Brauche unterstützung!

green123 · 24.11.2010, 22:36

Habe vor kurzem bemerkt das an meinem Computer nichts mehr so läuft wie früher...z.B. internet explorer bleibt stecken, desktop konnte man nicht anklicken keine symbole öffnen.. oder einmal beim starten ist ein schwarzer hintergrund mit einer befehlszeile gekommen zusätzlich mit einem komischen geräusch im pc...was mir auch aufgefallen ist wenn ich den browser schließe steht im taskmager mindestens 4 iexplore*32 im taskmanager...glaube deshalb das einiges schädliches am comp. ist.. brauche deshalb euere hilfe um mir was konkretes sagen zu können

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:26:01, on 24.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8636 bytes

cosinus · 25.11.2010, 15:08

Zitat:

MSIE: Internet Explorer v9.00 (9.00.7930.16406)

Wieso installierst du eine Beta-Version des IE9?

Zitat:

C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe

Ist ne Systembremse. Ich würds umgehend deinstallieren und als Ersatz http://www.microsoft.com/security_essentials/ verwenden.

green123 · 25.11.2010, 15:51

hallo arne!

danke zunächst für deine antwort!

mir wurde auf der homepage von microsoft angeboten es zu installieren, habs dann auch gemacht.. sollte ich auf den firefox umsteigen?

sonst ist alles in ordung mit der hijack file ?

cosinus · 25.11.2010, 16:01

Zitat:

mir wurde auf der homepage von microsoft angeboten es zu installieren, habs dann auch gemacht.. sollte ich auf den firefox umsteigen?

Aber steht doch dick und fett BETA dran!
IE9 am besten deinstallieren, erst installieren, wenn der offiziell draußen ist.
Und ja, zum normalen Surfen würde ich Firefox oder Opera empfehlen.

Zitat:

sonst ist alles in ordung mit der hijack file ?

HJT macht auf 64-Bit-Systemen keinen Sinn. HJT ist obsolet.
Hast du Norton deinstalliert?

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

green123 · 25.11.2010, 22:26

hallo arne!

Nochmals danke für deine große mühe und hilfsbereitschaft! vielen dank!

habe IE9 deinstalliert...mozilla firefox als standardbrowser festgelegt...habe kleine frage dazu : verwende den firefox für 32 bit versionen obwohl ich einen 64bit habe, ist das ein problem? es funktioniert trotzdem reibunglos, besser als beim IE

Hier ist der Log vom malwarebyte:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5190

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.11.2010 22:11:36
mbam-log-2010-11-25 (22-11-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 272722
Laufzeit: 23 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

2 Logfile von OTL:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 25.11.2010 22:12:51 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\abc\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 74,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,39 Gb Total Space | 870,99 Gb Free Space | 94,84% Space Free | Partition Type: NTFS
Drive D: | 13,02 Gb Total Space | 1,80 Gb Free Space | 13,80% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 922,83 Gb Free Space | 99,07% Space Free | Partition Type: NTFS
 
Computer Name: HP-PC | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\abc\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\abc\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezsvc7.dll File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys (Symantec Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.sys (Symantec Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (TSKNF900.SYS) -- C:\Windows\SysNative\drivers\Tsknf900.sys (Igor Arsenin)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20101125.002\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20101125.002\ENG64.SYS (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20101104.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20101124.002\IDSviA64.sys (Symantec Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://de.www.mozilla.com/de/firefox/about/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.11.25 13:39:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.11.25 11:46:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.11.25 11:35:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.25 14:10:38 | 000,000,000 | ---D | M]
 
