| |
| |||||||
Log-Analyse und Auswertung: malware,trojaner,oder doch nur paranoia ;)?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.12.2010, 12:09
| #1 |
 |  malware,trojaner,oder doch nur paranoia ;)? hey leute,schaut euch das ma an und sacht mir was dazu, hab ich probleme  ?HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:10:07, on 15.12.2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11263 bytes |
|
17.12.2010, 10:20
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | malware,trojaner,oder doch nur paranoia ;)?Zitat:
__________________ |
|
17.12.2010, 12:45
| #3 |
| | malware,trojaner,oder doch nur paranoia ;)? ja hey,hey immer mit der ruhe...du weißt doch,freundlichkeit is ein boomerang
__________________.es gab seitens meines kreditinstitutes nur die sorge,dass ich nen trojaner auf meiner maschine hab,da man sich während meiner abwesenheit wohl in mein online banking schleichen wollte . hab bitdefender,spybot,a-squared,g-data und Malwarebytes drüber laufen lassen,paar viren aufgespürt und vernichtet. wollte nun mal wissen,ob euch was in der richtung auffällt.mein pc zickt nicht rum,kriege keine mails oder hab layer auf der seite meiner bank, in denen ich aufgefordert werde meine tans einzugebn. |
|
17.12.2010, 13:35
| #4 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | malware,trojaner,oder doch nur paranoia ;)?Zitat:
Zitat:
 rauskramen?  Zitat:
 Bitte alles an vorhandenen Logs posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.12.2010, 23:27
| #5 |
| | malware,trojaner,oder doch nur paranoia ;)? malwarebytes Malwarebytes' Anti-Malware 1.12 Datenbank Version: 722 Scan Art: Schnell Scan Objekte gescannt: 30400 Scan Dauer: 2 minute(s), 24 second(s) Infizierte Speicher Prozesse: 0 Infizierte Speicher Module: 0 Infizierte Registrierungsschlüssel: 21 Infizierte Registrierungswerte: 0 Infizierte Datei Objekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicher Prozesse: (Keine Malware Objekte gefunden) Infizierte Speicher Module: (Keine Malware Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\asapcom.asapenvelope (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapenvelope.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmessage (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmessage.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapclass (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapclass.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmain (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asapmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asaprecipients (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\asapcom.asaprecipients.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} (Adware.Hotbar) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine Malware Objekte gefunden) Infizierte Datei Objekte der Registrierung: (Keine Malware Objekte gefunden) Infizierte Verzeichnisse: (Keine Malware Objekte gefunden) Infizierte Dateien: C:\Program Files (x86)\Common Files\G DATA\AVKProxy\asapsdk.dll (Adware.Hotbar) -> Quarantined and deleted successfully. |
|
17.12.2010, 23:35
| #6 |
| | malware,trojaner,oder doch nur paranoia ;)? DSS Deckard's System Scanner v20071014.68 Run by MediaMarkt on 2010-12-17 23:28:34 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- CreateFirstRunRp is disabled or missing; attempting to fix...success. Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 9: 2010-12-17 10:21:06 UTC - RP131 - Windows Update 8: 2010-12-16 11:39:09 UTC - RP130 - Windows Update 7: 2010-12-14 08:36:11 UTC - RP129 - Windows Update 6: 2010-12-13 11:23:53 UTC - RP128 - Installiert Star Wars Battlefront II 5: 2010-12-13 11:15:47 UTC - RP127 - Windows-Sicherung -- First Restore Point -- 1: 2010-12-03 15:59:07 UTC - RP123 - Windows Update Backed up registry hives. Performed disk cleanup. -- HijackThis (run as MediaMarkt.exe) ------------------------------------------ HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:30:04, on 17.12.2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe F:\Moi\BigT\VundoFix.exe C:\PROGRA~2\FREEDO~1\fdm.exe F:\OTL.exe F:\Moi\BigT\dss.exe C:\PROGRA~2\TRENDM~1\HIJACK~1\MediaMarkt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [a-squared] "C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe" /d=60 O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe" O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11531 bytes -- File Associations ----------------------------------------------------------- .bat - batfile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-68 .cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-68 .chm - chm.file - DefaultIcon - %SystemRoot%\hh.exe,0 .chm - chm.file - shell\open\command - "%SystemRoot%\hh.exe" %1 .cpl - cplfile - shell\cplopen\command - %SystemRoot%\System32\control.exe "%1",%* .hlp - hlpfile - shell\open\command - %SystemRoot%\winhlp32.exe %1 .inf - inffile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-69 .ini - inifile - DefaultIcon - imageres.dll,-69 .js - JSFile - DefaultIcon - C:\Windows\System32\WScript.exe,3 .js - JSFile - shell\open\command - C:\Windows\System32\WScript.exe "%1" %* .reg - regfile - shell\open\command - regedit.exe "%1" %* .reg - regfile - shell\edit\command - %SystemRoot%\system32\notepad.exe "%1" .scr - scrfile - shell\open\command - "%1" %* .txt - txtfile - DefaultIcon - %SystemRoot%\system32\imageres.dll,-102 .vbs - VBSFile - shell\open\command - "%SystemRoot%\System32\WScript.exe" "%1" %* .vbs - VBSFile - shell\edit\command - "%SystemRoot%\System32\Notepad.exe" %1 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing) R0 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing) R0 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing) R0 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing) R0 aliide - c:\windows\system32\drivers\aliide.sys (file missing) R0 amdide - c:\windows\system32\drivers\amdide.sys (file missing) R0 amdsata - c:\windows\system32\drivers\amdsata.sys (file missing) R0 amdsbs - c:\windows\system32\drivers\amdsbs.sys (file missing) R0 amdxata - c:\windows\system32\drivers\amdxata.sys (file missing) R0 arc - c:\windows\system32\drivers\arc.sys (file missing) R0 arcsas (Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver) - c:\windows\system32\drivers\arcsas.sys (file missing) R0 atapi (IDE-Kanal) - c:\windows\system32\drivers\atapi.sys (file missing) R0 bdfsfltr - c:\windows\system32\drivers\bdfsfltr.sys (file missing) R0 CLFS (Gemeinsames Protokoll (CLFS)) - c:\windows\system32\clfs.sys (file missing) R0 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing) R0 CNG - c:\windows\system32\drivers\cng.sys (file missing) R0 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing) R0 Disk (Laufwerktreiber) - c:\windows\system32\drivers\disk.sys (file missing) R0 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing) R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing) R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing) R0 fvevol (Filtertreiber der Bitlocker-Laufwerkverschlüsselung) - c:\windows\system32\drivers\fvevol.sys (file missing) R0 GDBehave - c:\windows\system32\drivers\gdbehave.sys (file missing) R0 HpSAMD - c:\windows\system32\drivers\hpsamd.sys (file missing) R0 hwpolicy (Hardware Policy Driver) - c:\windows\system32\drivers\hwpolicy.sys (file missing) R0 iaStorV (Intel RAID Controller Windows 7) - c:\windows\system32\drivers\iastorv.sys (file missing) R0 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing) R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing) R0 isapnp - c:\windows\system32\drivers\isapnp.sys (file missing) R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing) R0 KSecPkg - c:\windows\system32\drivers\ksecpkg.sys (file missing) R0 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing) R0 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing) R0 LSI_SAS2 - c:\windows\system32\drivers\lsi_sas2.sys (file missing) R0 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing) R0 megasas - c:\windows\system32\drivers\megasas.sys (file missing) R0 MegaSR - c:\windows\system32\drivers\megasr.sys (file missing) R0 mountmgr (Bereitstellungspunkt-Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing) R0 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing) R0 msahci - c:\windows\system32\drivers\msahci.sys (file missing) R0 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing) R0 msisadrv - c:\windows\system32\drivers\msisadrv.sys (file missing) R0 Mup - c:\windows\system32\drivers\mup.sys (file missing) R0 NDIS (NDIS-Systemtreiber) - c:\windows\system32\drivers\ndis.sys (file missing) R0 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing) R0 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing) R0 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing) R0 partmgr (Partitions-Manager) - c:\windows\system32\drivers\partmgr.sys (file missing) R0 pci (PCI-Bus-Treiber) - c:\windows\system32\drivers\pci.sys (file missing) R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing) R0 pcw (Performance Counters for Windows Driver) - c:\windows\system32\drivers\pcw.sys (file missing) R0 PxHlpa64 - c:\windows\system32\drivers\pxhlpa64.sys (file missing) R0 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing) R0 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing) R0 rdyboost (ReadyBoost) - c:\windows\system32\drivers\rdyboost.sys (file missing) R0 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing) R0 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing) R0 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing) R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing) R0 stexstor - c:\windows\system32\drivers\stexstor.sys (file missing) R0 Tcpip (TCP/IP-Protokolltreiber) - c:\windows\system32\drivers\tcpip.sys (file missing) R0 vdrvroot (Microsoft Virtual Drive Enumerator Driver) - c:\windows\system32\drivers\vdrvroot.sys (file missing) R0 viaide - c:\windows\system32\drivers\viaide.sys (file missing) R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing) R0 volmgrx (Dynamischer Volume-Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing) R0 volsnap (Speichervolumes) - c:\windows\system32\drivers\volsnap.sys (file missing) R0 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing) R0 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing) R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing) R1 AFD (Ancillary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing) R1 Beep - c:\windows\system32\drivers\beep.sys (file missing) R1 blbdrive - c:\windows\system32\drivers\blbdrive.sys (file missing) R1 cdrom (CD-ROM-Laufwerktreiber) - c:\windows\system32\drivers\cdrom.sys (file