| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: MSConfig und andere Programme starten nicht.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.11.2010, 17:42
| #1 |
| |  MSConfig und andere Programme starten nicht. Guten Tag Leute, ich habe ein ziehmlich nerviges Problem. Es ist bestimmt ein sehr häufiges Problem das dinge wie MSconfig nicht starten wollen aber ich habe mich jetzt 2 Stunden durch das Internet gearbeitet und nix gefunden was mir hilft. Problembeschreibung: Seit heute starten folgende Programme nicht mehr: MSconfig JDownloader Systemwiederherstellung Nur die Systemwiederherstellung gibt ein Fehler aus:  Mein System ist: Windows 7 64-Bit Ultimate Alle Updates die es bis DaTo gibt Als ich das letzte mal so ein ähnliches problem hatte, musste ich nur in den abgesichterten Modus wechseln und in der MSconfig auf Normalen Systemstart stellen. Danach ging wieder alles. Heute funktioniert dies aber auch nicht da sich auch hier die MSconfig nicht starten lies, auch nicht mit einem anderen Konto. Bevor ich es vergesse, mein Kaspersky 2010 hat mir eben eine Desenfection einer DLLhost.exe empfohlen. Hab es natürlich sofort gemacht. System startete neu aber es gab keine verbesserung. Eventuel ist die Regestry ja schrott. Ich benutzte häufiger CCleaner... Bitte helft mir.  |
|
30.11.2010, 18:31
| #2 |
| /// Malwareteam   |  MSConfig und andere Programme starten nicht. Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 Downloade Dir bitte Malwarebytes
CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
|
|
30.11.2010, 20:25
| #3 |
| | MSConfig und andere Programme starten nicht. Guten Tag,
__________________danke für die Hilfe aber zuerst habe ich eine Frage. Malewarebytes möchte einen Systemneustart. Soll ich den Log jetzt schon posten und neu starten oder soll ich lieber noch nicht neustarten und erst die Liste abarbeiten? Edit Da ich leider nicht viel Zeit habe starte ich das System jetzt neu und jage danach OTL drüber. Entschuldigung das ich mich damit der Anleitung wiedersetzt aber da Sie ja derzeit Offline sind erwarte ich keine hilfe in der nächsten halben stunde. Malewarebytes Log: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5220
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
30.11.2010 20:22:16
mbam-log-2010-11-30 (20-22-16).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 158864
Laufzeit: 2 Minute(n), 25 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
hier nun die LOGs der OTL.exe OTL.txt Code:
ATTFilter OTL logfile created on: 30.11.2010 20:44:32 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\sharK223\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free 21,00 Gb Paging File | 19,00 Gb Available in Paging File | 93,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,62 Gb Total Space | 15,83 Gb Free Space | 26,55% Space Free | Partition Type: NTFS Drive D: | 465,66 Gb Total Space | 83,89 Gb Free Space | 18,02% Space Free | Partition Type: NTFS Drive E: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 74,53 Gb Total Space | 2,79 Gb Free Space | 3,75% Space Free | Partition Type: NTFS Drive J: | 7,40 Gb Total Space | 1,10 Gb Free Space | 14,80% Space Free | Partition Type: NTFS Computer Name: SHARK223-PC | User Name: sharK223 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe PRC - [2010.11.06 00:45:26 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010.10.31 10:42:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.05.25 18:53:50 | 002,155,848 | ---- | M] () -- D:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe PRC - [2010.03.27 12:45:16 | 000,329,168 | ---- | M] () -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe PRC - [2010.03.18 19:25:50 | 000,360,960 | ---- | M] (iZ3D Inc.) -- D:\Programme\iZ3D Driver\Win32\S3DCService.exe PRC - [2009.04.17 09:09:46 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009.04.02 05:27:27 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ========== Modules (SafeList) ========== MOD - [2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.07.14 02:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2009.07.14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:64bit: - [2010.09.29 02:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2010.11.18 16:11:42 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.11.06 00:45:26 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.05.25 18:53:50 | 002,155,848 | ---- | M] () [Auto | Running] -- D:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector) SRV - [2010.05.17 18:40:18 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.05.06 08:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP) SRV - [2010.03.27 12:45:16 | 000,329,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe -- (WTGService) SRV - [2010.03.18 19:34:34 | 000,614,400 | ---- | M] (iZ3D Inc.) [Auto | Running] -- D:\Programme\iZ3D Driver\Win64\S3DCService.exe -- (S3D Service (Win64)) S3D Service (Win64) SRV - [2010.03.18 19:25:50 | 000,360,960 | ---- | M] (iZ3D Inc.) [Auto | Running] -- D:\Programme\iZ3D Driver\Win32\S3DCService.exe -- (S3D Service (Win32)) S3D Service (Win32) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.14 02:14:28 | 000,020,992 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.04.22 12:01:30 | 000,124,256 | ---- | M] () [Disabled | Stopped] -- D:\Programme\OverDrive\AODAssist.exe -- (AODService) SRV - [2009.04.17 09:09:46 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.04.02 05:27:27 | 000,090,112 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2008.12.16 15:19:42 | 002,371,584 | R--- | M] (Adobe Systems Incorporated.) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\FMSMaster.exe -- (FMS) Flash Media Server (FMS) SRV - [2008.12.16 15:04:38 | 002,502,656 | R--- | M] (Adobe Systems Incorporated.) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\FMSAdmin.exe -- (FMSAdmin) SRV - [2008.12.16 14:40:22 | 000,024,635 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\Apache2.2\bin\httpd.exe -- (FMSHttpd) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune) DRV:64bit: - [2010.09.29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.09.29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.09.29 02:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.07.19 17:54:25 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2010.07.15 13:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010.07.09 12:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134) DRV:64bit: - [2010.07.02 11:00:22 | 000,276,576 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2010.06.23 16:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.05.16 14:31:54 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010.05.16 14:31:54 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010.04.14 00:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2010.03.23 22:21:08 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2010.03.10 07:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb) DRV:64bit: - [2010.03.10 03:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTLWUSB) DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187) DRV:64bit: - [2010.01.01 18:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009.12.21 20:56:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009.10.14 20:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG) DRV:64bit: - [2009.10.02 18:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2009.10.01 10:19:10 | 001,492,608 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW71364.sys -- (HCW3x64) DRV:64bit: - [2009.09.30 15:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.09.14 13:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2009.09.01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2009.08.17 12:20:46 | 001,235,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64) DRV:64bit: - [2009.01.19 19:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2007.08.08 17:54:12 | 000,035,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool) DRV:64bit: - [2007.07.05 02:58:36 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxu6.sys -- (athrusb6) DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:64bit: - [2006.11.08 08:59:36 | 000,602,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PA707UCM.SYS -- (PAC7311) DRV - [2009.11.11 20:22:30 | 000,014,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Programme\SapphireRedLine\atillk64.sys -- (atillk64) DRV - [2009.05.27 19:11:18 | 000,043,704 | ---- | M] () [Kernel | System | Running] -- D:\Programme\iZ3D Driver\Win64\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2008.07.24 11:04:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007.02.07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2006.11.08 09:00:06 | 000,530,560 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PA707UCM.sys -- (PAC7311) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 90 D6 38 AF D1 CA 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "foxsearch" FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "foxsearch" FF - prefs.js..browser.search.selectedEngine: "foxsearch" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://doompage.square7.ch/" FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.1 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.99999 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4 FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03 FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009 FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.selectedEngine: "foxsearch" FF - user.js..browser.search.order.1: "foxsearch" FF - user.js..browser.search.defaultenginename: "foxsearch" FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.31 10:42:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.31 10:42:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.31 10:42:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.31 10:42:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.07.19 17:54:43 | 000,000,000 | ---D | M] [2010.03.20 20:24:08 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Extensions [2010.11.30 20:20:38 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions [2010.11.30 15:48:44 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2010.06.16 18:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.11.30 15:48:44 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010.09.07 17:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.11.30 15:48:42 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\firebug@software.joehewitt.com [2010.07.25 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\gutscheinmieze@synatix-gmbh.de [2010.11.30 15:48:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\nasanightlaunch@example.com [2010.10.24 13:13:19 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\toolbar@ask.com [2010.05.07 21:16:18 | 000,002,252 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\askcom.xml [2010.07.28 19:58:43 | 000,001,023 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\battlenet.xml [2010.10.24 13:23:19 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-2.xml [2010.07.24 17:55:46 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-3.xml [2010.07.25 22:25:56 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-4.xml [2010.10.27 18:11:33 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-5.xml [2010.10.31 10:44:22 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-6.xml [2010.06.16 18:26:36 | 000,000,168 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.gif [2010.06.16 18:26:36 | 000,000,618 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.src [2010.06.23 20:04:52 | 000,001,056 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.xml [2010.09.12 11:44:44 | 000,001,694 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\mycsharpde.xml [2010.04.23 15:34:46 | 000,002,057 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\youtube-videosuche.xml [2010.09.20 12:14:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.07.19 17:54:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2009.08.07 09:38:10 | 000,044,544 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll [2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2010.09.13 16:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.09.13 16:02:53 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.07.25 22:18:10 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src [2010.09.13 16:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.09.13 16:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.09.13 16:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.14 19:49:23 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 sls.