[2010.11.25 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\abc\AppData\Roaming\mozilla\Extensions
[2010.11.25 15:32:57 | 000,000,000 | ---D | M] -- C:\Users\abc\AppData\Roaming\mozilla\Firefox\Profiles\7fq1ubi8.default\extensions
[2010.11.25 13:50:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Programme\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.25 21:49:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\abc\Desktop\OTL.exe
[2010.11.25 21:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.11.25 21:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.25 21:08:19 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\HpUpdate
[2010.11.25 14:16:12 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Adobe
[2010.11.25 14:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.11.25 14:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.11.25 14:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.11.25 14:03:12 | 000,000,000 | ---D | C] -- C:\Users\abc\Desktop\Naka
[2010.11.25 13:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
[2010.11.25 13:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2010.11.25 13:56:38 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Seven Zip
[2010.11.25 13:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.11.25 13:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.11.25 13:54:45 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.11.25 13:54:17 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Microsoft Help
[2010.11.25 13:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.11.25 13:53:56 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.11.25 13:49:41 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Omnifone_Ltd
[2010.11.25 13:48:47 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\newfolder3
[2010.11.25 13:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2010.11.25 13:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2010.11.25 13:48:45 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Downloaded Installations
[2010.11.25 13:48:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2010.11.25 13:48:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.11.25 13:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010.11.25 12:52:53 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.11.25 12:52:53 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Skype
[2010.11.25 12:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.11.25 12:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.11.25 12:44:32 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Apps
[2010.11.25 12:22:16 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\ElevatedDiagnostics
[2010.11.25 12:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.11.25 12:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.11.25 12:14:30 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.11.25 12:14:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.11.25 12:14:30 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.11.25 12:14:30 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.11.25 12:14:30 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.11.25 12:14:30 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.11.25 12:14:29 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.11.25 12:14:29 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.11.25 12:14:29 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.11.25 12:14:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.11.25 12:14:29 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.11.25 12:14:29 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.11.25 12:14:28 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.11.25 12:14:28 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.11.25 12:14:28 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.11.25 12:14:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.11.25 12:14:28 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.11.25 12:14:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.11.25 12:14:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.11.25 12:14:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.11.25 12:14:27 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.11.25 12:14:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.11.25 12:14:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.11.25 12:14:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.11.25 12:14:26 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.11.25 12:14:26 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.11.25 12:14:26 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.11.25 12:14:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.11.25 12:14:25 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.11.25 12:14:25 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.11.25 12:14:25 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.11.25 12:14:25 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.11.25 12:14:25 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.11.25 12:14:25 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.11.25 12:14:24 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.11.25 12:14:24 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.11.25 12:14:24 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.11.25 12:14:24 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.11.25 12:14:24 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.11.25 12:14:24 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.11.25 12:14:24 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.11.25 12:14:24 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.11.25 12:14:23 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.11.25 12:14:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.11.25 12:14:23 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.11.25 12:14:23 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.11.25 12:14:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.11.25 12:14:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.11.25 12:14:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.11.25 12:14:23 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.11.25 12:14:23 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.11.25 12:14:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.11.25 12:14:22 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.11.25 12:14:22 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.11.25 12:14:22 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.11.25 12:14:22 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.11.25 12:14:22 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.11.25 12:14:22 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.11.25 12:14:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.11.25 12:14:22 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.11.25 12:14:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.11.25 12:14:22 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.11.25 12:14:22 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.11.25 12:14:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.11.25 12:14:22 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.11.25 12:14:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.11.25 12:14:21 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.11.25 12:14:21 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.11.25 12:14:21 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.11.25 12:14:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.11.25 