missing) R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing) R1 discache (System Attribute Cache) - c:\windows\system32\drivers\discache.sys (file missing) R1 gdwfpcd (G DATA WFP CD) - c:\windows\system32\drivers\gdwfpcd64.sys (file missing) R1 GRD (G Data Rootkit Detector Driver) - c:\windows\system32\drivers\grd.sys (file missing) R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing) R1 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing) R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing) R1 NetBT - c:\windows\system32\drivers\netbt.sys (file missing) R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing) R1 nsiproxy (NSI proxy service driver.) - c:\windows\system32\drivers\nsiproxy.sys (file missing) R1 Null - c:\windows\system32\drivers\null.sys (file missing) R1 Psched (QoS-Paketplaner) - c:\windows\system32\drivers\pacer.sys (file missing) R1 rdbss (Umgeleitetes Puffersubsystem) - c:\windows\system32\drivers\rdbss.sys (file missing) R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing) R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing) R1 RDPREFMP (Reflector Display Driver used to gain access to graphics data) - c:\windows\system32\drivers\rdprefmp.sys (file missing) R1 tdx (NetIO-Legacy-TDI-Supporttreiber) - c:\windows\system32\drivers\tdx.sys (file missing) R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing) R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing) R1 Wanarpv6 (Remotezugriff-IPv6-ARP-Treiber) - c:\windows\system32\drivers\wanarp.sys (file missing) R1 WfpLwf (WFP Lightweight Filter) - c:\windows\system32\drivers\wfplwf.sys (file missing) R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing) R2 luafv (UAC-Dateivirtualisierung) - c:\windows\system32\drivers\luafv.sys (file missing) R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing) R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing) R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing) R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing) R3 1394ohci (OHCI-konformer 1394-Hostcontroller) - c:\windows\system32\drivers\1394ohci.sys (file missing) R3 a2exec (a-squared OnExecution scan driver.) - \??\c:\program files (x86)\a-squared anti-malware\a2exec64.sys R3 BDFM - c:\windows\system32\drivers\bdfm.sys (file missing) R3 bowser (Browsersupporttreiber) - c:\windows\system32\drivers\bowser.sys (file missing) R3 CompositeBus (Composite Bus Enumerator Driver) - c:\windows\system32\drivers\compositebus.sys (file missing) R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing) R3 e1kexpress (Intel(R) PRO/1000 PCI Express Network Connection Driver K) - c:\windows\system32\drivers\e1k62x64.sys (file missing) R3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing) R3 GDMnIcpt - c:\windows\system32\drivers\miniicpt.sys (file missing) R3 GDPkIcpt - c:\windows\system32\drivers\pkticpt.sys (file missing) R3 GearAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys (file missing) R3 HCW85BDA (Hauppauge WinTV 885 Video Capture) - c:\windows\system32\drivers\hcw85bda.sys (file missing) R3 HDAudBus (Microsoft-UAA-Bustreiber für High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing) R3 HidUsb (Microsoft HID Class-Treiber) - c:\windows\system32\drivers\hidusb.sys (file missing) R3 HookCentre - c:\windows\system32\drivers\hookcentre.sys (file missing) R3 HTTP - c:\windows\system32\drivers\http.sys (file missing) R3 i8042prt (i8042-Tastatur- und PS/2-Mausanschluss-Treiber) - c:\windows\system32\drivers\i8042prt.sys (file missing) R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkvhd64.sys (file missing) R3 intelppm (Intel-Prozessortreiber) - c:\windows\system32\drivers\intelppm.sys (file missing) R3 kbdclass (Tastaturklassentreiber) - c:\windows\system32\drivers\kbdclass.sys (file missing) R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing) R3 monitor (Microsoft Monitor-Klassenfunktionstreiber-Dienst) - c:\windows\system32\drivers\monitor.sys (file missing) R3 mouclass (Mausklassentreiber) - c:\windows\system32\drivers\mouclass.sys (file missing) R3 mpsdrv (Windows-Firewallautorisierungstreiber) - c:\windows\system32\drivers\mpsdrv.sys (file missing) R3 mrxsmb (SMB-Miniredirector-Wrapper und -Modul) - c:\windows\system32\drivers\mrxsmb.sys (file missing) R3 mrxsmb10 (SMB 1.x-Miniredirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing) R3 mrxsmb20 (SMB 2.0-Miniredirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing) R3 NdisTapi (RAS-NDIS-TAPI-Treiber) - c:\windows\system32\drivers\ndistapi.sys (file missing) R3 NdisWan (RAS-NDIS-WAN-Treiber) - c:\windows\system32\drivers\ndiswan.sys (file missing) R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing) R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing) R3 NVHDA (Service for NVIDIA High Definition Audio Driver) - c:\windows\system32\drivers\nvhda64v.sys (file missing) R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing) R3 PptpMiniport (WAN-Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing) R3 RasAgileVpn (WAN Miniport (IKEv2)) - c:\windows\system32\drivers\agilevpn.sys (file missing) R3 Rasl2tp (WAN-Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing) R3 RasPppoe (Remotezugriff-PPPOE-Treiber) - c:\windows\system32\drivers\raspppoe.sys (file missing) R3 RasSstp (WAN-Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing) R3 srv (Server-SMB-Treiber 