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\ievkbd.dll (Kaspersky Lab) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab) O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\Programme\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found. O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\sharK223\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\sharK223\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TaskTray] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: add to &BOM - D:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: add to &BOM - D:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Free YouTube Download - C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\x64\sbhook64.dll (Kaspersky Lab) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\x64\kloehk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\sbhook.dll (Kaspersky Lab) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.03.06 21:18:15 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{1070ca28-344f-11df-92e2-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{1070ca28-344f-11df-92e2-e0cb4ec61c42}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found O33 - MountPoints2\{1070ca43-344f-11df-92e2-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{1070ca43-344f-11df-92e2-e0cb4ec61c42}\Shell\AutoRun\command - "" = I:\Installer.exe -- File not found O33 - MountPoints2\{4027081e-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{4027081e-36c1-11df-801f-e0cb4ec61c42}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found O33 - MountPoints2\{40270833-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{40270833-36c1-11df-801f-e0cb4ec61c42}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found O33 - MountPoints2\{40270838-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{457e12b9-3e78-11df-918c-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{457e12bb-3e78-11df-918c-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{5d0da523-3743-11df-a63a-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{5d0da526-3743-11df-a63a-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{6806954e-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{68069550-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{68069553-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{68069557-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{6806955a-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{6806955c-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{8f8490de-94d9-11df-b0dc-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8f8490de-94d9-11df-b0dc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2009.03.06 21:18:15 | 000,112,208 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{bbe848b8-3a90-11df-a353-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{bbe848bb-3a90-11df-a353-000e2ea5b66d}\Shell - "" = AutoRun O33 - MountPoints2\{ca167ab7-3991-11df-afd6-e0cb4ec61c42}\Shell - "" = AutoRun O33 - MountPoints2\{ca167aba-3991-11df-afd6-e0cb4ec61c42}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.30 20:18:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe [2010.11.30 20:16:53 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Roaming\Malwarebytes [2010.11.30 20:16:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.11.30 20:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.11.30 20:16:26 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.11.30 20:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.11.30 20:14:02 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\sharK223\Desktop\mbam-setup.exe [2010.11.30 16:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.11.29 18:20:33 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Passwort Sicherheit [2010.11.28 14:57:04 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Wiki to Wiki Converter [2010.11.28 14:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SSScanAppDataDir [2010.11.27 13:12:26 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Widescreen Fixer [2010.11.25 16:15:11 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Mario-Simulator [2010.11.22 17:11:10 | 000,000,000 | ---D | C] -- C:\Fast Games [2010.11.20 09:53:29 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\Criterion Games [2010.11.20 09:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010.11.20 09:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2010.11.20 09:41:26 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Crack [2010.11.20 09:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2010.11.11 12:28:55 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\VCD6 [2010.11.11 12:16:41 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\AV.Voice.Changer.v7.0.29.Diamond.FULL-RBC [2010.11.11 11:45:56 | 000,377,568 | ---- | C] (AnalogX, LLC) -- C:\Users\sharK223\Desktop\sayiti.exe [2010.11.11 11:42:25 | 011,058,149 | ---- | C] (Caltrox Educational Software ) -- C:\Users\sharK223\Desktop\speech50.exe [2010.11.08 14:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Natural Mod [2010.11.08 12:57:27 | 021,591,696 | ---- | C] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup(1).exe [2010.11.08 12:45:52 | 000,518,746 | ---- | C] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup.exe [2010.11.05 20:12:39 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\LucasArts [2010.11.05 20:12:39 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\LucasArts [2010.11.03 21:24:29 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\Apple Computer [2010.11.02 20:11:05 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\ICQ [2010.11.02 18:09:20 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\FalloutNV [2010.11.01 20:30:07 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\The