| |
| |||||||
Log-Analyse und Auswertung: Kann einen Eintrag nicht fixen!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
07.12.2010, 14:52
| #1 |
| |  Kann einen Eintrag nicht fixen! Hallo Ihr Guten! Habe ein Logfile erstellt und gemerkt das ich folgenden Eintrag darin habe: O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp. Den kann ich aber nicht fixen. Es wäre wirklich Klasse wenn mir einer weiterhelfen könnte! Hier zur Sicherheit der ganze Log. Wie gesagt eigentlich müßte er soweit OK sein. Danke für jeden der sich die Mühe macht zu helfen. Weiter so! HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:35:18, on 07.12.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe e:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskhost.exe e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe C:\Windows\system32\Dwm.exe E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe C:\Windows\Explorer.EXE E:\Program Files\OO Software\CleverCache\ooccctrl.exe E:\Program Files\Process Lasso\ProcessLasso.exe E:\Program Files\Process Lasso\ProcessGovernor.exe E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe E:\Program Files\Unlocker\UnlockerAssistant.exe E:\Program Files\ThreatFire\TFTray.exe E:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe E:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe E:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe E:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe E:\Program Files\Translate Client\translateclient.exe E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe E:\Program Files\MOette\ExtClipbrd\ExtClip.exe C:\Windows\system32\svchost.exe e:\Program Files\Hotspot Shield\bin\openvpnas.exe e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe e:\Program Files\Hotspot Shield\bin\hsswd.exe E:\Program Files\OO Software\CleverCache\ooccag.exe C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.exe e:\Program Files\ThreatFire\TFService.exe E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe e:\Program Files\Hotspot Shield\bin\HssTrayService.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe C:\Program Files\Opera 11.00 beta\opera.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Windows\System32\svchost.exe C:\Users\Name\Desktop\HiJackThis204.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp. O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - e:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - e:\Program Files\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - e:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll O4 - HKLM\..\Run: [ooccctrl.exe] E:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray O4 - HKLM\..\Run: [ProcessLassoManagementConsole] e:\Program Files\Process Lasso\processlasso.exe O4 - HKLM\..\Run: [ProcessGovernor] e:\Program Files\Process Lasso\processgovernor.exe O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe" O4 - HKLM\..\Run: [vspdfprsrv.exe] E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ThreatFire] e:\Program Files\ThreatFire\TFTray.exe O4 - HKLM\..\Run: [SSS2009 HotKeys] "e:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe" O4 - HKLM\..\Run: [SSS2009 File Redirection Starter] "e:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKCU\..\Run: [AshSnap] e:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe O4 - HKCU\..\Run: [RAM Tuner] "E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe" /start O4 - HKCU\..\Run: [SSS2009 Browser Monitor] "e:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - Startup: Browser-Anonymisierer.lnk = E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe O4 - Startup: data O4 - Startup: Extended Clipboard.lnk = E:\Program Files\MOette\ExtClipbrd\ExtClip.exe O4 - Startup: notes.ini O4 - Startup: PNotes.exe O4 - Global Startup: Ashampoo Magical Defrag.lnk = E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe O4 - Global Startup: Translate Client.lnk = E:\Program Files\Translate Client\translateclient.exe O8 - Extra context menu item: &Download by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm O8 - Extra context menu item: Suchen mit Copernic Agent - E:\Program Files\Copernic Agent\Web\SearchExt.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~2\AVP9\mzvkbd3.dll,C:\PROGRA~2\AVP9\kloehk.dll O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe O23 - Service: Kaspersky Security Suite CBE 10 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - e:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - e:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - e:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - E:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - e:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ThreatFire - PC Tools - e:\Program Files\ThreatFire\TFService.exe O23 - Service: VMLiteService - VMLite, Inc. - E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe O23 - Service: WinLube memory clean up scheduler (WLCleanRAM) - Script Soft eK - e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe -- End of file - 13235 bytes |
|
07.12.2010, 15:23
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Kann einen Eintrag nicht fixen! Hallo und
__________________ Vergiss Hijackthis! Das ist nicht mehr zeitgemäß! Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
07.12.2010, 16:29
| #3 |
| | Kann einen Eintrag nicht fixen! Vielen Dank erstmal für die mehr als schnelle Antwort!
__________________Habe die beiden Dateien!! Data und notes.ini gefixt, und anschließend konnte ich diesen dubiosen Eintrag auch fixen??? Normalerweise müßte das System wieder sauber sein, aber ich habe trotzdem das Programm OTL runtergeladen und durchlaufen lassen. Hoffe es stimmt so der LOG, ist nämlich alles auf deutsch! Es wäre nett wenn du trotzdem noch mal einen Blick auf das LOG werfen könntest! Gruß Uwe Hier das LOG:OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.12.2010 15:40:15 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Name\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,71 Gb Total Space | 37,20 Gb Free Space | 69,26% Space Free | Partition Type: NTFS Drive D: | 153,38 Gb Total Space | 26,47 Gb Free Space | 17,26% Space Free | Partition Type: NTFS Drive E: | 214,84 Gb Total Space | 97,36 Gb Free Space | 45,32% Space Free | Partition Type: NTFS Drive F: | 197,19 Gb Total Space | 88,92 Gb Free Space | 45,09% Space Free | Partition Type: NTFS Drive H: | 3,83 Gb Total Space | 0,01 Gb Free Space | 0,14% Space Free | Partition Type: exFAT Computer Name: Name-PC | User Name: | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Name\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Opera 11.00 beta\opera.exe (Opera Software) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - E:\Program Files\Translate Client\translateclient.exe (Alexey ILJIN) PRC - e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) PRC - e:\Program Files\Hotspot Shield\bin\openvpntray.exe () PRC - e:\Program Files\Hotspot Shield\bin\openvpnas.exe () PRC - e:\Program Files\Hotspot Shield\bin\hsswd.exe () PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung) PRC - e:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) PRC - E:\Program Files\Unlocker\UnlockerAssistant.exe () PRC - E:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH) PRC - E:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH) PRC - E:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH) PRC - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) PRC - C:\Users\Name\AppData\Local\Temp\Rar$EX00.328\PNotes\PNotes.exe (Andrey Gruber) PRC - E:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe (ashampoo GmbH & Co. KG) PRC - E:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies) PRC - E:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies) PRC - E:\Program Files\ThreatFire\TFTray.exe (PC Tools) PRC - e:\Program Files\ThreatFire\TFService.exe (PC Tools) PRC - E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation) PRC - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe (Script Soft eK) PRC - E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe (LOADSTREET.de) PRC - E:\Program Files\MOette\ExtClipbrd\ExtClip.exe (M. Oette (www.oette.info)) PRC - E:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH) PRC - E:\Program Files\OO Software\CleverCache\ooccag.exe (O&O Software GmbH) PRC - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe ( ) PRC - E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe () PRC - e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe ( ) ========== Modules (SafeList) ========== MOD - C:\Users\Name\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - e:\Program Files\ThreatFire\TFWAH.dll (PC Tools) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HssSrv) -- e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) SRV - (HssTrayService) -- e:\Program Files\Hotspot Shield\bin\HssTrayService.exe () SRV - (HotspotShieldService) -- e:\Program Files\Hotspot Shield\bin\openvpnas.exe () SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (HssWd) -- e:\Program Files\Hotspot Shield\bin\hsswd.exe () SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (SbieSvc) -- e:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (AVP) -- E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ThreatFire) -- e:\Program Files\ThreatFire\TFService.exe (PC Tools) SRV - (VMLiteService) -- E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WLCleanRAM) -- e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe (Script Soft eK) SRV - (OOCleverCacheAgent) -- E:\Program Files\OO Software\CleverCache\ooccag.exe (O&O Software GmbH) SRV - (AshampooDefragService) -- e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe ( ) ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.) DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc) DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation) DRV - (SbieDrv) -- e:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SLEE_17_DRIVER) -- C:\Windows\System32\drivers\SleeN17.sys (Softwareentwicklung Remus - ArchiCrypt - ) DRV - (vmlitediskmp) -- C:\Windows\System32\drivers\vmlitediskmp.sys (VMLite, Inc.) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (vmlitedrv) -- C:\Windows\System32\drivers\vmlitedrv.sys (VMLite, Inc.) DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (VMLite, Inc.) DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (VMLite, Inc.) DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (VMLite, Inc.) DRV - (TfSysMon) -- C:\Windows\system32\drivers\TfSysMon.sys (PC Tools) DRV - (TfFsMon) -- C:\Windows\system32\drivers\TfFsMon.sys (PC Tools) DRV - (TfNetMon) -- C:\Windows\System32\drivers\TfNetMon.sys (PC Tools) DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab) DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (AVHybrid) -- C:\Windows\System32\drivers\AVHybrid.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 F6 56 5F B6 93 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{09F060FA-566D-42D7-BF79-97AB30863433}: e:\Program Files\Steganos Privacy Suite 11\pfplugin [2010.12.06 10:58:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: e:\Program Files\Steganos Privacy Suite 11\spmplugin3 [2010.12.06 10:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.10.14 17:32:22 | 000,000,000 | ---D | M] [2010.12.04 14:50:48 | 000,000,000 | ---D | M] -- C:\Users\Uwe Plesotzky\AppData\Roaming\mozilla\Extensions [2010.12.04 14:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uwe Plesotzky\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2010.12.07 15:09:43 | 000,426,732 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.google-analytics.com O1 - Hosts: 127.0.0.1 google-analytics.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 14695 more lines... O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - e:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - e:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - e:\Program Files\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O4 - HKLM..\Run: [AVP] E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [ooccctrl.exe] E:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH) O4 - HKLM..\Run: [ProcessGovernor] e:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies) O4 - HKLM..\Run: [ProcessLassoManagementConsole] e:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SSS2009 File Redirection Starter] e:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH) O4 - HKLM..\Run: [SSS2009 HotKeys] e:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH) O4 - HKLM..\Run: [ThreatFire] e:\Program Files\ThreatFire\TFTray.exe (PC Tools) O4 - HKLM..\Run: [UnlockerAssistant] E:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [vspdfprsrv.exe] E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe () O4 - HKCU..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.) O4 - HKCU..\Run: [AshSnap] e:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe (ashampoo GmbH & Co. KG) O4 - HKCU..\Run: [RAM Tuner] E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe (LOADSTREET.de) O4 - HKCU..\Run: [SSS2009 Browser Monitor] e:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH) O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk = E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung) O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk = E:\Program Files\MOette\ExtClipbrd\ExtClip.exe (M. Oette (www.oette.info)) O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk = C:\Users\Uwe Plesotzky\AppData\Local\Temp\Rar$EX00.328\PNotes\PNotes.exe (Andrey Gruber) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartmenuLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinters = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O8 - Extra context menu item: &Download by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Hinzufügen zu Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm () O8 - Extra context menu item: Suchen mit Copernic Agent - E:\Program Files\Copernic Agent\Web\SearchExt.htm () O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH) O9 - Extra 'Tools' menuitem : Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\mzvkbd3.dll) - C:\ProgramData\AVP9\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\kloehk.dll) - C:\ProgramData\AVP9\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.07 15:37:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Uwe Plesotzky\Desktop\OTL.exe [2010.12.07 11:10:31 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Godlike [2010.12.07 05:57:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{A68A6EDD-ADF1-493B-9AAC-F910EF87234A} [2010.12.06 17:24:53 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{59650237-6325-4B77-9D70-5EFDDFA82A59} [2010.12.06 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Microsoft Games [2010.12.06 11:34:41 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics [2010.12.06 11:33:23 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll [2010.12.06 11:33:20 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll [2010.12.06 11:33:19 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll [2010.12.06 11:33:17 | 000,169,256 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll [2010.12.06 11:33:17 | 000,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll [2010.12.06 11:33:16 | 000,228,784 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys [2010.12.06 11:29:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro [2010.12.06 11:05:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2010.12.06 11:05:05 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2010.12.06 11:05:04 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2010.12.06 11:05:04 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2010.12.06 11:05:04 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2010.12.06 11:05:03 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2010.12.06 11:05:00 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2010.12.06 11:04:59 | 003,317,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2010.12.06 11:04:59 | 001,976,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2010.12.06 11:04:58 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2010.12.06 11:04:57 | 003,790,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2010.12.06 11:04:57 | 000,469,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2010.12.06 11:04:56 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2010.12.06 11:04:56 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2010.12.06 11:04:56 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2010.12.06 11:04:56 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2010.12.06 11:04:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2010.12.06 11:04:56 