24 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010.11.05 22:28:23 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010.11.05 22:28:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010.11.05 22:28:21 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010.11.05 22:28:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010.11.05 22:28:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010.11.05 22:28:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010.11.05 22:28:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010.11.05 22:28:17 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010.11.05 22:28:17 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010.11.05 22:28:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010.11.05 22:28:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010.11.05 22:28:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010.11.05 22:28:12 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010.11.05 22:28:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010.11.05 22:28:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010.11.05 22:28:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010.11.05 22:28:08 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010.11.05 22:28:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010.11.05 22:28:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.11.05 22:28:03 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010.11.05 22:28:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010.11.05 22:28:03 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010.11.05 22:28:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010.11.05 22:28:02 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010.11.05 22:27:37 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010.11.05 22:27:13 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010.11.05 22:27:13 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010.11.05 22:26:31 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010.11.05 22:26:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010.11.05 22:26:23 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010.11.05 22:26:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010.11.05 22:26:10 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2010.11.05 22:25:50 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010.10.28 13:13:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010.10.28 11:23:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2010.10.28 11:23:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2010.10.28 11:22:59 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2010.10.28 11:22:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2010.10.28 11:22:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2010.10.28 11:22:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2010.10.28 11:22:58 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2010.10.28 11:22:58 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2010.10.28 11:22:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2010.10.28 11:22:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2010.10.28 11:22:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2010.10.28 11:22:52 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2010.10.28 11:22:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2010.10.28 11:22:52 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2010.10.28 11:22:52 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2010.10.28 11:22:52 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2010.10.28 11:18:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.10.28 11:18:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.10.28 11:18:37 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.10.28 11:02:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.10.28 11:02:09 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.10.28 11:02:07 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.10.28 11:02:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.10.28 11:02:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010.10.28 11:01:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.28 11:01:25 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.28 11:01:25 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.28 11:01:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.28 11:01:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.10.28 11:01:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.10.28 11:01:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.10.28 11:01:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.10.28 11:01:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.28 11:01:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.10.28 11:01:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.10.28 11:01:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.28 11:01:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.28 11:01:23 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.28 11:01:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.28 11:01:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.10.28 11:01:21 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.28 11:01:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.28 11:00:35 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.28 11:00:19 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.10.28 11:00:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.10.28 11:00:17 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.28 11:00:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.28 11:00:15 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.10.28 11:00:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.10.28 11:00:08 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.10.28 11:00:07 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2010.10.28 10:59:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.10.28 10:59:56 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.10.28 10:59:28 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.28 10:52:26 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.10.28 10:52:25 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.10.26 21:16:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals [2009.08.30 21:09:29 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\cspc1030.dll ========== Files - Modified Within 30 Days ========== [2010.11.24 09:34:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000UA.job [2010.11.24 09:08:11 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.24 09:08:11 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.24 08:08:14 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2010.11.24 07:29:02 | 099,967,159 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2010.11.23 23:14:27 | 000,672,608 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.23 23:14:27 | 000,633,908 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.23 23:14:27 | 000,145,818 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.23 23:14:27 | 000,120,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.23 23:08:33 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter-***-Startup.job [2010.11.23 23:08:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.23 16:34:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000Core.job [2010.11.23 15:04:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.11.23 15:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.11.23 15:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.11.23 15:04:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.11.23 10:42:44 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E523E591-38C8-4635-B4CE-A67C951508D3}.job [2010.11.22 18:18:01 | 000,000,694 | ---- | M] () -- C:\Users\***\Desktop\cmd.exe.lnk [2010.11.22 