Fall of Little Red Riding Hood Part 2 [2010.11.01 20:16:35 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\(Jay Naylor) - The Fall Of Little Red Riding Hood [2009] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.30 20:42:38 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.30 20:42:38 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.30 20:37:32 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2010.11.30 20:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.30 20:37:25 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys [2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe [2010.11.30 20:16:47 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.30 20:16:03 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\sharK223\Desktop\mbam-setup.exe [2010.11.30 17:37:33 | 000,090,389 | ---- | M] () -- C:\Users\sharK223\Desktop\Unbenannt-2.jpg [2010.11.30 17:20:53 | 000,005,474 | ---- | M] () -- C:\Users\sharK223\Desktop\cc_20101130_172048.reg [2010.11.30 16:23:45 | 000,098,085 | ---- | M] () -- C:\Users\sharK223\Desktop\msconfig.jpg [2010.11.30 16:10:23 | 002,053,472 | ---- | M] () -- C:\Users\sharK223\Desktop\SecurityTaskManager_Setup.exe [2010.11.29 17:31:36 | 000,003,432 | ---- | M] () -- C:\bootsqm.dat [2010.11.28 21:15:47 | 000,069,632 | ---- | M] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation.doc [2010.11.27 20:40:10 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.11.27 20:40:10 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.27 19:39:22 | 000,026,624 | ---- | M] () -- C:\Users\sharK223\Desktop\Meeting IT.doc [2010.11.27 18:48:57 | 001,054,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.27 18:48:57 | 000,752,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.11.27 18:48:57 | 000,172,116 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.11.27 18:48:57 | 000,096,626 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.27 18:48:57 | 000,039,922 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.27 18:44:49 | 001,380,223 | ---- | M] () -- C:\Users\sharK223\Desktop\Schnelles Kopieren.png [2010.11.27 17:56:55 | 000,784,896 | ---- | M] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation_Dajana_Arndt.doc [2010.11.27 13:12:15 | 000,066,869 | ---- | M] () -- C:\Users\sharK223\Desktop\Widescreen Fixer (2010-11-20).7z [2010.11.26 16:33:24 | 000,000,748 | ---- | M] () -- C:\Users\sharK223\Desktop\Audiosurf.lnk [2010.11.24 15:06:12 | 000,010,696 | ---- | M] () -- C:\Users\sharK223\Desktop\Rechnung_418339794968734425853.pdf [2010.11.23 17:29:15 | 028,710,448 | ---- | M] () -- C:\Users\sharK223\Desktop\5b5e00f5f07d28bf.flv [2010.11.22 22:04:14 | 000,030,466 | ---- | M] () -- C:\Users\sharK223\Desktop\retoure.pdf [2010.11.22 21:34:47 | 000,002,186 | ---- | M] () -- C:\Users\sharK223\Desktop\rqvybb.gif [2010.11.22 21:23:03 | 000,000,331 | ---- | M] () -- C:\Users\sharK223\Desktop\manifest.xml [2010.11.22 19:17:33 | 000,036,866 | ---- | M] () -- C:\Users\sharK223\Desktop\WLI.PNG [2010.11.22 19:17:01 | 000,052,179 | ---- | M] () -- C:\Users\sharK223\Desktop\WLI.GIF [2010.11.22 16:45:56 | 000,000,151 | ---- | M] () -- C:\Windows\SysNative\autopart.opt [2010.11.21 19:33:17 | 000,167,706 | ---- | M] () -- C:\Users\sharK223\Desktop\unbenannt.jpg [2010.11.21 13:38:35 | 000,033,058 | ---- | M] () -- C:\Users\sharK223\Desktop\677fwph.gif [2010.11.21 13:38:15 | 000,118,891 | ---- | M] () -- C:\Users\sharK223\Desktop\schrodinger-hellsing-walkingonsunsh.gif [2010.11.21 13:38:13 | 000,040,909 | ---- | M] () -- C:\Users\sharK223\Desktop\schrödi.gif [2010.11.21 13:38:13 | 000,040,909 | ---- | M] () -- C:\Users\sharK223\Desktop\12095939954cbb548ac2a75.gif [2010.11.21 00:39:53 | 004,695,691 | ---- | M] () -- C:\Users\sharK223\Desktop\Angerfist - Terror Of My Speedcore.mp3 [2010.11.20 23:57:28 | 013,992,138 | ---- | M] () -- C:\Users\sharK223\Desktop\StepMania-3.9a.exe [2010.11.20 19:03:59 | 000,007,295 | ---- | M] () -- C:\Users\sharK223\Desktop\FritzReNew.zip [2010.11.20 09:53:13 | 000,001,231 | ---- | M] () -- C:\Users\sharK223\Desktop\Need for Speed - Hot Pursuit.lnk [2010.11.18 22:21:17 | 000,350,071 | ---- | M] () -- C:\Users\sharK223\Desktop\shot0044.jpg [2010.11.18 22:09:34 | 000,003,332 | ---- | M] () -- C:\Users\sharK223\Desktop\281855-nvcwa59b.dlc [2010.11.18 17:05:05 | 000,153,353 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010.11.18 17:05:05 | 000,106,761 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010.11.11 15:42:44 | 000,872,503 | ---- | M] () -- C:\Users\sharK223\Desktop\86570.gif [2010.11.11 14:31:21 | 001,399,800 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Opps.png [2010.11.11 12:31:32 | 000,000,884 | ---- | M] () -- C:\Users\sharK223\Desktop\Voice Changer 6.0 Diamond.lnk [2010.11.11 12:14:43 | 018,281,247 | ---- | M] () -- C:\Users\sharK223\Desktop\AVVCD7.0.29.rar [2010.11.11 11:50:19 | 000,000,802 | ---- | M] () -- C:\Users\sharK223\Desktop\Speech Synthesizer 5.0.lnk [2010.11.11 11:46:53 | 011,058,149 | ---- | M] (Caltrox Educational Software ) -- C:\Users\sharK223\Desktop\speech50.exe [2010.11.11 11:46:37 | 000,377,568 | ---- | M] (AnalogX, LLC) -- C:\Users\sharK223\Desktop\sayiti.exe [2010.11.11 11:36:18 | 000,008,661 | ---- | M] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.sch [2010.11.11 11:35:24 | 000,008,320 | ---- | M] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.pdf [2010.11.10 14:40:43 | 000,000,211 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops.url [2010.11.10 14:40:43 | 000,000,211 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops - Multiplayer.url [2010.11.08 12:46:54 | 000,518,746 | ---- | M] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup.exe [2010.11.08 10:57:24 | 021,591,696 | ---- | M] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup(1).exe [2010.11.07 21:12:44 | 000,250,682 | ---- | M] () -- C:\Users\sharK223\Desktop\mbwcli3071.zip [2010.11.07 14:53:47 | 000,002,992 | ---- | M] () -- C:\Users\sharK223\Desktop\VA-DJ Networx Vol 35_raidrush.org.dlc [2010.11.06 00:45:26 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.11.05 23:14:01 | 000,007,635 | ---- | M] () -- C:\Users\sharK223\AppData\Local\resmon.resmoncfg [2010.11.05 20:09:10 | 000,000,510 | ---- | M] () -- C:\Users\sharK223\Desktop\Star Wars™ The Force Unleashed II.lnk [2010.11.03 20:26:30 | 000,115,923 | ---- | M] () -- C:\Users\sharK223\Desktop\Marina.jpeg [2010.11.02 17:50:35 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk [2010.11.01 20:05:42 | 263,103,568 | ---- | M] () -- C:\Users\sharK223\Desktop\Crysis_Patch_1_2.exe.part [2010.11.01 17:24:54 | 000,143,098 | ---- | M] () -- C:\Users\sharK223\Desktop\vty-0170.rar [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.30 20:16:47 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.30 17:37:32 | 000,090,389 | ---- | C] () -- C:\Users\sharK223\Desktop\Unbenannt-2.jpg [2010.11.30 17:20:52 | 000,005,474 | ---- | C] () -- C:\Users\sharK223\Desktop\cc_20101130_172048.reg [2010.11.30 16:23:47 | 000,098,085 | ---- | C] () -- C:\Users\sharK223\Desktop\msconfig.jpg [2010.11.30 16:09:16 | 002,053,472 | ---- | C] () -- C:\Users\sharK223\Desktop\SecurityTaskManager_Setup.exe [2010.11.29 17:31:36 | 000,003,432 | ---- | C] () -- C:\bootsqm.dat [2010.11.27 18:44:44 | 001,380,223 | ---- | C] () -- C:\Users\sharK223\Desktop\Schnelles Kopieren.png [2010.11.27 17:56:54 | 000,784,896 | ---- | C] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation_Dajana_Arndt.doc [2010.11.27 17:47:13 | 000,026,624 | ---- | C] () -- C:\Users\sharK223\Desktop\Meeting IT.doc [2010.11.27 16:12:28 | 004,118,042 | ---- | C] () -- C:\Users\sharK223\Desktop\Quincy Jagher - One More Time.mp3 [2010.11.27 13:12:18 | 000,066,869 | ---- | C] () -- C:\Users\sharK223\Desktop\Widescreen Fixer (2010-11-20).7z [2010.11.25 16:33:47 | 003,820,392 | ---- | C] () -- C:\Users\sharK223\Desktop\Drunken_Monkey_-_Calabria.mp3 [2010.11.24 15:06:23 | 000,010,696 | ---- | C] () -- C:\Users\sharK223\Desktop\Rechnung_418339794968734425853.pdf [2010.11.23 17:50:51 | 009,382,874 | ---- | C] () -- C:\Users\sharK223\Desktop\Andrew_Spencer_and_The_Vamprockerz_-_Zombie__Ray_Knox_Remix_.mp3 [2010.11.23 16:52:55 | 028,710,448 | ---- | C] () -- C:\Users\sharK223\Desktop\5b5e00f5f07d28bf.flv [2010.11.22 22:04:16 | 000,030,466 | ---- | C] () -- C:\Users\sharK223\Desktop\retoure.pdf [2010.11.22 21:34:47 | 000,002,186 | ---- | C] () -- C:\Users\sharK223\Desktop\rqvybb.gif [2010.11.22 21:23:03 | 000,000,331 | ---- | C] () -- C:\Users\sharK223\Desktop\manifest.xml [2010.11.22 21:22:43 | 000,040,909 | ---- | C] () -- C:\Users\sharK223\Desktop\schrödi.gif [2010.11.22 19:17:33 | 000,036,866 | ---- | C] () -- C:\Users\sharK223\Desktop\WLI.PNG [2010.11.22 19:17:01 | 000,052,179 | ---- | C] () -- C:\Users\sharK223\Desktop\WLI.GIF [2010.11.22 19:01:43 | 000,069,632 | ---- | C] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation.doc [2010.11.21 19:33:17 | 000,167,706 | ---- | C] () -- C:\Users\sharK223\Desktop\unbenannt.jpg [2010.11.21 13:38:35 | 000,033,058 | ---- | C] () -- C:\Users\sharK223\Desktop\677fwph.gif [2010.11.21 13:38:15 | 000,118,891 | ---- | C] () -- C:\Users\sharK223\Desktop\schrodinger-hellsing-walkingonsunsh.gif [2010.11.21 13:38:12 | 000,040,909 | ---- | C] () -- C:\Users\sharK223\Desktop\12095939954cbb548ac2a75.gif [2010.11.21 00:38:16 | 004,695,691 | ---- | C] () -- C:\Users\sharK223\Desktop\Angerfist - Terror Of My Speedcore.mp3 [2010.11.20 23:50:53 | 013,992,138 | ---- | C] () -- C:\Users\sharK223\Desktop\StepMania-3.9a.exe [2010.11.20 19:04:16 | 000,032,768 | ---- | C] () -- C:\Program Files\FritzReNew.exe [2010.11.20 19:04:01 | 000,007,295 | ---- | C] () -- C:\Users\sharK223\Desktop\FritzReNew.zip [2010.11.20 09:53:13 | 000,001,231 | ---- | C] () -- C:\Users\sharK223\Desktop\Need for Speed - Hot Pursuit.lnk [2010.11.20 09:41:56 | 000,000,161 | ---- | C] () -- C:\Users\sharK223\Desktop\autorun.inf [2010.11.18 22:24:37 | 000,350,071 | ---- | C] () -- C:\Users\sharK223\Desktop\shot0044.jpg [2010.11.18 22:09:35 | 000,003,332 | ---- | C] () -- C:\Users\sharK223\Desktop\281855-nvcwa59b.dlc [2010.11.11 15:42:44 | 000,872,503 | ---- | C] () -- C:\Users\sharK223\Desktop\86570.gif [2010.11.11 14:31:11 | 001,399,800 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Opps.png [2010.11.11 12:31:32 | 000,000,884 | ---- | C] () -- C:\Users\sharK223\Desktop\Voice Changer 6.0 Diamond.lnk [2010.11.11 12:07:52 | 018,281,247 | ---- | C] () -- C:\Users\sharK223\Desktop\AVVCD7.0.29.rar [2010.11.11 11:50:19 | 000,000,802 | ---- | C] () -- C:\Users\sharK223\Desktop\Speech Synthesizer 5.0.lnk [2010.11.11 11:36:12 | 000,008,661 | ---- | C] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.sch [2010.11.11 11:35:28 | 000,008,320 | ---- | C] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.pdf [2010.11.10 14:40:43 | 000,000,211 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops.url [2010.11.10 14:40:43 | 000,000,211 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops - Multiplayer.url [2010.11.07 21:12:37 | 000,250,682 | ---- | C] () -- C:\Users\sharK223\Desktop\mbwcli3071.zip [2010.11.07 14:53:50 | 000,002,992 | ---- | C] () -- C:\Users\sharK223\Desktop\VA-DJ Networx Vol 35_raidrush.org.dlc [2010.11.06 06:51:25 | 006,990,750 | ---- | C] () -- C:\Users\sharK223\Desktop\Keine Angabe.mp3 [2010.11.06 06:46:23 | 008,199,421 | ---- | C] () -- C:\Users\sharK223\Desktop\Daivd Guetta ft. Kid Cudi - Memories (Ali Nadem Remix).mp3 [2010.11.06 06:27:30 | 008,870,016 | ---- | C] () -- C:\Users\sharK223\Desktop\Suicide Silence - Disengage (Big Chocolate Remix).mp3 [2010.11.06 06:09:21 | 007,425,082 | ---- | C] () -- C:\Users\sharK223\Desktop\03 - An Ocean Between Us.mp3 [2010.11.05 20:09:10 | 000,000,510 | ---- | C] () -- C:\Users\sharK223\Desktop\Star Wars™ The Force Unleashed II.lnk [2010.11.03 20:24:07 | 000,115,923 | ---- | C] () -- C:\Users\sharK223\Desktop\Marina.jpeg [2010.11.02 17:50:35 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk [2010.11.01 19:06:56 | 000,120,064 | ---- | C] () -- C:\Users\sharK223\Desktop\21514_Fiesta_SiteSkinLeft_336x768.swf [2010.11.01 17:26:41 | 263,103,568 | ---- | C] () -- C:\Users\sharK223\Desktop\Crysis_Patch_1_2.exe.part [2010.11.01 17:24:27 | 000,143,098 | ---- | C] () -- C:\Users\sharK223\Desktop\vty-0170.rar [2010.10.16 16:15:18 | 000,185,344 | ---- | C] () -- C:\Windows\SysWow64\PCGW32.DLL [2010.09.15 14:04:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.07.25 22:19:27 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2010.07.18 11:42:33 | 000,000,000 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\debuggee.mdmp [2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010.06.19 01:17:19 | 000,000,000 | ---- | C] () -- C:\Program Files\ini.ini [2010.05.22 12:46:50 | 000,000,052 | ---- | C] () -- C:\Windows\videodeLuxe.INI [2010.05.09 15:09:27 | 000,000,171 | ---- | C] () -- C:\Windows\icecast2.ini [2010.04.28 17:58:14 | 000,002,550 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\EliseProfile0.dat [2010.04.03 19:08:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2010.04.03 19:08:25 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010.04.03 19:08:05 | 000,001,208 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.03.30 18:43:30 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.03.30 14:15:34 | 000,000,156 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\default.rss [2010.03.28 15:49:08 | 000,007,635 | ---- | C] () -- C:\Users\sharK223\AppData\Local\resmon.resmoncfg [2010.03.24 21:26:20 | 000,929,908 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.03.20 18:20:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010.03.20 18:20:26 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010.03.20 18:17:06 | 000,041,973 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010.03.20 18:16:30 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.03.20 18:16:25 | 000,034,381 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010.02.28 16:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2006.11.01 07:54:30 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2006.11.01 07:52:38 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2006.10.27 12:52:34 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP7311.ini [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI ========== LOP Check ========== [2010.07.02 16:28:15 | 000,000,000 | -HSD | M] -- C:\Users\sharK223\AppData\Roaming\.# [2010.09.22 13:06:04 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Atari [2010.08.15 18:23:33 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Bioshock [2010.08.15 19:06:38 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Bioshock2 [2010.11.24 20:10:43 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\BitTorrent [2010.06.12 20:03:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\bizarre creations [2010.03.30 17:40:50 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\CDZilla [2010.06.18 20:29:27 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2010.09.07 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.23 17:08:35 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\FlashFXP [2010.05.07 19:02:31 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\fltk.org [2010.09.15 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Foxit Software [2010.07.21 15:24:31 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\GetRightToGo [2010.03.24 21:29:20 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\GrabPro [2010.07.25 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Gutscheinmieze [2010.08.08 11:42:12 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Hardcore [2010.11.26 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ICQ [2010.07.19 18:03:57 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ImgBurn [2010.10.16 16:15:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\iZ3D Driver [2010.08.04 11:55:58 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\MAXON [2010.09.22 18:36:19 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Mp3tag [2010.10.24 13:33:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Notepad++ [2010.11.23 23:26:42 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Orbit [2010.08.01 15:50:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ProgSense [2010.07.19 18:19:00 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ProtectDisc [2010.07.14 20:04:53 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Publish Providers [2010.07.14 20:04:51 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Sony [2010.04.14 12:58:52 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Spore [2010.08.17 09:38:11 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\The Creative Assembly [2010.06.20 20:26:13 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\TS3Client [2010.04.27 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Ubisoft [2010.05.16 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Uniblue [2010.07.06 16:23:29 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\uTorrent [2010.09.19 18:11:57 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Vara Software [2010.03.28 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Verbindungsassistent [2010.11.07 14:09:00 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\sharK223\Desktop\Keine Angabe.mp3:TOC.WMV < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.11.2010 20:40:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\sharK223\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
21,00 Gb Paging File | 19,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 15,83 Gb Free Space | 26,55% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 83,89 Gb Free Space | 18,02% Space Free | Partition Type: NTFS
Drive E: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 74,53 Gb Total Space | 2,79 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive J: | 7,40 Gb Total Space | 1,10 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Computer Name: SHARK223-PC | User Name: sharK223 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2BBFC887-B2FD-4873-A09E-E817A8282494}" = Microsoft IntelliPoint 7.0
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{4432F6A4-33D7-41B9-88E4-6735CF334671}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU
"{4B55F339-396E-29A9-B6D0-24B6D251C90A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{EB78DD44-9AEE-7160-4AC3-053636D393C6}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F68310EC-B615-4044-B7D7-1A6349758D42}" = Microsoft SQL Server VSS Writer