12:14:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.11.25 12:14:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.11.25 12:14:21 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.11.25 12:14:21 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.11.25 12:14:20 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.11.25 12:14:20 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.11.25 12:14:20 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.11.25 12:14:20 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.11.25 12:14:20 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.11.25 12:14:20 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.11.25 12:14:20 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.11.25 12:14:20 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.11.25 12:14:19 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.11.25 12:14:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.11.25 12:14:19 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.11.25 12:14:19 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.11.25 12:14:19 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.11.25 12:14:19 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.11.25 12:14:19 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.11.25 12:14:19 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.11.25 12:14:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.11.25 12:14:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.11.25 12:14:19 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.11.25 12:14:19 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.11.25 12:14:18 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.11.25 12:14:18 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.11.25 12:14:18 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.11.25 12:14:18 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.11.25 12:14:18 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.11.25 12:14:18 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.11.25 12:14:18 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.11.25 12:14:18 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.11.25 12:14:18 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.11.25 12:14:18 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.11.25 12:14:17 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.11.25 12:14:17 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.11.25 12:14:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.11.25 12:14:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.11.25 12:14:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.11.25 12:14:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.11.25 12:14:17 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.11.25 12:14:17 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.11.25 12:14:17 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.11.25 12:14:17 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.11.25 12:14:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.11.25 12:14:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.11.25 12:14:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.11.25 12:14:16 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.11.25 12:14:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.11.25 12:14:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.11.25 12:14:15 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.11.25 12:14:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.11.25 12:14:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.11.25 12:14:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.11.25 12:14:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.11.25 12:14:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.11.25 12:14:14 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.11.25 12:14:14 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.11.25 12:14:14 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.11.25 12:14:14 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.11.25 12:14:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.11.25 12:14:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.11.25 12:14:14 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.11.25 12:14:14 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.11.25 12:14:14 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.11.25 12:14:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.11.25 12:14:13 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.11.25 12:14:13 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.11.25 12:14:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.11.25 12:14:11 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.11.25 12:14:11 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.11.25 12:14:11 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.11.25 12:14:11 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.11.25 12:14:11 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.11.25 12:14:11 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.11.25 12:14:11 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.11.25 12:14:10 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.11.25 12:14:10 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.11.25 12:14:10 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.11.25 12:14:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.11.25 12:14:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.11.25 12:14:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.11.25 12:14:09 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.11.25 12:14:09 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.11.25 12:14:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.11.25 12:14:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.11.25 11:35:37 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Mozilla
[2010.11.25 11:35:37 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Mozilla
[2010.11.25 11:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.11.25 09:57:56 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.11.25 09:57:56 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.11.25 09:57:56 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.11.25 09:57:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.11.25 00:16:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.11.24 23:41:02 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\CyberLink
[2010.11.24 23:41:02 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\CyberLink
[2010.11.24 23:41:01 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\PowerCinema
[2010.11.24 21:57:03 | 000,023,592 | ---- | C] (Igor Arsenin) -- C:\Windows\SysNative\drivers\Tsknf900.sys
[2010.11.24 21:57:03 | 000,000,000 | ---D | C] -- C:\Programme\Iarsn