17:41:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.11.21 20:07:48 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2010.11.21 19:11:28 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.21 19:09:34 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\defogger.exe [2010.11.21 19:09:32 | 000,288,107 | ---- | M] () -- C:\Users\***Desktop\Gmer.zip [2010.11.21 19:08:13 | 000,471,560 | ---- | M] () -- C:\Users\***\Desktop\Load.exe [2010.11.21 12:30:07 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.11.21 11:03:06 | 000,000,793 | ---- | M] () -- C:\Users\***\Desktop\ShotOnline.lnk [2010.11.20 19:15:33 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI [2010.11.12 11:40:11 | 000,292,939 | -H-- | M] () -- C:\Users\***\Desktop\mxfilerelatedcache.mxc2 [2010.11.11 17:48:54 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.11.09 22:20:58 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010.11.08 10:32:38 | 000,296,448 | ---- | M] () -- C:\Users\***\Desktop\gmer.exe [2010.11.06 08:35:50 | 000,002,092 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk [2010.10.28 13:17:47 | 000,358,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2010.11.24 07:29:02 | 099,967,159 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2010.11.22 18:17:34 | 000,000,694 | ---- | C] () -- C:\Users\***\Desktop\cmd.exe.lnk [2010.11.21 20:09:31 | 000,296,448 | ---- | C] () -- C:\Users\***\Desktop\gmer.exe [2010.11.21 20:07:48 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2010.11.21 19:11:28 | 000,000,783 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.21 19:09:33 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\defogger.exe [2010.11.21 19:09:27 | 000,288,107 | ---- | C] () -- C:\Users\***\Desktop\Gmer.zip [2010.11.21 19:08:05 | 000,471,560 | ---- | C] () -- C:\Users\***\Desktop\Load.exe [2010.11.21 11:03:06 | 000,000,793 | ---- | C] () -- C:\Users\***\Desktop\ShotOnline.lnk [2010.11.11 17:46:15 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2010.10.28 11:22:54 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010.10.28 11:22:54 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2010.10.28 11:22:54 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2010.05.10 07:47:01 | 000,000,036 | ---- | C] () -- C:\Windows\IniFile1.ini [2010.04.13 20:33:58 | 000,022,392 | ---- | C] () -- \aaw7boot.log [2009.11.06 11:34:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.30 21:09:29 | 003,035,776 | ---- | C] () -- C:\Windows\System32\drivers\spc1030.sys [2009.08.30 21:09:29 | 000,851,968 | ---- | C] () -- C:\Windows\System32\Dll_Volume_Ctrl.dll [2009.08.30 21:09:29 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\spc1030c.sys [2009.08.30 21:09:29 | 000,015,497 | ---- | C] () -- C:\Windows\spc1030.ini [2009.07.07 16:23:05 | 000,000,000 | ---- | C] () -- \Tech_Vista.log [2009.03.12 20:15:09 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009.01.17 12:38:55 | 000,000,445 | ---- | C] () -- C:\Windows\Rollemup.ini [2008.11.22 12:58:59 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2008.10.04 19:08:10 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008.10.04 19:08:10 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008.09.24 09:17:37 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll [2008.06.29 20:39:25 | 000,000,125 | ---- | C] () -- \ioSpecial.ini [2008.06.25 13:30:02 | 000,172,032 | ---- | C] () -- C:\Windows\WsBtn.dll [2008.05.22 20:45:24 | 000,000,024 | ---- | C] () -- C:\Windows\2pic.ini [2008.05.08 12:46:23 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2008.05.08 11:33:17 | 000,000,092 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat [2008.05.08 11:27:05 | 000,017,904 | ---- | C] () -- C:\Users\***\AppData\Roaming\UserTile.png [2008.05.06 16:46:52 | 000,000,016 | -H-- | C] () -- C:\Users\***\AppData\Roaming\mxfilerelatedcache.mxc2 [2008.05.06 16:46:52 | 000,000,016 | -H-- | C] () -- C:\Users\***\AppData\Local\mxfilerelatedcache.mxc2 [2008.05.04 18:01:33 | 000,000,160 | ---- | C] () -- \TO_InstallLog.txt [2008.04.12 22:34:23 | 000,041,984 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.04.12 18:43:44 | 3533,377,536 | -HS- | C] () -- [2008.01.08 09:35:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007.10.15 19:52:56 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.10.15 19:51:56 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2007.10.15 19:51:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2007.10.15 19:51:56 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2007.10.15 19:51:56 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2007.07.25 14:24:30 | 001,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007.07.12 09:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2007.07.12 09:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2007.07.12 09:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2007.07.12 09:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2007.07.12 09:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2007.07.12 09:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2007.07.12 09:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2007.04.17 13:05:13 | 000,025,120 | ---- | C] () -- \_wdsuef.dmp [2007.04.16 09:41:43 | 000,000,547 | -H-- | C] () -- \SWSTAMP.TXT [2007.04.16 07:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.04.16 07:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007.04.16 06:17:51 | 000,000,420 | ---- | C] () -- \RHDSetup.log [2007.04.16 05:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll [2007.04.13 11:12:10 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2007.04.13 11:12:09 | 000,333,257 | RHS- | C] () -- \bootmgr [2007.02.16 17:10:52 | 000,098,304 | ---- | C] () -- C:\Windows\System32\bftowdthunk.dll [2006.12.05 12:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [2006.02.26 15:08:28 | 000,585,728 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2005.11.23 13:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2005.07.22 20:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2004.06.09 21:38:01 | 000,184,320 | ---- | C] () -- C:\Windows\System32\JPeg32.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:861A898F @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:A296A63F @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:101708D3 @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:31F2397C @Alternate Data Stream - 321 bytes -> C:\ProgramData\TEMP:E603573E @Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:D05E7A8B @Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:ACD203D5 @Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:F84B8DB5 @Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:3F22DA14 @Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0E660858 @Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:86D110BB @Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:74BB299D @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:F42CF153 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:6247E766 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0EC7A545 @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3BAD46F6 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:5D10C56A @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5584049 @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:5425B7F5 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:BC428E9F @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B3BFB454 @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5F538558 @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:80EA2EA3 @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F878F14A @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1F4329D4 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FDAF118C @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6A7B7A50 