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2010.12.06 11:04:55 | 000,739,416 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2010.12.06 11:04:55 | 000,070,232 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll [2010.12.06 11:04:55 | 000,053,848 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll [2010.12.06 11:04:55 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll [2010.12.06 11:04:54 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2010.12.06 11:04:54 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2010.12.06 11:04:54 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2010.12.06 11:04:49 | 001,558,944 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2010.12.06 11:04:47 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2010.12.06 11:04:47 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2010.12.06 11:04:47 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.12.06 11:04:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010.12.06 10:58:33 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Steganos [2010.12.06 10:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data [2010.12.06 10:34:54 | 000,000,000 | ---D | C] -- C:\Windows\uninstall [2010.12.06 10:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses [2010.12.06 10:31:07 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Engelmann Media [2010.12.06 10:31:05 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\HDX4 [2010.12.06 10:22:55 | 000,000,000 | ---D | C] -- F:\Meine empfangenen Dateien [2010.12.06 06:13:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\Tracing [2010.12.06 05:23:29 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{D44C9E51-0253-453C-9705-368646AC9F66} [2010.12.06 04:31:11 | 000,000,000 | ---D | C] -- F:\My Weblog Posts [2010.12.06 03:28:42 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\eXPert PDF Editor [2010.12.05 17:22:58 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{CB819777-A33B-4CBA-9237-A45873E4FAEE} [2010.12.05 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Windows Live Writer [2010.12.05 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Windows Live Writer [2010.12.05 17:15:42 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.12.05 16:23:48 | 000,000,000 | ---D | C] -- C:\Windows\de [2010.12.05 16:10:44 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010.12.05 16:10:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010.12.05 15:52:05 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition [2010.12.05 15:44:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.12.05 15:41:56 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live [2010.12.05 15:40:23 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft [2010.12.05 15:40:08 | 000,000,000 | ---D | C] -- C:\Programme\MSN Toolbar [2010.12.05 15:39:34 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer [2010.12.05 15:39:18 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.12.05 15:39:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.12.05 15:39:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.12.05 15:38:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.12.05 15:32:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight [2010.12.05 15:27:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Windows Live [2010.12.05 15:27:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live [2010.12.05 15:11:33 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\WindowsUpdate [2010.12.05 15:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.12.05 12:28:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.05 12:28:22 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.05 12:28:20 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.12.05 12:27:08 | 000,758,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll [2010.12.05 12:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.12.05 12:18:43 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.12.05 11:57:42 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2010.12.05 11:51:45 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2010.12.05 11:45:16 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010.12.05 11:45:15 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010.12.05 11:45:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010.12.05 11:45:13 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010.12.05 11:45:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010.12.05 11:45:11 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010.12.05 11:45:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010.12.05 11:45:10 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010.12.05 11:44:37 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010.12.05 11:44:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010.12.05 11:44:32 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010.12.05 11:44:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.12.05 11:44:28 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010.12.05 11:43:49 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010.12.05 11:32:23 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\PersBackup5 [2010.12.05 10:35:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Malwarebytes [2010.12.05 10:35:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.05 10:35:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.05 10:08:39 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\GrabPro [2010.12.05 10:08:39 | 000,000,000 | ---D | C] -- C:\downloads [2010.12.05 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Orbit [2010.12.05 10:06:54 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\Flash10d.ocx [2010.12.05 10:05:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Tobit [2010.12.05 10:03:19 | 000,000,000 | ---D | C] -- F:\Mediathek [2010.12.05 10:03:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Tobit [2010.12.05 09:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2010.12.05 09:52:35 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capicom.dll [2010.12.05 09:49:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\RapidSolution [2010.12.05 09:42:28 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Notepad++ [2010.12.05 09:40:10 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard [2010.12.05 09:33:55 | 000,000,000 | ---D | C] -- F:\Podcast Studio [2010.12.05 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Franzis [2010.12.05 09:23:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\GlarySoft [2010.12.05 09:02:14 | 000,000,000 | ---D | C] -- C:\Programme\Windows Installer Clean Up [2010.12.05 09:00:54 | 000,000,000 | ---D | C] -- C:\Programme\MSECACHE [2010.12.05 08:28:13 | 000,962,560 | ---- | C] (East Wind Software) -- C:\Windows\System32\advdaudio.ocx [2010.12.05 08:28:12 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll [2010.12.05 08:28:12 | 000,634,880 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioEditor2.dll [2010.12.05 08:28:12 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll [2010.12.05 08:28:11 | 000,522,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioTransform2.dll [2010.12.05 08:28:11 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioVisualization2.dll [2010.12.05 08:28:11 | 000,467,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioRecord2.dll [2010.12.05 08:28:11 | 000,467,456 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioPlayer2.dll [2010.12.05 08:28:10 | 000,966,144 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll [2010.12.05 08:28:10 | 000,877,568 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll [2010.12.05 08:28:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll [2010.12.05 08:27:39 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\concept design [2010.12.05 08:25:50 | 000,000,000 | ---D | C] -- C:\Programme\Alcohol Soft [2010.12.05 08:06:09 | 000,000,000 | ---D | C] -- C:\Hotspot Shield [2010.12.05 08:05:01 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\VMLite Workstation [2010.12.05 07:49:58 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\VMLites [2010.12.05 07:47:24 | 000,012,672 | ---- | C] (VMLite, Inc.) -- C:\Windows\System32\drivers\vmlitedrv.sys [2010.12.05 07:47:23 | 000,123,160 | ---- | C] (VMLite, Inc.) -- C:\Windows\System32\drivers\VBoxDrv.sys [2010.12.05 03:49:11 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.12.05 