[2010.11.24 21:38:37 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010.11.24 21:38:37 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010.11.24 21:38:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010.11.24 21:38:37 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010.11.24 21:38:33 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010.11.24 21:38:32 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010.11.24 21:38:32 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010.11.24 21:38:09 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2010.11.24 21:38:09 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2010.11.24 21:38:09 | 000,899,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2010.11.24 21:38:09 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2010.11.24 21:38:09 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2010.11.24 21:38:08 | 001,543,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2010.11.24 21:38:08 | 001,076,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2010.11.24 21:38:08 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2010.11.24 21:37:38 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2010.11.24 21:37:38 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2010.11.24 21:37:38 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2010.11.24 21:37:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2010.11.24 21:37:06 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2010.11.24 21:37:06 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2010.11.24 21:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool
[2010.11.24 21:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CleanUp!
[2010.11.24 21:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.11.24 20:31:34 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Malwarebytes
[2010.11.24 20:31:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.24 20:31:26 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.24 20:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.24 20:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.24 20:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.11.24 20:10:37 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Macromedia
[2010.11.24 20:10:37 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Adobe
[2010.11.24 20:09:16 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.11.24 20:09:16 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Symantec Shared
[2010.11.24 20:09:16 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2010.11.24 20:08:40 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\ATI
[2010.11.24 20:08:40 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\ATI
[2010.11.24 20:07:40 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Intel Corporation
[2010.11.24 20:07:29 | 000,000,000 | R--D | C] -- C:\Users\abc\Searches
[2010.11.24 20:07:21 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Identities
[2010.11.24 20:07:19 | 000,000,000 | R--D | C] -- C:\Users\abc\Contacts
[2010.11.24 20:07:18 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\VirtualStore
[2010.11.24 20:03:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.11.24 20:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010.11.24 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Hewlett-Packard
[2010.11.24 20:00:55 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Hewlett-Packard
[2010.11.24 20:00:32 | 000,000,000 | --SD | C] -- C:\Users\abc\AppData\Roaming\Microsoft
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Videos
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Saved Games
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Pictures
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Music
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Links
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Favorites
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Downloads
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Documents
[2010.11.24 20:00:32 | 000,000,000 | R--D | C] -- C:\Users\abc\Desktop
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Vorlagen
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\AppData\Local\Verlauf
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\AppData\Local\Temporary Internet Files
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Startmenü
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\SendTo
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Recent
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Netzwerkumgebung
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Lokale Einstellungen
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Documents\Eigene Videos
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Documents\Eigene Musik
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Eigene Dateien
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Documents\Eigene Bilder
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Druckumgebung
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Cookies
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\AppData\Local\Anwendungsdaten
[2010.11.24 20:00:32 | 000,000,000 | -HSD | C] -- C:\Users\abc\Anwendungsdaten
[2010.11.24 20:00:32 | 000,000,000 | -H-D | C] -- C:\Users\abc\AppData
[2010.11.24 20:00:32 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Temp
[2010.11.24 20:00:32 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Local\Microsoft
[2010.11.24 20:00:32 | 000,000,000 | ---D | C] -- C:\Users\abc\AppData\Roaming\Media Center Programs
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.11.24 20:00:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.11.24 20:00:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.25 21:49:23 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 21:49:23 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 21:48:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\abc\Desktop\OTL.exe
[2010.11.25 21:46:18 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.25 21:46:18 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.25 21:46:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.25 21:46:18 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.25 21:46:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.25 21:41:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.25 21:41:27 | 2115,301,375 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.25 21:39:50 | 001,109,378 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1108000.005\Cat.DB
[2010.11.25 21:28:10 | 000,001,260 | ---- | M] () -- C:\Users\abc\Desktop\Spybot - Search & Destroy.lnk
[2010.11.25 15:29:05 | 000,002,482 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010.11.25 15:28:47 | 000,349,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.11.25 13:56:44 | 000,002,299 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office – 60-Tage-Testversion.lnk
[2010.11.25 13:48:50 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2010.11.25 13:48:48 | 000,000,228 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2010.11.25 12:52:54 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.25 11:35:34 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.24 22:09:35 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010.11.24 21:57:03 | 000,000,878 | ---- | M] () -- C:\Users\abc\Desktop\Iarsn TaskInfo 9.x.lnk
[2010.11.24 21:44:48 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWow64\ezsvc7x.dll
[2010.11.24 21:19:46 | 000,002,965 | ---- | M] () -- C:\Users\abc\Desktop\HiJackThis.lnk
[2010.11.24 20:31:29 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 20:09:16 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.11.24 20:09:16 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.11.24 20:09:16 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.11.24 20:00:40 | 000,001,804 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_CPC_WK676AA-ABD p6314de_YC_0Pavi_QCZH004_EA1CEv6PrA2_49_IIONA_SMSI_V1.0_B5.07_T091221_WUH0_L407_M8152_J1000_7Intel_8Core i7 860_92.8_#100409_N10EC8168_Z_G100268F9_Ohp CDDVDW TS-H653R_DBNQ7805.MRK
[2010.11.24 20:00:40 | 000,001,804 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_CPC_WK676AA-ABD p6314de_YC_0Pavi_QCZH004_EA1CEv6PrA2_49_IIONA_SMSI_V1.0_B5.07_T091221_WUH0_L407_M8152_J1000_7Intel_8Core i7 860_92.8_#100409_N10EC8168_Z_G100268F9_Ohp CDDVDW TS-H653R_DBNQ7805.MRK
 