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:62197B73 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B54102AD @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:940ECC98 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:89123481 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4D066AD2 @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EC7C9796 @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:87FA5E8A @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:26FBC1F9 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A23D24E7 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4C509008 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:3B3A35EC @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D3A89E47 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:92D18A5E @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:6E11933F @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9E9A3410 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:54F7A151 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F67AAFC5 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:82E1D3A4 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:6BFA43EB @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:51A22C60 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:48977386 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D93DCF15 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A724744F @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:206470A5 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:81F83028 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ED45A20F @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DD04902E @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0651F96C @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E6683E95 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DF2EA4BB @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:7091055F @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:1ECED34B @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:425759C6 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:04893BD0 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:756C8543 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3AC42987 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:128A6DC9 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0A73A758 @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:666FB4AA @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:CBCE0A92 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A3B8F70C @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:7EBCC2D7 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:109734F6 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:50636E35 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FD000392 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:CC30FDA5 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:730BC923 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4F58D818 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2FF4577A @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:57B2B96C @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:E98C5DD9 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:90E3641D @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:5216CD26 @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:AA60673F @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8C458D50 @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:6CEB2458 @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:41099CE9 @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:561B1D2B @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:50F1E014 @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:37CE0F2E @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:18AE7C5A @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:DCF7E75A @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:CEF2A14E @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:38849DE5 @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:34BCB6A9 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:33A7CC67 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:3C9CF9A7 @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E1982A23 @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:5848893E @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:B652B720 < End of report > --- --- --- und Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.11.2010 10:06:23 - Run 4
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 33,02 Gb Free Space | 44,31% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 130,50 Gb Free Space | 87,56% Space Free | Partition Type: NTFS
Drive E: | 8,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 73,06 Gb Total Space | 68,18 Gb Free Space | 93,32% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05668431-5189-4EA0-BF0D-5EEFBA0EABE0}" = lport=137 | protocol=17 | dir=in | app=system |
"{090AC9D2-4D33-4F94-9E53-1F631769D4B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AC66C3B-7A39-4A85-8A50-7509C808237C}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{1AE7C1AF-E3CC-413C-BC14-31E82632C08D}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C472818-88DE-4C63-A335-0D515048B97E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1F815374-4C15-40F6-87D3-CFAEE4D1E80F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A874BB3-452D-4141-A957-E212A21007B6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{31FE2AB9-AD1D-448A-A30A-6397D6E027BB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{36F5E085-16D1-43BB-9029-ABEB6044F131}" = rport=137 | protocol=17 | dir=out | app=system |
"{4752E8CE-A5DC-431F-878A-3FB62557FE1A}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{554E0250-C9B6-48E3-BC03-073958F537AC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{67AC563E-97DA-493B-B1E4-478F38C9FB93}" = lport=443 | protocol=6 | dir=in | app=system |
"{6A7462E4-AEF8-4CD9-8B09-3CC6CFB49216}" = rport=138 | protocol=17 | dir=out | app=system |
"{783CC294-71F4-42F0-B15E-8D158E6F26A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{802E149A-C122-4E6F-87CC-9CB9A5977B86}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9761247A-C60A-4139-913B-6EA437D18939}" = rport=139 | protocol=6 | dir=out | app=system |
"{983EB5DB-C613-4D04-B4B6-3912CDE4CC2E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{994EA113-F30A-41E4-83CB-A5957C6547A9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{9CC62870-82C5-4E14-BDB3-76F847924D10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C2EC3A6A-D8F3-4159-BB56-329778DDF9F8}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C6146573-E5EA-4096-AD83-273005AE7044}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C9B39CF2-C163-4A2B-9FE2-0D4F77831E9C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CA946675-EC2B-4B95-A76E-ACB7AFE39538}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D38235AD-0CAE-4F7B-8220-BA37915D45B9}" = lport=139 | protocol=6 | dir=in | app=system |
"{D4CEB868-23AE-4627-896D-6273D9D20915}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{DAC874B8-78FD-407F-8033-39AA7639B383}" = lport=445 | protocol=6 | dir=in | app=system |
"{DEEB115A-A671-42C6-A3C0-4BE503C68703}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E60810BA-02A7-4E7A-AEB8-DD342A0FFC10}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7114AAD-C6F0-4557-93B9-0369F5F4626E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EB782FD1-8817-4AB9-9733-36EE3FB929EA}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0657906-FC3D-47AA-9CD5-CA5D9525FEF5}" = lport=138 | protocol=17 | dir=in | app=system |
"{F2F0AFE9-D96A-4C1A-9344-8ACF56FB4B57}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043C7189-78D0-4F0D-A499-048C343C1AC9}" = protocol=6 | dir=in | app=c:\program files\o2 connection manager\o2 connection manager.exe |