03:49:11 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.12.05 03:49:11 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.12.05 03:44:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.12.05 03:23:55 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.12.05 03:23:54 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2010.12.05 03:23:46 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.12.05 03:23:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.05 03:22:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.12.05 03:22:17 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.12.05 03:22:16 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010.12.05 03:22:13 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.12.05 03:21:55 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010.12.05 03:21:54 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010.12.05 03:21:53 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010.12.05 03:21:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.12.05 03:21:27 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.12.05 03:21:20 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.12.05 03:21:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.12.05 03:20:58 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.12.05 03:20:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010.12.05 03:20:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010.12.05 03:20:53 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.12.05 03:20:53 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.12.05 03:20:34 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.05 03:19:38 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.12.05 03:19:35 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2010.12.05 03:19:00 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.05 03:19:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.05 03:19:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.05 02:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.12.04 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\Documents [2010.12.04 20:25:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.12.04 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\CDZilla [2010.12.04 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2010.12.04 19:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\VManager [2010.12.04 19:03:26 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\MindVisualizer [2010.12.04 19:03:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ISpell [2010.12.04 18:52:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Ashampoo [2010.12.04 18:04:45 | 000,091,408 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOTXT06.DLL [2010.12.04 18:04:45 | 000,088,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBCCURS.DLL [2010.12.04 18:04:45 | 000,086,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBCINST.DLL [2010.12.04 18:04:45 | 000,021,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\CTL3DV2.DLL [2010.12.04 18:04:45 | 000,020,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\CTL3D.DLL [2010.12.04 18:04:43 | 000,202,400 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOFLT06.DLL [2010.12.04 18:04:43 | 000,190,000 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LODBF06.DLL [2010.12.04 18:04:43 | 000,055,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBC.DLL [2010.12.04 18:04:25 | 000,162,240 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOBAS06.DLL [2010.12.04 18:04:25 | 000,148,592 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOUTL06.DLL [2010.12.04 17:55:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.04 17:55:28 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.04 17:55:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.04 17:55:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.04 17:55:27 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.12.04 17:55:27 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.12.04 17:55:26 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2010.12.04 17:55:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.12.04 17:55:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.12.04 17:55:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.12.04 17:55:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.12.04 17:55:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.12.04 17:55:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.12.04 17:55:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.12.04 17:55:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.04 17:55:23 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.12.04 17:55:23 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.12.04 17:55:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.12.04 17:55:23 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.12.04 17:55:23 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.12.04 17:55:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2010.12.04 17:55:22 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010.12.04 17:55:22 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.04 17:55:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.12.04 17:55:22 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.04 17:55:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.12.04 17:55:21 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.12.04 17:55:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.12.04 17:55:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.12.04 17:55:20 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.12.04 17:55:20 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.12.04 17:55:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.12.04 17:55:19 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.12.04 17:55:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.04 17:55:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.12.04 17:55:17 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.12.04 17:53:55 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2010.12.04 17:53:55 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2010.12.04 17:53:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2010.12.04 17:52:01 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.12.04 17:51:59 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.12.04 17:51:59 | 000,804,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.12.04 17:51:58 | 001,076,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.12.04 17:51:58 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.12.04 17:50:18 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.12.04 17:50:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.12.04 17:48:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2010.12.04 17:46:38 | 000,000,000 | ---D | C] -- C:\Programme\Feedback Tool [2010.12.04 17:10:15 | 000,450,560 | ---- | C] (LogicNP Software (hxxp://www.ssware.com)) -- C:\Windows\System32\fldrvw90.ocx [2010.12.04 17:10:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\AllDup [2010.12.04 17:10:13 | 001,000,992 | ---- | C] (Bennet-Tec Information Systems, Inc) -- C:\Windows\System32\TList8.ocx [2010.12.04 17:10:11 | 002,344,880 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v13.2.1.ocx [2010.12.04 17:10:11 | 000,089,888 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtFrame.ocx [2010.12.04 17:10:11 | 000,044,736 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtSubclass.dll [2010.12.04 17:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.12.04 17:10:10 | 000,171,752 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtRTF2.ocx [2010.12.04 17:10:08 | 000,086,016 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtSplitter.ocx [2010.12.04 17:09:30 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll [2010.12.04 17:07:36 | 000,391,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\i263_32.drv [2010.12.04 17:07:36 | 000,143,872 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iacenc.dll [2010.12.04 17:07:36 | 000,027,648 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\ir50_lcs.dll [2010.12.04 17:06:57 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe [2010.12.04 17:04:26 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.dll [2010.12.04 17:04:24 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax [2010.12.04 17:04:20 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.dll [2010.12.04 17:04:08 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.exe [2010.12.04 17:03:36 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll [2010.12.04 17:03:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv [2010.12.04 17:03:35 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll [2010.12.04 17:03:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2010.12.04 17:03:28 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2010.12.04 17:01:55 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Runscanner.net [2010.12.04 17:01:48 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvw7.dll [2010.12.04 17:01:47 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvpx.dll [2010.12.04 17:01:46 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvm6.dll [2010.12.04 17:01:45 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplva6.dll [2010.12.04 17:01:45 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplaw7.dll [2010.12.04 17:01:44 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplaa6.dll [2010.12.04 17:01:44 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplapx.dll [2010.12.04 17:01:44 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplam6.dll [2010.12.04 17:01:42 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgspl.ax [2010.12.04 17:01:42 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgvd.ax [2010.12.04 17:01:42 | 000,046,592 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgad.ax [2010.12.04 17:01:04 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\temp.001 [2010.12.04 17:01:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll [2010.12.04 17:01:01 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll [2010.12.04 17:01:01 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll [2010.12.04 17:00:57 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000 [2010.12.04 17:00:56 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll [2010.12.04 17:00:55 | 000,155,648 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll [2010.12.04 17:00:54 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll [2010.12.04 17:00:52 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll [2010.12.04 17:00:49 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll [2010.12.04 17:00:48 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll [2010.12.04 17:00:47 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll [2010.12.04 17:00:47 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll [2010.12.04 17:00:47 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll [2010.12.04 17:00:46 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll [2010.12.04 17:00:46 | 000,028,672 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll [2010.12.04 17:00:45 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll [2010.12.04 17:00:45 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll [2010.12.04 17:00:45 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll [2010.12.04 17:00:44 | 000,126,976 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll [2010.12.04 17:00:44 | 000,081,920 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll [2010.12.04 17:00:43 | 000,126,976 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll [2010.12.04 17:00:43 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll [2010.12.04 17:00:42 | 000,192,512 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll [2010.12.04 17:00:42 | 000,039,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdrom.sys [2010.12.04 16:31:53 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\vlc [2010.12.04 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\DivX [2010.12.04 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\ashampoo [2010.12.04 16:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo [2010.12.04 16:29:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine [2010.12.04 16:23:36 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2010.12.04 16:22:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared [2010.12.04 16:21:01 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2010.12.04 16:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.12.04 16:14:36 | 000,059,664 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys [2010.12.04 16:14:35 | 000,033,552 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys [2010.12.04 16:14:32 | 000,051,984 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys [2010.12.04 16:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2010.12.04 16:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.12.04 16:12:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.12.04 16:11:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.12.04 16:11:32 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.04 16:11:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.04 16:11:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.04 16:05:24 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RCHTXDE.DLL [2010.12.04 16:05:18 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL [2010.12.04 16:05:13 | 000,090,112 | ---- | C] (AvroSoft) -- C:\Windows\System32\asTrayIcon.dll [2010.12.04 16:05:12 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX [2010.12.04 16:05:01 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX [2010.12.04 16:05:00 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL [2010.12.04 16:04:59 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX [2010.12.04 16:04:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGDE.DLL [2010.12.04 16:04:32 | 000,151,552 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll [2010.12.04 15:59:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\LOADSTREET [2010.12.04 15:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF 4 [2010.12.04 15:53:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010.12.04 15:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.12.04 15:37:59 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Copernic [2010.12.04 15:37:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Copernic [2010.12.04 15:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs [2010.12.04 15:31:42 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Uniblue [2010.12.04 15:29:17 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Macromedia [2010.12.04 15:29:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Adobe [2010.12.04 15:28:35 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Google [2010.12.04 15:27:31 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\translateclient [2010.12.04 15:13:20 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2010.12.04 15:10:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield [2010.12.04 15:07:39 | 000,000,000 | ---D | C] -- C:\IExp1.tmp [2010.12.04 15:07:33 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages [2010.12.04 15:07:33 | 000,000,000 | ---D | C] -- C:\IExp0.tmp [2010.12.04 15:07:29 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Components [2010.12.04 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF Jobs [2010.12.04 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF [2010.12.04 15:00:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\AVP9 [2010.12.04 14:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2010.12.04 14:59:14 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2010.12.04 14:50:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Mozilla [2010.12.04 14:50:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Thunderbird [2010.12.04 14:50:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Thunderbird [2010.12.04 14:46:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\DualCoreTuner [2010.12.04 14:45:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.12.04 14:42:27 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\AntiBrowserSpy 2009 [2010.12.04 14:42:23 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.12.04 14:41:54 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Abelssoft [2010.12.04 14:40:00 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\TeraCopy [2010.12.04 14:38:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\ProcessLasso [2010.12.04 14:31:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.12.04 14:30:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\WinRAR [2010.12.04 