"{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}" = Microsoft SQL Server Native Client
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FD53298A-4734-AFCB-B733-4C07776E589E}" = ccc-utility64
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"MAXON1B91BFEF" = CINEMA 4D 11.514
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor v1.0.10
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{179C91E9-D9ED-D5CC-F0D8-9579DBDED8D6}" = CCC Help English
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{249CAB4C-B528-4273-AB92-F072A35C65A7}" = Wirecast
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{421EC9A7-4A58-43CD-AC9B-8FACFFB9A843}" = Microsoft Visual C# 2005 Express Edition - DEU
"{43430808-081A-4C0D-B7CC-601000018301}" = LOST PLANET 2
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{46C1BAFF-6EAC-446F-A3D4-59BE2708EA41}" = Trust Webcam 14839
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4AC93914-8B9C-469F-B641-A492996B7BD3}" = Aion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56aba277-ee53-4478-a607-fa42208ff5a9}" = Menu Templates - Pack 1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5B52E1FF-BD66-4582-97BA-55C575C19504}" = Microsoft MSDN 2005 Express Edition - DEU
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63A56D6A-8AA4-4568-A9E0-790D31B2F30E}" = Adobe Flash Media Encoder 2.5
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A782F9A-57EB-48C8-91CD-D017A376F372}" = Split/Second Demo
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C8B53B9-41EE-AD83-007A-55EE64DE6932}" = Catalyst Control Center Graphics Previews Common
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77B5AD60-8F14-11D4-9BC9-0050041A1090}" = American McGee's Alice(tm)
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{782D349D-6CA0-42C0-8DF6-5083D91C28D0}" = SapphireRedLine
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis*Disk*Director*Home
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BBB7F293-12A9-821C-9409-013CD8E824EC}" = Application Profiles
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{c7773a89-6ba8-477f-87d0-b9798028e445}" = Nero 9 Essentials
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF5DE1DD-F7E6-694D-1E82-84C7C9C9ABDB}" = Catalyst Control Center Graphics Previews Vista
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}" = REALTEK Wireless LAN Driver
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7951681-CCC7-24AA-7BFE-9647F477DCFF}" = HydraVision
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB0F4554-AD4F-4C8C-9764-66AC2CF8D184}" = AMD OverDrive
"{EB3B36B9-E1F4-81BA-BEB5-4FB07D4CEE39}" = Catalyst Control Center InstallProxy
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF8BC672-4FBB-4E42-A34D-6A616B54E662}" = Drivers
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F446160A-373F-2310-2062-914C4DED0309}" = Application Profiles
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F6C4EE06-DA6D-45DC-A129-04166F5FF238}" = PC VGA Camera
"{F744201B-8229-4FBF-AF10-13BAFD02AF7C}" = STORM
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9D65BA1-84C5-B4CB-91FE-D68F07ECBA24}" = ccc-core-static
"{FA1A7D68-C146-98E6-A2D0-ACEAE2F58A66}" = Application Profiles
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7Smoker Pro_is1" = 7Smoker Pro 1.2
"Adobe Flash Media Server 3.5_is1" = Adobe Flash Media Server 3.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Afterburner" = MSI Afterburner 1.6.1
"AnalogX SayIt" = AnalogX SayIt
"ASIO4ALL" = ASIO4ALL
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Biet-O-Matic v2.14.3" = Biet-O-Matic v2.14.3
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Fallout New Vegas_is1" = Fallout New Vegas
"FL Studio 9" = FL Studio 9
"Foxit Creator" = Foxit Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{46C1BAFF-6EAC-446F-A3D4-59BE2708EA41}" = Trust Webcam 14839
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{EF8BC672-4FBB-4E42-A34D-6A616B54E662}" = D-Link DL10050 Series Fast Ethernet Driver
"InstallShield_{F6C4EE06-DA6D-45DC-A129-04166F5FF238}" = PC VGA Camera
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MAGIX Online Druck Service" = MAGIX Online Druck Service
"MAGIX Video deLuxe 2005 e-version" = MAGIX Video deLuxe 2005 e-version
"MAGIX Video deLuxe silver" = MAGIX Video deLuxe silver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft MSDN 2005 Express Edition - DEU" = Microsoft MSDN 2005 Express Edition - DEU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C# 2005 Express Edition - DEU" = Microsoft Visual C# 2005 Express Edition - DEU
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mp3tag" = Mp3tag v2.43
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Natural Mod" = Natural Mod
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Orbit_is1" = Orbit Downloader
"PoiZone" = PoiZone
"Postal 2" = Postal 2
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"rayatitray" = Ray Adams ATI Tray Tools
"Sawer" = Sawer
"Security Task Manager" = Security Task Manager 1.8c
"Serious Sam HD The First Encounter_is1" = Serious Sam HD The First Encounter
"Speech Synthesizer 5.0_is1" = Speech Synthesizer 5.0
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"StarCraft II" = StarCraft II
"Steam App 12840" = DiRT 2
"Steam App 18800" = Zero Gear Demo
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 50130" = Mafia II
"Steam App 50620" = Darksiders
"StepMania" = StepMania 3.9a (Nur entfernen)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Verbindungsassistent" = Verbindungsassistent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Windows Live Essentials
"Worms Reloaded_is1" = Worms Reloaded
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"xvid" = XviD MPEG-4 Video Codec
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
 Geändert von sharK223 (30.11.2010 um 20:48 Uhr) |
|
30.11.2010, 21:21
| #4 |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Lade Dir bitte WVCheck ( by Artellos ) von einem der folgenden Downloadspiegel herunter und speichere die Datei auf dem Desktop.