"{05751030-F462-4DD8-8771-3DB78A25BE21}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{07350EFA-2FCE-4F56-A831-A62B9D72A2B4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0F7CC15A-38F6-4ECF-88E2-AACA849025C2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{15570260-D569-40CD-B44D-A7063D8949D3}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{1822939B-9B47-4586-84A5-6401A41F792B}" = protocol=6 | dir=in | app=g:\fsetup.exe |
"{1830CDB7-D86E-4A47-BCCC-2E01EA2A7308}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1936DFE1-AFDA-45B3-8213-5DD041DE66FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1B25BC51-8578-4428-A462-89017C321E70}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1C76A927-4F73-4766-9773-979AE8B47861}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{22BDCEE0-C737-4B99-B564-A48996BA8D72}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2926E9C4-ADF3-4612-BB7C-DFF57CB316E5}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{2C2EA037-C7D8-4F4C-8D45-4A1984AA406A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2D8E0C80-4476-47D4-91ED-C094372B7C84}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{30B4E6DC-AAC6-44A2-9CDD-BED7B6DAB7AB}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{32B8FEFA-8019-4546-B8B4-C5B141306A01}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{37386EA2-5D66-4FF3-BCC4-CB1A0C9AD995}" = protocol=6 | dir=in | app=c:\users\***\appdata\local\temp\7zs3b19.tmp\symnrt.exe |
"{37747BA8-A056-40EC-B17F-5E8D211F3B7C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{38796051-F9AD-4E1E-B931-5D8D871E7AC2}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{3EDC5D14-52EC-4614-871C-C35842169C99}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4195EC0F-E84D-4A59-B75E-5147BC2E56B7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{4356FD6E-1039-4791-A0A0-A4BF8537D484}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{440B8678-4684-4C3F-8638-56662EE767A4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{447641AC-D693-4750-B1D9-C2687DF5F410}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4EA881E6-779F-45BB-9E4F-66EDB1415C55}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4FF0EF4B-C8D5-4D01-9F02-C4FF9FA90793}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{5A9B6B8D-4D37-41A8-B2CF-7F525546A765}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5B055F20-D636-4EF2-82BF-DDC5914B017D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{5CC5B01C-4811-4E7D-8023-BF9D8942218E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DC4A54A-20D3-4C3F-BA25-6D53C5EE31FE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{5EA4D53C-2D06-449B-8A9D-C681854BA4B2}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{6BFCD803-45C4-4993-83F6-C6EB105D39F6}" = protocol=17 | dir=in | app=c:\program files\bfgclient\bfgclient.exe |
"{73227CA2-6D1D-4862-9A15-58AAC7F4FFD0}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{7887D441-DC46-4117-A99A-48A56C12B6DA}" = protocol=6 | dir=in | app=c:\windows\system32\mpk\mpkview.exe |
"{78A8F307-4C7C-4FFE-BB61-93E3B908FFC4}" = protocol=17 | dir=in | app=c:\users\***\appdata\local\temp\7zs3b19.tmp\symnrt.exe |
"{7D3B22E0-2D49-4D20-9B15-66DD28E6E3F5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{832961EE-2404-4216-8F92-4079362099DD}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8D0DD3EC-4140-4A92-A5A1-4B1701E9AC25}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{8F07EBD0-1987-405B-9E96-BEAAF764BA53}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{9B6A8207-E3FD-4804-907D-CA56F4B72CC1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5CADEA8-29E6-4386-A624-2A8E68106B9F}" = protocol=6 | dir=in | app=c:\windows\system32\mpk\mpk.exe |
"{A96A1DCB-FFF3-42BC-B5E2-48ACBB952681}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{AC4CA47D-8AD2-47FF-A800-7DB844ED571D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AE865C80-B948-4669-B9C9-BD7CECAF1502}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B0E9EBE3-5667-49C2-92DF-3261AE5467D0}" = protocol=17 | dir=in | app=c:\program files\shotonline\shotonline.exe |
"{B6EF52EE-DABB-4C0A-86F9-85B6F7AF1A50}" = protocol=6 | dir=in | app=c:\program files\bfgclient\bfgclient.exe |
"{C2614F31-2BA1-4781-919C-E09EFD5406F2}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{C2B5E42D-0FD9-4847-BCC2-3B6048E4AF83}" = protocol=17 | dir=in | app=c:\program files\o2 connection manager\o2 connection manager.exe |
"{C3EBC362-8B1D-4CB1-BB57-516A5DE2DE3B}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{D06DC602-6198-4F3B-9625-EB98510002E4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D941156A-AB9B-46C4-A083-762FC4A5742A}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{DAD6EBB4-70FE-4635-A11F-2D0BB4BFF6C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DFC31036-FC7B-44DA-BA28-BFFBBF416D0F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DFC3386B-9D7F-4A01-BCB6-176409E9B69E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DFEEE479-067E-497B-9560-4072713756C1}" = protocol=17 | dir=in | app=c:\windows\system32\mpk\mpk.exe |
"{E5B6B6C6-9D13-47CE-92F1-1FF89F42ACE0}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{ECD70008-688D-4CD7-8659-A08328635D7A}" = protocol=6 | dir=in | app=c:\program files\shotonline\shotonline.exe |
"{ED63C9B5-3F0A-453F-B05E-A50A08E84B58}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F0BB84AB-BF3A-4736-8587-ACE671CABF90}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F108D97B-C27D-4D3A-9B52-B98A479359F0}" = protocol=17 | dir=in | app=c:\windows\system32\mpk\mpkview.exe |
"{F4F98B32-83A6-4D8A-829B-1B16FC5A8E1E}" = protocol=17 | dir=in | app=g:\fsetup.exe |
"{FEF7EE59-EB56-48CC-A278-4F29AEAFAC11}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{FF608D3C-AC07-4975-B8DA-16852D8AA9D2}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{6C8F6D4E-F3D8-473D-9D23-6014859541AC}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{9992D4CD-FD0C-48A3-8BA2-929FBCC717F0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C9AB994B-3DB8-4BD9-AA6A-B2CD76C343A2}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{DCF0FA4A-42CC-4D43-9001-DDC2F9CCCFB5}C:\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\gamigo games\smash online\smashonline.exe |
"TCP Query User{F63D5751-19D8-422F-9AFF-5E776425E9A4}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{FE11D220-B3F4-4AEA-80A5-FA8E3B8393FD}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0E5FD933-3701-489A-A08E-C3FB09382386}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{5477AD70-2927-4E6C-AB01-DCA8851528C3}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{56FE89B4-1189-4D7A-B3B5-2FB33C697646}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{A7D8B256-B026-469A-9E79-4AC3A7F829BC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DF6F8FD9-9796-43F1-968B-83BC1CB7AD48}C:\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\gamigo games\smash online\smashonline.exe |
"UDP Query User{F3D67C65-DEF6-4842-8666-4561D3627488}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04CB6099-90D2-896A-8E01-8F1228499D93}" = Catalyst Control Center Localization Dutch
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{068138BE-11F5-8F56-8D88-13837314558E}" = CCC Help German
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0A2F0BB6-D45B-AF3C-C19A-6950342AF6B1}" = Catalyst Control Center Localization Turkish
"{0BAA36F4-8138-AD8A-3791-44A7F0DD63E7}" = CCC Help Japanese
"{0C2B0B35-CF80-1384-D2F0-14F119F1784E}" = Catalyst Control Center Localization Chinese Standard
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{190D0C6E-C8A7-4019-8FB5-FD041EC1F2D2}" = Mobile Broadband Drivers
"{1A998953-E64F-CE34-4517-C58EF5092157}" = CCC Help Turkish