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Opera [2010.12.04 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Opera [2010.12.04 14:27:46 | 000,000,000 | ---D | C] -- C:\Programme\Opera 11.00 beta [2010.12.04 14:19:24 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Searches [2010.12.04 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Identities [2010.12.04 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Contacts [2010.12.04 14:19:09 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\VirtualStore [2010.12.04 14:19:08 | 000,000,000 | --SD | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Videos [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Saved Games [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Links [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Favorites [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Downloads [2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Desktop [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Vorlagen [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Verlauf [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Temporary Internet Files [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Startmenü [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\SendTo [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Recent [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Netzwerkumgebung [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Lokale Einstellungen [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Eigene Dateien [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Druckumgebung [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Cookies [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Anwendungsdaten [2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Anwendungsdaten [2010.12.04 14:19:08 | 000,000,000 | -H-D | C] -- C:\Users\Uwe Plesotzky\AppData [2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Temp [2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Microsoft [2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Media Center Programs [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Programme [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.12.04 14:13:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.12.04 14:11:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.12.04 14:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010.12.04 14:10:35 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.12.04 14:10:22 | 000,000,000 | -HSD | C] -- C:\Boot [2010.12.01 16:43:13 | 000,000,000 | ---D | C] -- F:\Fernsehen aufnehmen [2010.12.01 16:18:11 | 000,000,000 | ---D | C] -- F:\StreamTransport [2010.11.26 06:02:06 | 000,000,000 | ---D | C] -- F:\Transmiti [2010.11.11 14:42:27 | 000,000,000 | ---D | C] -- F:\South Park [2010.11.10 02:28:46 | 000,301,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.12.07 15:41:30 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.07 15:41:30 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.07 15:38:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Uwe Plesotzky\Desktop\OTL.exe [2010.12.07 15:35:03 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001UA.job [2010.12.07 15:33:31 | 000,000,842 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk [2010.12.07 15:32:55 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2010.12.07 15:32:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.07 15:32:29 | 1408,737,280 | -HS- | M] () -- C:\hiberfil.sys [2010.12.07 15:30:15 | 000,002,245 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2010.12.07 15:09:43 | 000,426,732 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010.12.06 17:34:15 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001Core.job [2010.12.06 11:39:09 | 000,357,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.12.06 11:35:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.12.05 12:10:42 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.12.05 12:10:42 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.05 12:10:42 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.12.05 12:10:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.05 09:33:13 | 000,007,229 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.dat [2010.12.05 09:32:45 | 000,712,710 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.exe [2010.12.05 08:30:59 | 000,722,416 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys [2010.12.05 07:38:22 | 000,009,728 | ---- | M] () -- C:\Windows\System32\BASSMOD.dll [2010.12.05 07:32:35 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib [2010.12.05 07:09:16 | 000,000,197 | ---- | M] () -- C:\Windows\magix.ini [2010.12.04 20:30:54 | 000,000,895 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101205-172127.backup [2010.12.04 20:18:06 | 000,017,490 | ---- | M] () -- C:\Windows\System32\drivers\etc\services [2010.12.04 20:18:05 | 000,000,094 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\sversion.ini [2010.12.04 20:15:39 | 000,069,632 | ---- | M] () -- C:\Windows\uinst001.exe [2010.12.04 20:13:29 | 000,000,791 | ---- | M] () -- C:\Users\Uwe Plesotzky\Uwe - Verknüpfung.lnk [2010.12.04 20:00:04 | 000,000,100 | ---- | M] () -- C:\index.ini [2010.12.04 18:04:57 | 000,001,104 | ---- | M] () -- C:\Windows\ODBCINST.INI [2010.12.04 18:04:54 | 000,000,306 | ---- | M] () -- C:\Windows\lotus.ini [2010.12.04 18:04:51 | 000,004,477 | ---- | M] () -- C:\Windows\ORG2.INI [2010.12.04 18:04:51 | 000,000,087 | ---- | M] () -- C:\Windows\winhelp.ini [2010.12.04 17:25:48 | 000,000,000 | ---- | M] () -- C:\Windows\homeDVD-Filme2.INI [2010.12.04 17:07:42 | 000,005,767 | ---- | M] () -- C:\Windows\System32\CDUninst.isu [2010.12.04 17:03:26 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2010.12.04 17:03:25 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2010.12.04 16:10:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.12.04 16:10:59 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.04 16:10:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.04 16:10:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.04 16:05:37 | 000,000,790 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk [2010.12.04 15:39:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010.12.04 15:39:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010.12.04 15:28:15 | 000,115,465 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2010.12.04 15:28:14 | 000,097,545 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2010.12.04 15:27:31 | 000,003,298 | ---- | M] () -- C:\Windows\System32\StyleVista.png [2010.12.04 15:27:31 | 000,003,137 | ---- | M] () -- C:\Windows\System32\StyleVistaDown.png [2010.12.04 15:26:42 | 000,000,927 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Translate Client.lnk [2010.12.04 15:16:47 | 000,001,179 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ashampoo Magical Defrag.lnk [2010.12.04 14:59:14 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2010.12.04 14:14:51 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf [2010.12.04 14:13:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.12.04 14:10:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010.12.04 10:45:35 | 000,000,797 | ---- | M] () -- F:\VideoCacheView.cfg [2010.12.03 15:44:28 | 000,031,708 | ---- | M] () -- C:\Users\Uwe Plesotzky\Desktop\Das verlorene Kompliment.pdf [2010.12.02 15:31:44 | 000,301,491 | ---- | M] () -- C:\Users\Uwe Plesotzky\Desktop\Sparsamkeit für ein besseres Leben.pdf [2010.11.30 17:06:02 | 003,317,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.11.24 14:24:40 | 003,790,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2010.11.24 14:24:40 | 001,976,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2010.11.22 11:39:10 | 000,469,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2010.11.11 13:27:00 | 000,069,224 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2010.11.10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [2010.11.08 07:31:30 | 000,359,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2010.11.08 07:31:30 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2010.11.08 07:31:28 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2010.11.08 07:31:28 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2010.11.08 07:31:28 | 000,170,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2010.11.08 