1.xxx) - c:\windows\system32\drivers\srv.sys (file missing) R3 srv2 (Server-SMB-Treiber 2.xxx) - c:\windows\system32\drivers\srv2.sys (file missing) R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing) R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing) R3 tunnel (Microsoft-Tunnelminiport-Adaptertreiber) - c:\windows\system32\drivers\tunnel.sys (file missing) R3 umbus (UMBusenumerator-Treiber) - c:\windows\system32\drivers\umbus.sys (file missing) R3 usbccgp (Microsoft Standard-USB-Haupttreiber) - c:\windows\system32\drivers\usbccgp.sys (file missing) R3 usbehci (Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller) - c:\windows\system32\drivers\usbehci.sys (file missing) R3 usbhub (Microsoft USB-Standardhubtreiber) - c:\windows\system32\drivers\usbhub.sys (file missing) R3 USBSTOR (USB-Massenspeichertreiber) - c:\windows\system32\drivers\usbstor.sys (file missing) R3 WmBEnum (Logitech Virtual Bus Enumerator Driver) - c:\windows\system32\drivers\wmbenum.sys (file missing) R3 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing) R3 WmXlCore (Logitech Translation Layer Driver) - c:\windows\system32\drivers\wmxlcore.sys (file missing) R3 WudfPf (User Mode Driver Frameworks Platform Driver) - c:\windows\system32\drivers\wudfpf.sys (file missing) R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing) R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing) S1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing) S3 AcpiPmi (ACPI Power Meter Driver) - c:\windows\system32\drivers\acpipmi.sys (file missing) S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing) S3 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing) S3 AmdPPM (AMD Processor Driver) - c:\windows\system32\drivers\amdppm.sys (file missing) S3 AppID (Anwendungs-ID-Treiber) - c:\windows\system32\drivers\appid.sys (file missing) S3 AsyncMac (Asynchroner RAS -Medientreiber) - c:\windows\system32\drivers\asyncmac.sys (file missing) S3 b06bdrv (Broadcom NetXtreme II VBD) - c:\windows\system32\drivers\bxvbda.sys (file missing) S3 b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0) - c:\windows\system32\drivers\b57nd60a.sys (file missing) S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing) S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing) S3 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing) S3 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing) S3 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing) S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing) S3 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing) S3 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing) S3 CmBatt (Microsoft ACPI Control Method Battery Driver) - c:\windows\system32\drivers\cmbatt.sys (file missing) S3 drmkaud (Microsoft Trusted Audio Drivers) - c:\windows\system32\drivers\drmkaud.sys (file missing) S3 ebdrv (Broadcom NetXtreme II 10 GigE VBD) - c:\windows\system32\drivers\evbda.sys (file missing) S3 ErrDev (Microsoft Hardware Error Device Driver) - c:\windows\system32\drivers\errdev.sys (file missing) S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing) S3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing) S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing) S3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing) S3 FsDepends (File System Dependency Minifilter) - c:\windows\system32\drivers\fsdepends.sys (file missing) S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing) S3 hcw85cir (Hauppauge Consumer Infrared Receiver) - c:\windows\system32\drivers\hcw85cir.sys (file missing) S3 HdAudAddService (Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst) - c:\windows\system32\drivers\hdaudio.sys (file missing) S3 HidBatt (HID UPS Battery Driver) - c:\windows\system32\drivers\hidbatt.sys (file missing) S3 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing) S3 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing) S3 IpFilterDriver (Filtertreiber für IP-Datenverkehr) - c:\windows\system32\drivers\ipfltdrv.sys (file missing) S3 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing) S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing) S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing) S3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing) S3 kbdhid (Tastatur-HID-Treiber) - c:\windows\system32\drivers\kbdhid.sys (file missing) S3 Modem - c:\windows\system32\drivers\modem.sys (file missing) S3 mouhid (Maus-HID-Treiber) - c:\windows\system32\drivers\mouhid.sys (file missing) S3 MRxDAV (Redirector-Treiber für WebDav-Client) - c:\windows\system32\drivers\mrxdav.sys (file missing) S3 mshidkmdf (Pass-through HID to KMDF Filter Driver) - c:\windows\system32\drivers\mshidkmdf.sys (file missing) S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing) S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing) S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing) S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing) S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing) S3 MTConfig (Microsoft Input Configuration Driver) - c:\windows\system32\drivers\mtconfig.sys (file missing) S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing) S3 NdisCap (NDIS Capture LightWeight Filter) - c:\windows\system32\drivers\ndiscap.sys (file missing) S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing) S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing) S3 