"{1AED74D3-4C54-3CAA-65DE-4EAB7B589AE1}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{228A2F09-4557-92B9-44A9-E13D41FFAD02}" = Catalyst Control Center Localization Hungarian
"{228D6BCB-7B30-39F5-5442-A99CD76A9762}" = Catalyst Control Center Localization Danish
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2672817F-EB60-5FA1-9691-FE03D3E674F9}" = CCC Help French
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CC25320-CD83-B987-4B0A-B53B8413CC87}" = CCC Help Italian
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{33A0D18A-019E-8F30-6EDA-776CDC319771}" = CCC Help Norwegian
"{34537704-7E4C-F552-AFC7-E3FDB0A4FDC1}" = Catalyst Control Center Localization Italian
"{357D2DAA-1743-AC07-D88B-0077FC725DF6}" = Catalyst Control Center Graphics Full Existing
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{3899B709-95BD-752E-B320-1686DACA370E}" = CCC Help Portuguese
"{3E84E56E-FC81-4E08-AA90-E8B2FDC02557}" = Catalyst Control Center Localization Norwegian
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43721D86-16D1-46BF-8353-37CD82333BC3}" = OpenOffice.org 2.4
"{469DFB95-185F-CA9E-3D5E-0036754B5033}" = Catalyst Control Center Localization German
"{475BF3D4-E418-18CF-34FC-1D8DD3E67F46}" = Catalyst Control Center Localization Chinese Traditional
"{481C9A00-91AC-4065-870C-BD4E28186E5A}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACF5CB8-CADE-42C9-B3D3-B8751A2CDFD6}" = Toshiba TEMPO
"{4D881F9F-90B1-6992-BA30-72333A6BC669}" = CCC Help Danish
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{51035563-B7F5-01AF-0BE4-47533DEE5B51}" = Catalyst Control Center Localization Russian
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5AC66835-7850-401E-AC93-65AD4D6A7E2E}" = Catalyst Control Center Localization Portuguese
"{5AD96CF5-2627-4F29-9D2D-72FCD85F6355}" = AVG 2011
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63C5533F-7DFD-4143-9B5E-3BB205591CFC}" = o2 Connection Manager
"{6789E743-FF41-3E96-8C59-0F43ADE6D9E6}" = Catalyst Control Center Localization French
"{698CEC51-8E29-5B7C-2C88-20CDE9DC3DFF}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{74E2F60E-5C4D-3200-3AB5-6A5C1806A64F}" = CCC Help Hungarian
"{759D7567-3027-5605-BF42-9363090FAF71}" = CCC Help Czech
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7BECDEE0-7126-4F9B-8BE4-E72AEA79571B}" = ArcSoft WebCam Companion 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85737D46-5FDE-7798-02BA-68AC06CD0B17}" = CCC Help Spanish
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{892DB0A0-CF31-DA46-8142-2B3953CA7B38}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D6BCA55-8E9C-416E-823C-05E8123C3162}" = Movavi Flash Converter
"{8F2E8ADC-871F-7B91-708D-BC2899C7D986}" = Catalyst Control Center Localization Swedish
"{8FC9A62D-90DB-7122-09F3-587C42EE9FAC}" = Catalyst Control Center Localization Czech
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9128A108-FE27-997F-A118-E6C65FAE2256}" = CCC Help Korean
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9809A7E4-3B3B-4547-3B80-0073E0115EB4}" = Catalyst Control Center Graphics Previews Vista
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9842DEA7-806B-08CA-608C-9717F5F5D7F3}" = Catalyst Control Center Graphics Light
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C6ABCF3-A9BF-2A09-0974-777B6C421E28}" = CCC Help Swedish
"{9F59C3AE-81B0-4EF6-9762-D674BB079705}" = Nokia Software Updater
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A23061AF-5361-433C-B7F0-CE5F79A22C49}" = AVG 2011
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{A6F2C0CD-E0A2-BCC1-5BEF-600AC4D9AE62}" = Catalyst Control Center Localization Spanish
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AED8FA19-763C-BA3F-A243-3136EEF255E8}" = CCC Help Russian
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BA98E840-DCB3-10B7-D016-8890E4F8F4CC}" = Catalyst Control Center Graphics Full New
"{BC1ADEAD-99F1-4707-B31B-CDB222D5BB68}" = Catalyst Control Center - Branding
"{C1F4123D-6C93-D087-F50F-8D7AC51AFE76}" = ATI Catalyst Install Manager
"{C3E7A3AD-142E-2433-0107-D2CA4D85F19F}" = CCC Help Greek
"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5A5F901-08F3-7E96-3049-A950A80ACCF4}" = Catalyst Control Center Graphics Previews Common
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB082B01-F65B-05DA-3048-8979BF7B5BD2}" = CCC Help Dutch
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC0E0442-B3BA-6FB5-3E94-C5F96B9B8915}" = Skins
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D281F20C-FA11-D09A-8A20-B78D771222F8}" = Catalyst Control Center Localization Japanese
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DD766B16-BE10-F87C-73A7-A6FC09148633}" = CCC Help Polish
"{DDF91F62-6CBF-2932-93BA-D487B60635B5}" = Catalyst Control Center Core Implementation
"{DEC00B1F-5E63-D40F-6291-A2A531414613}" = CCC Help Chinese Traditional
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF066D23-C0C8-8755-8244-A8A78B8798A5}" = CCC Help Thai
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E6C773DF-41C4-4A4F-B6C5-7830FF10342F}" = Philips CamSuite
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EC2F2081-6B46-810C-8408-EC04D29EDFF0}" = Catalyst Control Center Localization Thai
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0EF93AE-6B13-DB6A-3C03-8CB5A51D0A7A}" = CCC Help Finnish
"{F0FFE43C-7FCC-55F3-6BDE-11F6E9F9FB4A}" = CCC Help Chinese Standard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E1E2E3-2F93-E548-7675-10A78CDD04A6}" = Catalyst Control Center Localization Finnish
"{F20B6876-0F18-1A47-D858-D0D9F6888B99}" = Catalyst Control Center Localization Polish
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F400ED9E-848C-DB0B-CED5-F69DAA2CE8AD}" = ccc-utility
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5EFBB2D-2CD6-FD3D-FA53-DFB962BFD14C}" = Catalyst Control Center Localization Korean
"{F6D5EED1-EB69-421C-A314-8998CA574C51}" = Philips SPC1030NC Webcam
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"10F7630C78CC9B1F315B5FA216ECB493C3ACD3E5" = Windows-Treiberpaket - Philips CL (phaudlwr) MEDIA (06/02/2008 1.0.5.12)
"45BC8B5D6014058D45855440C588F87C62D70673" = Windows-Treiberpaket - Philips (SPC1030) Image (06/11/2008 5.8.8.042)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG" = AVG 2011
"BCM70010" = Broadcom High Definition Video Decoder 2.6.40.1
"CCleaner" = CCleaner
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{63C5533F-7DFD-4143-9B5E-3BB205591CFC}" = o2 Connection Manager
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"king.com" = king.com (remove only)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"Mozilla Thunderbird (3.0.10)" = Mozilla Thunderbird (3.0.10)
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019
"Nokia Ovi Suite" = Nokia Ovi Suite
"ShotOnline" = ShotOnline
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.11.2010 05:02:21 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =
Error - 21.11.2010 17:12:14 | Computer Name = ***-PC | Source = Perflib | ID = 1010
Description =
Error - 23.11.2010 08:38:54 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 23.11.2010 08:40:12 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 23.11.2010 08:47:16 | Computer Name = ***-PC | Source = RasClient | ID = 20227
Description =
Error - 23.11.2010 08:48:33 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 23.11.2010 08:53:48 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 23.11.2010 09:01:10 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 23.11.2010 17:58:18 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 24.11.2010 02:41:43 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung chrome.exe, Version 0.0.0.0, Zeitstempel 0x4ccf15cc,
fehlerhaftes Modul gcswf32.dll, Version 10.1.103.19, Zeitstempel 0x4cca3ce5, Ausnahmecode
0xc0000005, Fehleroffset 0x0017e41b, Prozess-ID 0xa40, Anwendungsstartzeit 01cb8ba1cd69445b.