07:31:28 | 000,064,856 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.12.07 15:30:15 | 000,002,245 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2010.12.06 18:29:57 | 000,301,491 | ---- | C] () -- C:\Users\Uwe Plesotzky\Desktop\Sparsamkeit für ein besseres Leben.pdf [2010.12.06 18:29:43 | 000,031,708 | ---- | C] () -- C:\Users\Uwe Plesotzky\Desktop\Das verlorene Kompliment.pdf [2010.12.06 11:35:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.12.05 12:27:08 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2010.12.05 10:03:10 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2010.12.05 09:33:12 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe [2010.12.05 09:33:11 | 000,712,710 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.exe [2010.12.05 09:33:11 | 000,007,229 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.dat [2010.12.05 08:30:59 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.12.05 08:28:13 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll [2010.12.05 08:28:13 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll [2010.12.05 08:28:10 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2010.12.05 07:38:22 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2010.12.04 20:14:06 | 000,000,094 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\sversion.ini [2010.12.04 20:13:29 | 000,000,791 | ---- | C] () -- C:\Users\Uwe Plesotzky\Uwe - Verknüpfung.lnk [2010.12.04 20:03:19 | 000,069,632 | ---- | C] () -- C:\Windows\uinst001.exe [2010.12.04 20:00:04 | 000,000,100 | ---- | C] () -- C:\index.ini [2010.12.04 19:35:39 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.12.04 18:04:51 | 000,001,104 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.12.04 18:04:51 | 000,000,306 | ---- | C] () -- C:\Windows\lotus.ini [2010.12.04 18:04:51 | 000,000,087 | ---- | C] () -- C:\Windows\winhelp.ini [2010.12.04 18:04:50 | 000,004,477 | ---- | C] () -- C:\Windows\ORG2.INI [2010.12.04 18:04:49 | 000,000,628 | ---- | C] () -- C:\Windows\ODBC.INI [2010.12.04 18:04:46 | 000,000,695 | ---- | C] () -- C:\Windows\System\QELO.LIC [2010.12.04 18:04:43 | 000,146,544 | ---- | C] () -- C:\Windows\System\NWCALLS.DLL [2010.12.04 18:04:43 | 000,006,496 | ---- | C] () -- C:\Windows\System\ODBCADM.EXE [2010.12.04 17:55:20 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.12.04 17:29:01 | 000,001,150 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001UA.job [2010.12.04 17:29:00 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001Core.job [2010.12.04 17:25:48 | 000,000,000 | ---- | C] () -- C:\Windows\homeDVD-Filme2.INI [2010.12.04 17:08:12 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job [2010.12.04 17:07:36 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll [2010.12.04 17:07:18 | 000,005,767 | ---- | C] () -- C:\Windows\System32\CDUninst.isu [2010.12.04 17:03:37 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2010.12.04 17:03:37 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd [2010.12.04 17:01:40 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll [2010.12.04 16:05:37 | 000,000,790 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk [2010.12.04 16:05:13 | 000,000,197 | ---- | C] () -- C:\Windows\magix.ini [2010.12.04 16:04:42 | 000,000,747 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.12.04 15:39:50 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010.12.04 15:39:50 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010.12.04 15:37:23 | 000,110,110 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe [2010.12.04 15:27:31 | 000,003,298 | ---- | C] () -- C:\Windows\System32\StyleVista.png [2010.12.04 15:27:31 | 000,003,137 | ---- | C] () -- C:\Windows\System32\StyleVistaDown.png [2010.12.04 15:26:42 | 000,000,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Translate Client.lnk [2010.12.04 15:16:47 | 000,001,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ashampoo Magical Defrag.lnk [2010.12.04 15:03:39 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll [2010.12.04 15:00:00 | 000,115,465 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2010.12.04 15:00:00 | 000,097,545 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2010.12.04 14:24:43 | 000,000,842 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk [2010.12.04 14:13:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.12.04 14:11:14 | 1408,737,280 | -HS- | C] () -- C:\hiberfil.sys [2010.12.04 14:10:23 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2010.12.04 14:10:22 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2010.07.15 07:46:56 | 000,286,720 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll [2006.05.16 10:04:00 | 000,891,776 | ---- | C] () -- C:\Windows\System32\drivers\AVHybrid.sys [2006.01.08 14:53:24 | 000,005,120 | ---- | C] () -- C:\Windows\System32\hash2.dll [2005.12.06 10:45:44 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.12.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Name\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53,71 Gb Total Space | 37,20 Gb Free Space | 69,26% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 26,47 Gb Free Space | 17,26% Space Free | Partition Type: NTFS
Drive E: | 214,84 Gb Total Space | 97,36 Gb Free Space | 45,32% Space Free | Partition Type: NTFS
Drive F: | 197,19 Gb Total Space | 88,92 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive H: | 3,83 Gb Total Space | 0,01 Gb Free Space | 0,14% Space Free | Partition Type: exFAT
Computer Name: Name | User Name: Name | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Unstopcp] -- "e:\Program Files\Roadkil.Net\UnstopCpy_5_2_Win2K_UP.exe" "%1" * (Roadkil.Net)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"e:\Program Files\Orbitdownloader\orbitdm.exe" = e:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"e:\Program Files\Orbitdownloader\orbitnet.exe" = e:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FD60254-35B7-4915-862B-26847C9FE8DE}" = Tunebite
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{18AE8ACB-0419-45F6-9CF6-155E128A4BCE}_is1" = GD WinTools.net 8.1 Ultimate
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.4.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B5FEE89-AB5A-4EA9-A3AB-40216ADE225B}" = MovieJack DVD 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1" = GoogleClean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53480390-0EC4-429E-BBEE-78E19EEB03BD}" = O&O CleverCache
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E1807A9-AA8B-4541-9D22-ADB579051031}" = Steganos Privacy Suite 11
"{82FEA187-116E-4CDA-A333-AB6ED22380C7}_is1" = Audio 180% 7
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{937C2799-B8DD-4519-96B2-4E2E84EF5B1E}" = Mein Foto-Puzzle
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A4D873-47B9-454A-A567-8AFF41C07155}" = Ontrack EasyRecovery DataRecovery
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = Photomizer
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBDE3689-D702-446B-995B-E5A4B7BF0795}" = VMLite Workstation
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{DC527206-6118-45BB-AD28-D6854C509CD5}_is1" = Fälscherwerkstatt 4 1.0
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AllDup_is1" = AllDup 3.2.14
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo Magical Defrag" = Ashampoo Magical Defrag
"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60
"Ashampoo Slideshow Studio 2010_is1" = Ashampoo Slideshow Studio 2010
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.40
"aTube Catcher" = aTube Catcher
"Browser-Anonymisierer_is1" = Browser-Anonymisierer 1.0
"CCleaner" = CCleaner
"Celtx (2.7)" = Celtx (2.7)
"Chilirec_0" = Chilirec 1.01
"Cleanse Uninstaller PC-Welt version " = Cleanse Uninstaller PC-Welt version
"CodInstl" = Intel A/V Codecs V2.0
"Copernic Agent Basic" = Copernic Agent Basic
"DivX Setup.divx.com" = DivX-Setup
"Extended Clipboard_is1" = Extended Clipboard v. Extended Clipboard v. 1.4.24
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.50
"FreeCommander_is1" = FreeCommander 2009.02b
"Glary Utilities_is1" = Glary Utilities 2.30.0.1066
"Guardian Of Data_is1" = Guardian Of Data v2.1
"HotspotShield" = Hotspot Shield 1.52
"InstallShield_{97A4D873-47B9-454A-A567-8AFF41C07155}" = Ontrack EasyRecovery DataRecovery
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"KeyTweak" = KeyTweak - Keyboard Remapper (remove only)