|
|
01.12.2010, 21:16
| #5 |
| | MSConfig und andere Programme starten nicht. Guten Abend, leider ging es nicht früher... Hier der WVCheck: Code:
ATTFilter Windows Validation Check
Version: 1.9.11.4
Log Created On: 2113_01-12-2010
-----------------------
Windows Information
-----------------------
Windows Version: Windows 7
Windows Mode: Normal
Systemroot Path: C:\Windows
WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Do not download or install updates automatically.
-----------------------
Last Success Time for Update Detection: 2010-10-13 17:36:07
Last Success Time for Update Download: 2010-10-13 19:06:10
Last Success Time for Update Installation: 2010-10-13 19:34:44
WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------
WVCheck's File Dump
-----------------------
WVCheck found no known bad files.
WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.
WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.
WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.
WVCheck's HOSTS File Check
-----------------------
Line: 127.0.0.1 sls.microsoft.com
Matched: *microsoft.com*
-----------------------
Line: 127.0.0.1 mpa.one.microsoft.com
Matched: *microsoft.com*
-----------------------
WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - e8b0ffc209e504cb7e79fc24e6c085f0
-------- End of File, program close at 2113_01-12-2010 --------
Aufnahmegeräte und wiedergabegeräte sehen kann nicht öffnet. Vermutlich das selbe problem. Wird langsahm echt nervig. Mit freundlichen Grüßen sharK |
|
01.12.2010, 22:25
| #6 |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Woher hast Du Die Windows Version? Und hast Du die ORIGINAL CD griffbereit? |
|
01.12.2010, 22:39
| #7 |
| | MSConfig und andere Programme starten nicht. Hmm... Auf sagen wir auf sone Frage war ich nicht vorbereitet :P Nein ich hab die Version von meinem Vater bekommen. Soweit ich das weis war se bei seinem Rechner dabei. Mehr kann ich nicht dazu sagen. Die Original CD hat er bestimmt irgentwo aber ich weis nicht wo und er ist für die nächsten 2 Wochen nicht zugegent... Ich habe nur eine Win 7 64-Bit Repair CD. Aber ich kann ja mal nachgucken ob ich se finde. Darf ich fragen wozu ich die brauche? |
|
02.12.2010, 00:01
| #8 |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Ich denke Du hast eine illegal erworbene resp. auf illegalem Weg aktivierte Version... |
|
02.12.2010, 17:47
| #9 |
| | MSConfig und andere Programme starten nicht. Öhm, ach ja? Ich weis nicht. Wie gesagt das hat alles mein Vater gemacht ^^. Ich muss ihn wohl mal zur rede stellen. Naja aber was soll ich den nun mit der DVD machen, mein Nachbar hat die DVD nähmlich. Mein Vater hat sie ihnen ausgeliehen. |
|
04.12.2010, 15:10
| #10 |
| | MSConfig und andere Programme starten nicht. Was ist denn nun? Was soll ich mit der DVD machen? Mir ist nähmlich nochwas aufgefallen. Wenn ich rechtskilck auf einen markierten Text mache, dann kommt das Menü mit Kopieren und Auschneiden nicht... |
|
04.12.2010, 15:48
| #11 |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Ich werde Dir noch antworten wie es weiter geht. |
|
05.12.2010, 02:28
| #12 | |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Was kannst Du mit zu folgendem sagen: Zitat:
|
|
08.12.2010, 14:35
| #13 |
| | MSConfig und andere Programme starten nicht. Nicht viel eigentlich weil ich meinen Desktop gestern grundlegend aufgräumt habe ^^. Ich hab sowieso das Gefühl, dass es besser und vorallem schneller ist wenn ich Windows neu installiere. Normalerweise bin ich ja nicht so der Freund davon aber wenn sich nichtmal die Eigenschafts Fenster öffnen lassen werde ich des Zieles mistrauisch. |
|
08.12.2010, 15:34
| #14 |
| /// Malwareteam | MSConfig und andere Programme starten nicht. Ja das bleibt Dir auch leider als einzige Option übrig. |
|
| Themen zu MSConfig und andere Programme starten nicht. |
| 64-bit, dinge, dllhost.exe, fehler, folge, folgende, funktioniert, guten, helft, heute, interne, internet, kaspersky, leute, msconfig, natürlich, neu, nicht mehr, nicht starten, programme, programme starten nicht, starten, starten nicht, stelle, systemstart, updates, wechsel, wechseln, ähnliches |
Textbox.
Linear-Darstellung