[ OSession Events ]
Error - 17.07.2010 02:49:01 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.07.2010 10:54:26 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.07.2010 08:04:12 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.08.2010 05:42:21 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.09.2010 05:02:24 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 23.11.2010 15:50:21 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.11.2010 15:50:21 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.11.2010 15:50:21 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.11.2010 16:30:44 | Computer Name = ***-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 23.11.2010 18:06:44 | Computer Name = ***-PC | Source = DCOM | ID = 10010
Description =
Error - 23.11.2010 18:08:57 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.11.2010 18:08:57 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.11.2010 18:08:57 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.11.2010 02:23:59 | Computer Name = ***-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 24.11.2010 02:24:38 | Computer Name = ***-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
< End of report >
|
|
24.11.2010, 11:19
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Code:
ATTFilter :OTL
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.02.26 18:28:20 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{04b9ff7d-6b72-11dd-a19f-9c7b365ad2e8}\Shell - "" = AutoRun
O33 - MountPoints2\{04b9ff7d-6b72-11dd-a19f-9c7b365ad2e8}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found
O33 - MountPoints2\{2f93bf5c-e86f-11df-824f-fdd1708a4fd5}\Shell - "" = AutoRun
O33 - MountPoints2\{2f93bf5c-e86f-11df-824f-fdd1708a4fd5}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2f93bf5d-e86f-11df-824f-fdd1708a4fd5}\Shell - "" = AutoRun
O33 - MountPoints2\{2f93bf5d-e86f-11df-824f-fdd1708a4fd5}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7c2f5e2a-8040-11dd-b13d-001de0a2a16d}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{8c062fae-79c0-11dd-b7b7-001de0a2a16d}\Shell - "" = AutoRun
O33 - MountPoints2\{8c062fae-79c0-11dd-b7b7-001de0a2a16d}\Shell\AutoRun\command - "" = E:\pushinst.exe -- File not found
O33 - MountPoints2\{a2a1cf65-f597-11df-926f-c75c8a900c02}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a1cf65-f597-11df-926f-c75c8a900c02}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a2a1cf66-f597-11df-926f-c75c8a900c02}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a1cf66-f597-11df-926f-c75c8a900c02}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ab514589-9238-11dd-b2e2-001de0a2a16d}\Shell - "" = AutoRun
O33 - MountPoints2\{ab514589-9238-11dd-b2e2-001de0a2a16d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ab51459e-9238-11dd-b2e2-001de0a2a16d}\Shell - "" = AutoRun
O33 - MountPoints2\{ab51459e-9238-11dd-b2e2-001de0a2a16d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c9f64298-8334-11dd-8f45-001de0a2a16d}\Shell - "" = AutoRun
O33 - MountPoints2\{c9f64298-8334-11dd-8f45-001de0a2a16d}\Shell\AutoRun\command - "" = E:\starter.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008.02.26 18:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
[2010.11.21 09:10:42 | 000,000,000 | ---D | C] -- C:\PMB Files
[2010.11.21 09:10:42 | 000,000,000 | ---D | C] -- \PMB Files
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:A296A63F
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:101708D3
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:31F2397C
@Alternate Data Stream - 321 bytes -> C:\ProgramData\TEMP:E603573E
@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:D05E7A8B
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:ACD203D5
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:3F22DA14
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:86D110BB
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:74BB299D
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:F42CF153
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:6247E766
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0EC7A545
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:5D10C56A
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5584049
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:5425B7F5
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:BC428E9F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B3BFB454
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5F538558
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:80EA2EA3
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F878F14A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1F4329D4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FDAF118C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:62197B73
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B54102AD
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:940ECC98
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:89123481
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EC7C9796
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:87FA5E8A
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:26FBC1F9
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A23D24E7
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4C509008
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:3B3A35EC
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D3A89E47
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:92D18A5E
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:6E11933F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9E9A3410
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:54F7A151
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F67AAFC5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:82E1D3A4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:6BFA43EB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:51A22C60
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:48977386
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D93DCF15
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A724744F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:81F83028
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ED45A20F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DD04902E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0651F96C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E6683E95
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DF2EA4BB
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:7091055F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:1ECED34B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:425759C6
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:04893BD0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:756C8543
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3AC42987
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:128A6DC9
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0A73A758
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:666FB4AA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:CBCE0A92
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:7EBCC2D7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:109734F6
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:50636E35
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FD000392
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:CC30FDA5
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:730BC923
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4F58D818
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2FF4577A
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:57B2B96C
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:E98C5DD9
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:90E3641D
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:5216CD26
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:AA60673F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8C458D50
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:6CEB2458
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:41099CE9
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:50F1E014
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:37CE0F2E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:18AE7C5A
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:DCF7E75A
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:CEF2A14E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:38849DE5
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:34BCB6A9
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:33A7CC67
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:3C9CF9A7
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:5848893E
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:B652B720
:Files
C:\Program Files\TOSHIBA\FlashCards
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ |
|
24.11.2010, 12:27
| #19 | |
| | PC lahmt & Shot Online Game stürzt ab Ok hier das LogFile. Zitat:
|
|
24.11.2010, 12:33
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab So. Dann probier den Vollscan mit MBAM jetzt bitte nochmal aus.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2010, 15:25
| #21 | |
| | PC lahmt & Shot Online Game stürzt ab Hat endlich geklappt  Zitat:
|
|
24.11.2010, 17:32
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2010, 19:49
| #23 |
| | PC lahmt & Shot Online Game stürzt ab so fertig und hier der dazugehörige Log. Combofix Logfile: Code:
ATTFilter ComboFix 10-11-23.05 - *** 24.11.2010 18:50:12.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.2004 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\cofi.exe
SP: Windows-Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\progra~2\xp
c:\progra~2\xp\EBLib.dll
c:\progra~2\xp\TPwSav.sys
c:\users\***\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
c:\users\***\FAVORI~1\mxfilerelatedcache.mxc2
c:\users\***\Favorites\mxfilerelatedcache.mxc2
c:\users\***\FREE-WRC.exe
c:\users\***\INSTALL.exe
c:\windows\system32\bftowdthunk.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\ui
c:\windows\system32\ui\BANNER\LOADINGEVENT1.SOR
c:\windows\system32\ui\BANNER\LOADINGEVENT2.SOR
c:\windows\system32\ui\BANNER\LOADINGEVENT3.SOR
c:\windows\system32\ui\BANNER\LOADINGEVENT4.SOR
c:\windows\system32\ui\BANNER\LOADINGEVENT5.SOR
c:\windows\system32\ui\BANNER\LOADINGIMGOPT.SOR
c:\windows\system32\ui\BANNER\NOTICE_BANNER1.SOR
c:\windows\system32\ui\BANNER\NOTICE_BANNER2.SOR
c:\windows\system32\ui\BANNER\NOTICE_BANNER3.SOR
c:\windows\system32\ui\BANNER\NOTICE_BANNER4.SOR
c:\windows\system32\ui\BANNER\NOTICE_BANNER5.SOR
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_Boonty Games
-------\Service_NPF
((((((((((((((((((((((( Dateien erstellt von 2010-10-24 bis 2010-11-24 ))))))))))))))))))))))))))))))
.