"MAGIX Filme auf CD & DVD 2.0" = MAGIX Filme auf CD & DVD 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Picture It!" = Microsoft Picture It! 99
"Mind Visualizer Deutsche Version_is1" = Mind Visualizer Deutsche Version
"Miro" = Miro
"MP3DirectCut" = MP3DirectCut 2.12
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.00.1111" = Opera 11.00 beta build 1111
"Orbit_is1" = Orbit Downloader
"Perfect Tools für Vista_is1" = Perfect Tools für Vista 1.00
"Personal Backup 5_is1" = Personal Backup 5.0
"ProcessLasso" = Process Lasso
"S.A.D. - DualCore Tuner_is1" = S.A.D. - DualCore Tuner
"Sandboxie" = Sandboxie 3.48
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.12
"Translate Client" = Client for Google Translate
"Treiber-Studio" = Treiber-Studio 6.1.7.101
"Unlocker" = Unlocker 1.9.0
"VLC media player" = VLC media player 1.1.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winspeedup3_is1" = WinSpeedUp 3.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"StarOffice 7" = StarOffice 7
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.12.2010 22:20:45 | Computer Name = Name | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 6f8 Startzeit: 01cb94eab5328a3c Endzeit: 7715 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: 65c5cd83-00df-11e0-9f8e-001966973347
Error - 06.12.2010 01:51:14 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0,
Zeitstempel: 0x4c9a9025 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xa98 Startzeit der fehlerhaften Anwendung: 0x01cb9509665b300c Pfad der
fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: d53c4815-00fc-11e0-884e-001966973347
Error - 06.12.2010 05:57:32 | Computer Name = Name | Source = VSS | ID = 8194
Description =
Error - 06.12.2010 06:41:09 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0,
Zeitstempel: 0x4c9a9025 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x924 Startzeit der fehlerhaften Anwendung: 0x01cb9531e24cd1d4 Pfad der
fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 5570adb4-0125-11e0-944d-001966973347
Error - 06.12.2010 15:11:51 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 11.0.1111.0,
Zeitstempel: 0x4cea5059 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x5c135aa6 ID des fehlerhaften
Prozesses: 0x151c Startzeit der fehlerhaften Anwendung: 0x01cb9575fb35226c Pfad der
fehlerhaften Anwendung: C:\Program Files\Opera 11.00 beta\opera.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: ae0e523d-016c-11e0-944d-001966973347
Error - 06.12.2010 22:11:10 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0,
Zeitstempel: 0x4c9a9025 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x9dc Startzeit der fehlerhaften Anwendung: 0x01cb95b3ce9ac448 Pfad der
fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: 41bbf183-01a7-11e0-a4c0-001966973347
Error - 07.12.2010 05:45:21 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0,
Zeitstempel: 0x4c9a9025 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xae4 Startzeit der fehlerhaften Anwendung: 0x01cb95f33ec8ba88 Pfad der
fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: b4697692-01e6-11e0-bf54-001966973347
Error - 07.12.2010 08:21:52 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wlcomm.exe, Version: 15.4.3508.1109,
Zeitstempel: 0x4cda5f30 Name des fehlerhaften Moduls: LiveNatTrav.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4cda709b Ausnahmecode: 0xc0000005 Fehleroffset: 0x63cd645b
ID
des fehlerhaften Prozesses: 0x17a8 Startzeit der fehlerhaften Anwendung: 0x01cb96073135c648
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Live\Contacts\wlcomm.exe Pfad
des fehlerhaften Moduls: LiveNatTrav.dll Berichtskennung: 92572b4c-01fc-11e0-accd-001966973347
Error - 07.12.2010 08:37:08 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0,
Zeitstempel: 0x4c9a9025 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x9c4 Startzeit der fehlerhaften Anwendung: 0x01cb960b407d171c Pfad der
fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe Pfad des
fehlerhaften Moduls: unknown Berichtskennung: b42b3b60-01fe-11e0-926a-001966973347
Error - 07.12.2010 10:06:59 | Computer Name = Name | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 82c Startzeit:
01cb96132c4a8156 Endzeit: 218 Anwendungspfad: E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Berichts-ID:
3f657f0a-020b-11e0-9872-001966973347
[ System Events ]
Error - 07.12.2010 08:36:34 | Computer Name = Name | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 07.12.2010 08:37:13 | Computer Name = Name | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Hotspot Shield Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 07.12.2010 08:40:58 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 07.12.2010 08:50:33 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 07.12.2010 08:53:31 | Computer Name = Name | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 07.12.2010 09:12:23 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 07.12.2010 10:09:45 | Computer Name = Name | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 07.12.2010 10:16:01 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 07.12.2010 10:32:27 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 07.12.2010 10:35:33 | Computer Name = Name | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
|
|
08.12.2010, 09:04
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kann einen Eintrag nicht fixen!Zitat:
Wo ist das Log von malwarebytes?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.12.2010, 12:18
| #5 |
| | Kann einen Eintrag nicht fixen! In meinem ersten Logfile von HiJack habe ich diese beiden Einträge gefixt. Anschließend konnte ich den anderen auch fixen. Hatte leider nicht mehr die Zeit Malewarebytes durchlaufen zu lassen, und es läuft ja auch imnmer ziemlich lang wenn ich es starte! LG Uwe |
|
08.12.2010, 13:07
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kann einen Eintrag nicht fixen!Zitat:
Wenn ja: Wo ist das Log davon?
__________________ --> Kann einen Eintrag nicht fixen! |
|
08.12.2010, 16:22
| #7 |
| | Kann einen Eintrag nicht fixen! Habe schon öfters mal einen Vollscan gemacht, aber nie einen Log aufgehoben. Werde es auch noch durchlaufen lassen! Gruß Uwe |
|
08.12.2010, 16:24
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kann einen Eintrag nicht fixen! Schau im Programm (malwarebytes) im Reiter Log-Dateien nach. Da werden alle Logs gespeichert.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.12.2010, 16:28
| #9 |
| | Kann einen Eintrag nicht fixen! Danke, habe ich noch gar nie drauf geachtet. Hier also der letzte komplette Scan: Malwarebytes' Anti-Malware 1.50 Malwarebytes Datenbank Version: 5247 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 05.12.2010 14:37:54 mbam-log-2010-12-05 (14-37-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|I:\|) Durchsuchte Objekte: 56490 Laufzeit: 3 Stunde(n), 32 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
08.12.2010, 16:40
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kann einen Eintrag nicht fixen! Noch weitere Logs da? Bitte alle posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.12.2010, 16:41
| #11 |
| | Kann einen Eintrag nicht fixen! Habe keine weiteren. Habe windows vor kurzem erst neu aufgesetzt! |
|
08.12.2010, 16:45
| #12 |
| | Kann einen Eintrag nicht fixen! Habe Windows erst kürzlich neu aufgesetzt! Keine weiteren Logs da! |
|
08.12.2010, 19:59
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kann einen Eintrag nicht fixen! Da hättest auch mal eher erwähnen können. Dann gibt es auch gar keinen echten Anlass irgendwas fixen zu müssen! Und HijackThis kannst du für heutige Geschichten vergessen, denn das Tool ist fast Steinzeit! Kannst du mir mal verraten was du jetzt schon mit dem IE9 willst? Der ist noch in der Betaphase. Wer rumspielen will und mit Fehlern leben kann ist das ok, aber ich würde den nicht aufspielen, sondern erst wenn der offiziell freigegeben wurde.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Kann einen Eintrag nicht fixen! |
| bho, desktop, downloader, expert pdf, explorer, hijack, hijackthis, hotspot, hotspot shield, internet, internet explorer, kaspersky, locker, logfile, microsoft, nvidia, opera, pdf, plug-in, realtek, safer networking, security, sicherheit, software, start menu, starten, suche, system, tastatur, vista, windows, wmp |
Hybrid-Darstellung