========== Files Created - No Company Name ==========
 
[2010.11.25 21:28:10 | 000,001,260 | ---- | C] () -- C:\Users\abc\Desktop\Spybot - Search & Destroy.lnk
[2010.11.25 13:56:44 | 000,002,299 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office – 60-Tage-Testversion.lnk
[2010.11.25 13:49:41 | 000,000,003 | ---- | C] () -- C:\ProgramData\MusicStation.log
[2010.11.25 13:48:50 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010.11.25 13:48:48 | 000,000,228 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2010.11.25 12:52:53 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.25 11:35:34 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.24 21:57:03 | 000,000,878 | ---- | C] () -- C:\Users\abc\Desktop\Iarsn TaskInfo 9.x.lnk
[2010.11.24 21:46:03 | 000,000,544 | ---- | C] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2010.11.24 21:19:46 | 000,002,965 | ---- | C] () -- C:\Users\abc\Desktop\HiJackThis.lnk
[2010.11.24 20:31:29 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 20:09:16 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.11.24 20:09:16 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.11.24 20:00:38 | 000,001,804 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_CPC_WK676AA-ABD p6314de_YC_0Pavi_QCZH004_EA1CEv6PrA2_49_IIONA_SMSI_V1.0_B5.07_T091221_WUH0_L407_M8152_J1000_7Intel_8Core i7 860_92.8_#100409_N10EC8168_Z_G100268F9_Ohp CDDVDW TS-H653R_DBNQ7805.MRK
[2010.11.24 20:00:38 | 000,001,804 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_CPC_WK676AA-ABD p6314de_YC_0Pavi_QCZH004_EA1CEv6PrA2_49_IIONA_SMSI_V1.0_B5.07_T091221_WUH0_L407_M8152_J1000_7Intel_8Core i7 860_92.8_#100409_N10EC8168_Z_G100268F9_Ohp CDDVDW TS-H653R_DBNQ7805.MRK
[2009.09.29 15:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

< End of report >

--- --- ---
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 25.11.2010 22:12:51 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\abc\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 74,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,39 Gb Total Space | 870,99 Gb Free Space | 94,84% Space Free | Partition Type: NTFS
Drive D: | 13,02 Gb Total Space | 1,80 Gb Free Space | 13,80% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 922,83 Gb Free Space | 99,07% Space Free | Partition Type: NTFS
 