2010-11-24 18:04 . 2010-11-24 18:11 -------- dc----w- c:\users\***\AppData\Local\temp
2010-11-24 18:04 . 2010-11-24 18:04 -------- dc----w- c:\users\Default\AppData\Local\temp
2010-11-24 17:19 . 2010-11-24 17:19 -------- dc----w- c:\program files\CCleaner
2010-11-24 11:18 . 2010-11-24 11:18 -------- dc----w- C:\_OTL
2010-11-23 14:04 . 2010-11-23 14:04 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2010-11-21 18:11 . 2010-04-29 14:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-21 18:11 . 2010-11-21 18:11 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-21 18:11 . 2010-04-29 14:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-11-21 10:02 . 2010-11-23 15:35 -------- dc----w- c:\program files\ShotOnline
2010-11-20 00:47 . 2010-11-10 04:33 6273872 ----a-w- c:\progra~2\Microsoft\Windows Defender\Definition Updates\{4088A183-0F64-4FB5-941F-F8764BF13096}\mpengine.dll
2010-11-11 16:48 . 2010-11-11 16:48 -------- dc----w- c:\users\***\AppData\Roaming\AVG10
2010-11-11 16:46 . 2010-11-11 16:46 -------- dc-h--w- c:\progra~2\Common Files
2010-11-11 16:43 . 2010-11-24 17:37 -------- dc----w- c:\progra~2\AVG10
2010-11-11 16:21 . 2010-11-11 16:32 -------- dc----w- c:\progra~2\MFAData
2010-11-06 10:37 . 2010-11-06 10:37 103864 -c--a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-11-05 21:26 . 2005-05-26 14:34 2297552 -c--a-w- c:\windows\system32\d3dx9_26.dll
2010-10-28 10:23 . 2009-10-09 21:56 2048 -c--a-w- c:\windows\system32\winrsmgr.dll
2010-10-28 10:23 . 2009-10-09 21:56 12800 -c--a-w- c:\windows\system32\wsmprovhost.exe
2010-10-28 10:18 . 2009-11-08 08:55 99176 -c--a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-28 10:18 . 2009-11-08 08:55 49472 -c--a-w- c:\windows\system32\netfxperf.dll
2010-10-28 10:18 . 2009-11-08 08:55 297808 -c--a-w- c:\windows\system32\mscoree.dll
2010-10-28 10:18 . 2009-11-08 08:55 295264 -c--a-w- c:\windows\system32\PresentationHost.exe
2010-10-28 10:18 . 2009-11-08 08:55 1130824 -c--a-w- c:\windows\system32\dfshim.dll
2010-10-28 10:02 . 2010-06-22 13:30 2048 -c--a-w- c:\windows\system32\tzres.dll
2010-10-28 10:02 . 2010-08-26 16:34 1696256 -c--a-w- c:\windows\system32\gameux.dll
2010-10-28 10:02 . 2010-08-26 16:33 28672 -c--a-w- c:\windows\system32\Apphlpdm.dll
2010-10-28 10:02 . 2010-08-26 14:23 4240384 -c--a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-28 10:02 . 2010-09-06 16:20 125952 -c--a-w- c:\windows\system32\srvsvc.dll
2010-10-28 10:02 . 2010-09-06 16:19 17920 -c--a-w- c:\windows\system32\netevent.dll
2010-10-28 10:02 . 2010-09-06 13:45 304128 -c--a-w- c:\windows\system32\drivers\srv.sys
2010-10-28 10:02 . 2010-09-06 13:45 145408 -c--a-w- c:\windows\system32\drivers\srv2.sys
2010-10-28 10:02 . 2010-09-06 13:45 102400 -c--a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-28 10:00 . 2010-08-20 16:05 867328 -c--a-w- c:\windows\system32\wmpmde.dll
2010-10-28 09:59 . 2010-04-05 17:01 67072 -c--a-w- c:\windows\system32\asycfilt.dll
2010-10-28 09:59 . 2010-08-26 04:23 13312 -c--a-w- c:\program files\Internet Explorer\iecompat.dll
2010-10-28 09:59 . 2010-05-04 19:13 231424 -c--a-w- c:\windows\system32\msshsq.dll
2010-10-28 09:59 . 2010-08-26 16:37 157184 -c--a-w- c:\windows\system32\t2embed.dll
2010-10-28 09:57 . 2010-06-11 16:15 1248768 -c--a-w- c:\windows\system32\msxml3.dll
2010-10-28 09:53 . 2010-06-16 16:04 905088 -c--a-w- c:\windows\system32\drivers\tcpip.sys
2010-10-28 09:53 . 2010-08-31 15:44 531968 -c--a-w- c:\windows\system32\comctl32.dll
2010-10-28 09:52 . 2010-06-08 17:35 3600768 -c--a-w- c:\windows\system32\ntkrnlpa.exe
2010-10-28 09:52 . 2010-06-08 17:35 3548040 -c--a-w- c:\windows\system32\ntoskrnl.exe
2010-10-26 20:16 . 2010-10-26 20:17 -------- dc----w- c:\users\***\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-04 16:44 222080 -c----w- c:\windows\system32\MpSigStub.exe
2010-09-29 16:47 . 2010-10-18 15:34 4032992 -c--a-w- c:\windows\system32\GameMon.des
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Google Update"="c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-21 136176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"NDSTray.exe"="NDSTray.exe" [BU]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"spc1030"="c:\windows\vspc1030.exe" [2008-02-22 684032]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
" Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk]
backup=c:\windows\pss\FRITZ!DSL Startcenter.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 -c--a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-08-03 05:22 1826816 -c--a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler; [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2006-12-27 4352]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2007-01-25 265088]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-06 1352832]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-09-29 4032992]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys [2008-05-07 88704]
R3 SPC1030;USB2.0 PC Camera (SPC1030);c:\windows\system32\DRIVERS\spc1030.sys [2008-06-11 3035776]
R3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\DRIVERS\TpChoice.sys [x]
R4 CplIR;Embedded IR Driver;c:\windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S2 accvssvc;AccSys WLAN Control Service;c:\program files\Common Files\AccSys\AccVSSvc.exe [2007-10-30 131072]
S2 ACPService;ACPService;c:\program files\Philips\CamSuite\1.0.9.0\ACPService.exe [2008-06-11 741376]
S2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPO\TempoSVC.exe [2007-10-29 95624]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
2010-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 15:19]
2010-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 15:19]
2010-11-24 c:\windows\Tasks\User_Feed_Synchronization-{E523E591-38C8-4635-B4CE-A67C951508D3}.job
- c:\windows\system32\msfeedssync.exe [2010-10-28 04:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to Mp3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4
TCP: {41756D47-C5A8-45FE-89BB-3D44A87D856E} = 193.189.244.225 193.189.244.206
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
AddRemove-InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8} - c:\program files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe
**************************************************************************
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien:
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Philips\CamSuite\1.0.9.0\ACPGUI.dll
c:\windows\RtHDVCpl.exe
c:\program files\TOSHIBA\Power Saver\TPwrMain.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-11-24 19:24:57 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-11-24 18:24
Vor Suchlauf: 12 Verzeichnis(se), 35.559.440.384 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 37.525.544.960 Bytes frei
- - End Of File - - 03FED6A969666B3614A374F240B41F45
|
|
24.11.2010, 19:56
| #24 |
| | PC lahmt & Shot Online Game stürzt ab Achso, musste vor dem start der cofi.exe mein avg antivirenprogramm löschen, weil ich keine ahnung hatte wie ich das ausstelle. Hab keinen Button dafür gefunden. Was meinst du welches Antivirenprogramm ich laden soll. Wieder AVG oder ein anderes? Danke schonmal |
|
24.11.2010, 21:25
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab Ja, das hatte ich vergessen zu erwähnen. CF und AVG vertragen sich nicht (mehr), AVG muss vorher deinstalliert werden. Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.11.2010, 08:01
| #26 | |
| | PC lahmt & Shot Online Game stürzt ab Guten Morgen, die Logs von GMER, OSAM und MBRCheck GMER Logfile: Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2010-11-24 23:05:52
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.LB11
Running: gmer.exe; Driver: C:\Users\***\AppData\Local\Temp\kwldrpoc.sys
---- Kernel code sections - GMER 1.0.15 ----
.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8AB5B000, 0x4036D, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8ABA4000, 0x510, 0x40000040]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----[/QUOTE]
OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 07:51:53 on 25.11.2010 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - ? - C:\Windows\system32\lsdelete.exe (File found, but it contains no detailed information) [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000Core.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3715181647-2952123552-3075776655-1000UA.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl "TOSCDSPD.cpl" - ? - C:\Windows\system32\TOSCDSPD.cpl (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AVM Eject" (avmeject) - "AVM Berlin" - C:\Windows\System32\drivers\avmeject.sys "catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found) "EagleNT" (EagleNT) - ? - C:\Users\***\AppData\Local\Temp\EagleNT.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "igfx" (igfx) - ? - C:\Windows\System32\DRIVERS\igdkmd32.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "kwldrpoc" (kwldrpoc) - ? - C:\Users\***\AppData\Local\Temp\kwldrpoc.sys (Hidden registry entry, rootkit activity | File not found) "Logitech POP Suppression Filter" (lvpopflt) - ? - C:\Windows\System32\DRIVERS\lvpopflt.sys (File not found) "Logitech QuickCam Express(PID_0928)" (PID_0928) - ? - C:\Windows\System32\DRIVERS\LV561AV.SYS (File not found) "Logitech USB Monitor Filter" (LVUSBSta) - ? - C:\Windows\System32\drivers\LVUSBSta.sys (File not found) "Microsoft IntelliPoint Filter Driver" (Point32) - ? - C:\Windows\System32\DRIVERS\point32k.sys (File not found) "PCASp50 NDIS Protocol Driver" (PCASp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\Windows\System32\Drivers\PCASp50.sys "QuickCam Communicate Deluxe(UVC)" (LVUVC) - ? - C:\Windows\System32\DRIVERS\lvuvc.sys (File not found) "StarOpen" (StarOpen) - ? - C:\Windows\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) "Tosrfcom" (Tosrfcom) - ? - C:\Windows\system32\drivers\Tosrfcom.sys (File not found) "Touch Pad Detection Filter driver" (TpChoice) - ? - C:\Windows\System32\DRIVERS\TpChoice.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {792F0537-F929-4eb7-AC1D-FB6334C71550} "LG Phone" - ? - (File not found | COM-object registry key not found) {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {A40526DD-F152-4C1D-844C-CE668D29B77E} "Shell extension for NTP" - ? - (File not found | COM-object registry key not found) {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} "Java Plug-in 1.6.0" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {67DABFBF-D0AB-41FA-9C46-CC0F21721616} "{67DABFBF-D0AB-41FA-9C46-CC0F21721616}" - ? - (File not found | COM-object registry key not found) / hxxp://download.divx.com/player/DivXBrowserPlugin.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll "eBay - Der weltweite Online Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 (HTTP value) "ICQ7" - "ICQ, LLC." - C:\Program Files\ICQ7.0\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Google Update" - "Google Inc." - "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c "ISUSPM" - "Macrovision Corporation" - "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "KeNotify" - ? - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe " Malwarebytes Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "NDSTray.exe" - ? - NDSTray.exe (File not found) "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "StartCCC" - ? - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" (File found, but it contains no detailed information) "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SVPWUTIL" - "TOSHIBA" - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll "Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AccSys WLAN Control Service" (accvssvc) - "AccSys GmbH" - C:\Program Files\Common Files\AccSys\AccVSSvc.exe "ACPService" (ACPService) - ? - C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - ? - C:\Windows\system32\drivers\Automatisches LiveUpdate - Scheduler.sys (File not found) "ConfigFree Service" (CFSvcs) - "TOSHIBA CORPORATION" - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft" - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Notebook Performance Tuning Service " (TempoMonitoringService) - "Toshiba Europe GmbH" - C:\Program Files\Toshiba TEMPO\TempoSVC.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe "TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - ? - C:\Windows\system32\drivers\TOSHIBA Bluetooth Service.sys (File not found) "TOSHIBA Navi Support Service" (TNaviSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe "TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe "TOSHIBA Power Saver" (TosCoSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe "Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Windows Live Setup Service" (WLSetupSvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\installer\WLSetupSvc.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "igfxcui" - ? - igfxdev.dll (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE] Zitat:
|
|
25.11.2010, 13:25
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.11.2010, 18:48
| #28 | ||
| | PC lahmt & Shot Online Game stürzt ab so, erledigt. Zitat:
Zitat:
|
|
26.11.2010, 18:58
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC lahmt & Shot Online Game stürzt ab Sieht ok aus, da wurden nur Cookies gefunden, ein Fehlalarm war dabei. Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2010, 20:38
| #30 |
| | PC lahmt & Shot Online Game stürzt ab Hi, nee im Moment scheint es ganz ok zu sein. Danke dir! Aber welches dieser vielen Programme kann ich löschen und welches sollte man besser behalten? Dieses SUPERAntiSpyware ist das nen normales Antivirenprogramm? Grüße |
|
| Themen zu PC lahmt & Shot Online Game stürzt ab |
| adobe, antivir, antivir guard, avg, avira, bho, defender, desktop, ebay, google, hijack, internet, internet explorer, langsam, logfile, monitor, performance, problem, programdata, rundll, saver, senden, software, spielen, system, vista, windows, wlan |
Linear-Darstellung