Computer Name: HP-PC | User Name: abc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{67CA5B4D-32DA-B54C-1851-F68ECD83262E}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92DC29BE-F273-E61F-89E8-49D15CB0D54A}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"PC-Doctor for Windows" = Hardwarediagnosetools
"TaskInfo 9_is1" = TaskInfo 9.2.0.320
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{12AC7D04-7EF5-CB71-92C0-9F37F808604D}" = CCC Help Finnish
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2960B400-A582-3BA0-7FD7-7E8F65872F26}" = CCC Help Hungarian
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3094DEEF-D021-5D41-E668-DACD21EE5378}" = Catalyst Control Center Localization All
"{337F4690-FDCD-9079-A356-328CAA4785D4}" = Catalyst Control Center Graphics Full New
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C689453-B9D2-E098-78B5-8B22054DD8D6}" = CCC Help Norwegian
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4468CABB-C198-0BBC-C141-471330B003E8}" = CCC Help Russian
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47A87A40-2EE3-908A-2898-16C55094E7D4}" = CCC Help Danish
"{4DD13385-617B-833B-B7C3-AF776CC94983}" = Catalyst Control Center Graphics Light
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57A67EC6-0652-4C0A-B8D4-20CD437AD033}" = Catalyst Control Center - Branding
"{5A573BAF-F2CA-8D40-147B-F9392C66A6EC}" = Catalyst Control Center Graphics Full Existing
"{5BE0B867-E5E7-A3EA-90ED-F178C3464CD1}" = CCC Help German
"{5E7EB89D-DADD-0142-CB19-84CAABC3E38F}" = CCC Help Greek
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60D48620-7709-04FE-D4F4-755147E97E20}" = CCC Help Portuguese
"{62E28CE9-77EB-D391-F3EC-FEAFFB304D1A}" = CCC Help Italian
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69D9FEFA-023D-E1CC-A203-DC3552D19F6E}" = CCC Help Spanish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7158461A-1C97-B14E-B2B7-72047FD7A128}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant
"{760D4D89-0782-1E09-2BDD-63477A9C8B58}" = CCC Help Czech
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76BB9D19-F698-72D4-DE25-512AD4D3C01A}" = CCC Help Dutch
"{89E02B93-2324-4D9F-DCE5-20FB3118AF1B}" = CCC Help Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C8BD907-F9FA-0528-C3C9-888C5915E0B0}" = ccc-core-static
"{8E741727-AEAB-E2B7-88AC-D69E6DD7163B}" = Catalyst Control Center Graphics Previews Common
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981A87FD-9EC7-B2DB-1FAE-83C842AE8CFC}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{AAF63659-4ED5-568A-3B87-A14332EC661A}" = CCC Help Turkish
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{B0D740C7-4518-53F8-D9D6-A6C938B31A73}" = CCC Help Japanese
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B97DB85C-9DA9-15C8-670C-4C0392F7147E}" = Catalyst Control Center Core Implementation
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BB3BC78D-7051-FEBA-4AF3-B5F16B687B9D}" = CCC Help English
"{BCE916EA-0BA3-14B4-DFE0-96E497A44388}" = CCC Help Swedish
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3DF1C57-780A-DB9C-F30A-68EB45526761}" = Catalyst Control Center InstallProxy
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAB2393-4F5F-CBC3-80E0-167B8B7C5437}" = HydraVision
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D9D79E19-3121-5BC9-D3C8-A2C0FD1D056E}" = Catalyst Control Center HydraVision Full
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E142F90A-40BA-4FDC-64EE-585A5B7166EE}" = CCC Help Chinese Traditional
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E45CD037-027A-BB56-4699-EC2B9126FAE5}" = CCC Help Polish
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E74E7F63-E70F-43f2-873F-35FB66F263B2}" = MusicStation
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EBEF361C-659C-3893-CA1C-081559A17834}" = CCC Help Chinese Standard
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D260C2-41B6-F061-455C-72537103D844}" = CCC Help French
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CleanUp!" = CleanUp!
"EasyBits Magic Desktop" = Magic Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NIS" = Norton Internet Security
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.11.2010 10:52:35 | Computer Name = hp-PC | Source = Application Hang | ID = 1002
Description = Programm HPSF.exe, Version 4.2.5.3 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 12c    Startzeit: 
01cb8cae7e4a7a9d    Endzeit: 3    Anwendungspfad: C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\HPSF.exe    Berichts-ID:   
 
[ System Events ]
Error - 24.11.2010 15:02:56 | Computer Name = hp-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Search" wurde nicht richtig gestartet.
 
 
< End of report >

--- --- ---

cosinus · 26.11.2010, 19:11

Zitat:

verwende den firefox für 32 bit versionen obwohl ich einen 64bit habe, ist das ein problem? es funktioniert trotzdem reibunglos, besser als beim IE

Das ist kein Problem. Ein 64-Bit-Windows kann auch idR problemlos 32-Bit-Programme ausführen. Deswegen gibt es einmal den Ordner "Program Files" für 64-Bit-Programme und "Program Files (x86)" für 32-Bit-Anwendungen.
Einen 64-Bit-Firefox gibt es mW auch noch garnicht. (zumindest nicht als stabile Version)

Zitat:

es funktioniert trotzdem reibunglos, besser als beim IE

Ist das Problem jetzt behoben?

Die OTL-Logs sind unauffällig und MBAM hat auch nichts gefunden.

green123 · 26.11.2010, 21:21

hallo nochmals!

derzeit funktioniert alles ordnungsgemäß, keine fehler sind bis jetzt aufgetaucht...wollte auch sicher gehen dass mein pc keine schädlinge etc. hat

und nochmals DANKESCHÖN für deine raschen antworten und analysen...

Brauche unterstützung!

Log-Analyse und Auswertung: Brauche unterstützung!