ohci1394 (1394 OHCI Compliant Host Controller (Legacy)) - c:\windows\system32\drivers\ohci1394.sys (file missing) S3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing) S3 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing) S3 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing) S3 QWAVEdrv (QWAVE-Treiber) - c:\windows\system32\drivers\qwavedrv.sys (file missing) S3 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing) S3 rdpbus (Remote Desktop Device Redirector Bus Driver) - c:\windows\system32\drivers\rdpbus.sys (file missing) S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing) S3 scfilter (Filtertreiber für Smartcards der Plug & Play-Klasse) - c:\windows\system32\drivers\scfilter.sys (file missing) S3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing) S3 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing) S3 sffdisk (SFF-Speicherklassentreiber) - c:\windows\system32\drivers\sffdisk.sys (file missing) S3 sffp_mmc (SFF-Speicherprotokolltreiber für MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing) S3 sffp_sd (SFF-Speicherprotokolltreiber für SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing) S3 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing) S3 Smb (Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung)) - c:\windows\system32\drivers\smb.sys (file missing) S3 TCPIP6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing) S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing) S3 tssecsrv (Remote Desktop Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing) S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing) S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing) S3 UmPass (Microsoft UMPass Driver) - c:\windows\system32\drivers\umpass.sys (file missing) S3 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing) S3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing) S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing) S3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing) S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing) S3 vhdmp - c:\windows\system32\drivers\vhdmp.sys (file missing) S3 vwifibus (Virtueller WiFi-Bustreiber) - c:\windows\system32\drivers\vwifibus.sys (file missing) S3 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing) S3 WANARP (Remotezugriff-IP-ARP-Treiber) - c:\windows\system32\drivers\wanarp.sys (file missing) S3 WmFilter (Logitech Gaming HID Filter Driver) - c:\windows\system32\drivers\wmfilter.sys (file missing) S3 WmVirHid (Logitech Virtual Hid Device Driver) - c:\windows\system32\drivers\wmvirhid.sys (file missing) S4 avc3 - c:\windows\system32\drivers\avc3.sys (file missing) S4 avckf - c:\windows\system32\drivers\avckf.sys (file missing) S4 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing) S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing) S4 ws2ifsl (Winsock-IFS-Treiber) - c:\windows\system32\drivers\ws2ifsl.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 a2AntiMalware (a-squared Anti-Malware Service) - "c:\program files (x86)\a-squared anti-malware\a2service.exe" <Not Verified; Emsi Software GmbH; a-squared> R2 AVKService (G Data Scheduler) - c:\program files (x86)\g data\internetsecurity\avk\avkservice.exe R2 AVKWCtl (G Data Filesystem Monitor) - c:\program files (x86)\g data\internetsecurity\avk\avkwctlx64.exe R2 Greg_Service (GRegService) - c:\program files (x86)\packard bell\registration\greghsrw.exe R2 Nero BackItUp Scheduler 4.0 - c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe R2 nvsvc (NVIDIA Display Driver Service) - c:\windows\system32\nvvsvc.exe (file missing) R2 SamSs (Sicherheitskonto-Manager) - c:\windows\system32\lsass.exe (file missing) R2 Spooler (Druckwarteschlange) - c:\windows\system32\spoolsv.exe (file missing) R3 GDFwSvc (G Data Personal Firewall) - c:\program files (x86)\g data\internetsecurity\firewall\gdfwsvcx64.exe R3 VSS (Volumeschattenkopie) - c:\windows\system32\vssvc.exe (file missing) S2 sppsvc (Software Protection) - c:\windows\system32\sppsvc.exe (file missing) S3 AdobeActiveFileMonitor7.0 (Adobe Active File Monitor V7) - c:\program files (x86)\adobe\photoshop elements 7.0\photoshopelementsfileagent.exe S3 ALG (Gatewaydienst auf Anwendungsebene) - c:\windows\system32\alg.exe (file missing) S3 EFS (Verschlüsselndes Dateisystem (EFS)) - c:\windows\system32\lsass.exe (file missing) S3 FLEXnet Licensing Service - "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 KeyIso (CNG-Schlüsselisolation) - c:\windows\system32\lsass.exe (file missing) S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing) S3 Netlogon (Anmeldedienst) - c:\windows\system32\lsass.exe (file missing) S3 ProtectedStorage (Geschützter Speicher) - c:\windows\system32\lsass.exe (file missing) S3 RpcLocator (RPC-Locator) - c:\windows\system32\locator.exe (file missing) S3 SNMPTRAP (SNMP-Trap) - c:\windows\system32\snmptrap.exe (file missing) S3 Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe /runasservice S3 UI0Detect (Erkennung interaktiver Dienste) - c:\windows\system32\ui0detect.exe (file missing) S3 VaultSvc (Anmeldeinformationsverwaltung) - c:\windows\system32\lsass.exe (file missing) S3 vds (Virtueller Datenträger) - c:\windows\system32\vds.exe (file missing) S3 wbengine (Blockebenen-Sicherungsmodul) - "c:\windows\system32\wbengine.exe" (file missing) S3 wmiApSrv (WMI-Leistungsadapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing) S4 Fax - c:\windows\system32\fxssvc.exe (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2010-12-17 23:05:50 1112 --a------ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2010-12-17 12:31:00 1116 --a------ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job -- Files created between 2010-11-17 and 2010-12-17 ----------------------------- 2010-12-17 23:20:01 0 d-------- C:\VundoFix Backups 2010-12-15 23:06:29 0 d-------- C:\Users\All Users\BitDefender 2010-12-15 23:06:23 58897 --a------ C:\Users\All Users\bdinstall.bin 2010-12-15 23:04:30 0 d-------- C:\Program Files (x86)\a-squared Anti-Malware 2010-12-15 12:10:02 0 d-------- C:\Program Files (x86)\Trend Micro 2010-12-13 12:23:51 0 d-------- C:\Program Files (x86)\LucasArts 2010-11-24 05:17:01 0 d-------- C:\Program Files (x86)\Almightysoft -- Find3M Report --------------------------------------------------------------- 2010-12-17 23:29:25 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\Free Download Manager 2010-12-17 23:19:12 0 d-------- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-12-16 13:02:41 0 d-------- C:\Program Files (x86)\Windows Mail 2010-12-16 12:41:00 0 d-------- C:\Program Files (x86)\Microsoft Silverlight 2010-12-16 12:40:17 0 d-------- C:\Program Files (x86)\Microsoft Works 2010-12-16 12:29:41 0 d-------- C:\Program Files (x86)\Steam 2010-12-15 23:18:05 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\BitDefender 2010-12-15 23:06:47 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\QuickScan 2010-12-14 23:03:09 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\ICQ 2010-12-13 12:24:15 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information 2010-12-10 17:43:06 0 d-------- C:\Program Files (x86)\JDownloader 2010-11-24 23:54:00 0 d-------- C:\Program Files (x86)\Microsoft.NET 2010-11-18 10:23:43 0 d-------- C:\Program Files (x86)\Common Files\Steam 2010-11-14 19:08:01 0 d-------- C:\Program Files (x86)\ICQ7.2 2010-10-31 17:31:05 0 d-------- C:\Program Files (x86)\Common Files 2010-10-31 17:30:36 0 d-------- C:\Program Files (x86)\Java 2010-10-18 12:16:53 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\AVG -- Registry Dump --------------------------------------------------------------- -- End of Deckard's System Scanner: finished at 2010-12-17 23:32:30 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows 7 Home Premium (build 7600) Architecture: X64; Language: German CPU 0: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz Percentage of Memory in Use: 30% Physical Memory (total/avail): 6135.11 MiB / 4275.31 MiB Pagefile Memory (total/avail): 12268.36 MiB / 10138.46 MiB Virtual Memory (total/avail): 4095.88 MiB / 3804.34 MiB C: is Fixed (NTFS) - 457.95 GiB total, 358.55 GiB free. D: is Fixed (NTFS) - 458.46 GiB total, 223.47 GiB free. E: is CDROM (CDFS) F: is Fixed (FAT32) - 931.28 GiB total, 772.06 GiB free. G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) J: is Removable (No Media) K: is Removable (No Media) \\.\PHYSICALDRIVE0 - WDC WD10EADS-00M2B0 ATA Device - 931.51 GiB - 4 partitions \PARTITION0 - Unknown - 15 GiB \PARTITION1 (bootable) - Installierbares Dateisystem - 100 MiB \PARTITION2 - Installierbares Dateisystem - 457.95 GiB - C: \PARTITION3 - Installierbares Dateisystem - 458.46 GiB - D: \\.\PHYSICALDRIVE2 - Generic- Compact Flash USB Device \\.\PHYSICALDRIVE6 - Generic- MicroSD USB Device \\.\PHYSICALDRIVE5 - Generic- MS/MS-Pro/HG USB Device \\.\PHYSICALDRIVE4 - Generic- SD/MMC USB Device \\.\PHYSICALDRIVE3 - Generic- xD-Picture USB Device \\.\PHYSICALDRIVE1 - WD 10EACS External USB Device - 931.51 GiB - 1 partition \PARTITION0 - Unknown - 931.51 GiB - F: -- Security Center ------------------------------------------------------------- Windows Internal Firewall is disabled. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\MediaMarkt\AppData\Roaming CLASSPATH=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=PC ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\MediaMarkt LOCALAPPDATA=C:\Users\MediaMarkt\AppData\Local LOGONSERVER=\\PC NUMBER_OF_PROCESSORS=4 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=1e05 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PROMPT=$P$G PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC=C:\Users\Public QTJAVA=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\MEDIAM~1\AppData\Local\Temp TMP=C:\Users\MEDIAM~1\AppData\Local\Temp USERDOMAIN=PC USERNAME=MediaMarkt USERPROFILE=C:\Users\MediaMarkt windir=C:\Windows -- User Profiles --------------------------------------------------------------- MediaMarkt -- Add/Remove Programs --------------------------------------------------------- --> MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} a-squared Anti-Malware 3.5 - 9x Edition --> "C:\Program Files (x86)\a-squared Anti-Malware\unins000.exe" Acrobat.com --> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Adobe AIR --> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR --> MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Photoshop Elements 7.0 --> msiexec /i {5511C07D-A83C-45AD-92B6-42DF99729A3C} Adobe Photoshop Elements 7.0 --> msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B} Adobe Photoshop Elements 7.0 --> msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B} Adobe Reader 9.1 MUI --> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} Advertising Center --> MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d} Apple Application Support --> MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update --> MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AVG PC Tuneup 2011 --> "C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\unins000.exe" Choice Guard --> MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Compatibility Pack für 2007 Office System --> MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE} Desktop-Lupe 1.8 --> C:\Program Files (x86)\Almightysoft\DesktopLupe\uninst.exe Free Download Manager 2.5 --> "C:\Program Files (x86)\Free Download Manager\unins000.exe" G Data InternetSecurity SE --> MsiExec.exe /I{D729E05E-B2B9-4DC4-AF57-47310576EDE0} Google Earth --> MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008} Google Toolbar for Internet Explorer --> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall Google Toolbar for Internet Explorer --> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper --> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2 --> "C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall ICQ7.2 --> "C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly Identity Card --> C:\Program Files (x86)\Packard Bell\Identity Card\Uninstall.exe Java(TM) 6 Update 22 --> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} JDownloader --> C:\Program Files (x86)\JDownloader\uninstall.exe Junk Mail filter update --> MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} MAGIX Fotobuch 3.6 --> C:\Program Files (x86)\MAGIX\MAGIX Fotobuch\uninstall.exe MAGIX Media Suite --> C:\Program Files (x86)\MAGIX\MediaSuite2009\unwise.exe MAGIX Ringtone Maker SE --> C:\Program Files (x86)\MAGIX\Ringtone_Maker_2007_SE\unwise.exe Malwarebytes' Anti-Malware --> "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Medieval II Total War --> C:\Program Files (x86)\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\Setup.exe -runfromtemp -l0x0007 -removeonly Metaboli --> C:\Program Files (x86)\Packard Bell\metaboli\Uninstall.exe Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0100-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0101-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office Access MUI (German) 2007 --> MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Groove MUI (German) 2007 --> MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE} Microsoft Office Home and Student 2007 --> "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office InfoPath MUI (German) 2007 --> MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE} Microsoft Office Language Pack 2007 - German/Deutsch --> "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.DE-DE /dll OSETUP.DLL Microsoft Office O MUI (German) 2007 --> MsiExec.exe /X{90120000-0100-0407-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE} Microsoft Office Outlook MUI (German) 2007 --> MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (German) --> MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2} Microsoft Office Publisher MUI (German) 2007 --> MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0017-0407-0000-0000000FF1CE} /uninstall {0B9EAEAC-F271-45DC-BDCB-06ABEEF19825} Microsoft Office SharePoint Designer MUI (German) 2007 --> MsiExec.exe /X{90120000-0017-0407-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant --> MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Office X MUI (German) 2007 --> MsiExec.exe /X{90120000-0101-0407-0000-0000000FF1CE} Microsoft Silverlight --> MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 --> MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 --> MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 --> MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works --> MsiExec.exe /I{62F7DA7E-CCCB-439C-A760-00C3926E761F} Mozilla Firefox (3.6.13) --> C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MP3 Ringtone Extractor 1.1 --> "C:\Program Files (x86)\MP3 Ringtone Extractor\unins000.exe" MSVCRT --> MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430) --> MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688) --> MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} mufin player --> C:\Program Files (x86)\MAGIX\mufin_player\unwise.exe Napoleon: Total War --> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34030 Nero 9 Essentials --> C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="2M02-K09C-T30X-9E87-48UX-1MAM-EA5W-8AA2-TWPP-P288-2T15-1Z5L-7M8L-8H4Z-8800" Nero ControlCenter --> MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} Nero ControlCenter --> MsiExec.exe /X{f4041dce-3fe1-4e18-8a9e-9de65231ee36} Nero DiscSpeed --> MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c} Nero DiscSpeed Help --> MsiExec.exe /X{cc019e3f-59d2-4486-8d4b-878105b62a71} Nero DriveSpeed --> MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a} Nero DriveSpeed Help --> MsiExec.exe /X{e5c7d048-f9b4-4219-b323-8bdb01a2563d} Nero Express Help --> MsiExec.exe /X{83202942-84b3-4c50-8622-b8c0aa2d2885} Nero InfoTool --> MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139} Nero InfoTool Help --> MsiExec.exe /X{20400dbd-e6db-45b8-9b6b-1dd7033818ec} Nero Installer --> MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff} Nero Move it --> MsiExec.exe /X{248e4799-db04-4b1a-902c-194669f995ce} Nero Move it Essentials --> C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="4M08-80A5-CUL8-55XT-M40W-X4E5-2MCZ-T0TL" Nero Move it Help --> MsiExec.exe /X{defa5390-8533-47b5-81f7-3816916bdc6f} Nero Online Upgrade --> MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d} Nero StartSmart --> MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2} Nero StartSmart Help --> MsiExec.exe /X{2348b586-c9ae-46ce-936c-a68e9426e214} Nero StartSmart OEM --> MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} NeroExpress --> MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX --> MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974} Packard Bell InfoCentre --> C:\Program Files (x86)\Packard Bell\InfoCentre\Uninstall.exe Packard Bell Photo Frame 4.2.3.10 --> C:\Program Files (x86)\Packard Bell Photo Frame\uninst.exe Packard Bell Recovery Management --> "C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x407 -removeonly Packard Bell Registration --> C:\Program Files (x86)\Packard Bell\Registration\Uninstall.exe Packard Bell ScreenSaver --> C:\Program Files (x86)\Packard Bell\Screensaver\Uninstall.exe Packard Bell Software Suite SE --> C:\Program Files (x86)\Packard Bell\Software Suite SE\Uninstall.exe Packard Bell Updater --> "C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x407 -removeonly QuickTime --> MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D} Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly S.T.A.L.K.E.R. - Shadow of Chernobyl --> "C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe" Security Update for 2007 Microsoft Office System (KB2288621) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB2288931) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263} Security Update for 2007 Microsoft Office System (KB2289158) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16} Security Update for 2007 Microsoft Office System (KB2344875) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} Security Update for 2007 Microsoft Office System (KB2345043) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B} Security Update for 2007 Microsoft Office System (KB969559) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) --> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft Office Excel 2007 (KB2345035) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1} Security Update for Microsoft Office InfoPath 2007 (KB979441) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office PowerPoint 2007 (KB982158) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office PowerPoint Viewer (KB2413381) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9} Security Update for Microsoft Office system 2007 (972581) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2344993) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} Serif DrawPlus X2 --> MsiExec.exe /I{3A438F62-00EE-4422-906B-6D9E107FC33F} Serif PhotoPlus X2 --> MsiExec.exe /I{9DCFC564-606E-424F-8A1C-56DD14908AF6} Sid Meier's Civilization V --> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/8930 Spybot - Search & Destroy --> "C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" Star Wars Battlefront II --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x7 -removeonly StarCraft II --> C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Update für Microsoft Office Excel 2007 Help (KB963678) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF} Update für Microsoft Office Outlook 2007 Help (KB963677) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30} Update für Microsoft Office Powerpoint 2007 Help (KB963669) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96} Update für Microsoft Office Word 2007 Help (KB963665) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1} Update for 2007 Microsoft Office System (KB2284654) --> msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A} Update for 2007 Microsoft Office System (KB967642) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 Help for Common Features (KB963673) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office Excel 2007 Help (KB963678) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office OneNote 2007 (KB980729) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office OneNote 2007 Help (KB963670) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Powerpoint 2007 Help (KB963669) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Script Editor Help (KB963671) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 Help (KB963665) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} VLC media player 1.1.4 --> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Welcome Center --> C:\Program Files (x86)\Packard Bell\Welcome Center\Uninstall.exe Winamp --> "C:\Program Files (x86)\Winamp\UninstWA.exe" Winamp Erkennungs-Plug-in --> C:\Program Files (x86)\Winamp Detect\UninstWaDetect.exe Windows Live-Uploadtool --> MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live Communications Platform --> MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials --> C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials --> MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19} Windows Live Fotogalerie --> MsiExec.exe /X{119B7481-0216-40D2-A5CC-C3E1F461ECC1} Windows Live Mail --> MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC} Windows Live Sync --> MsiExec.exe /X{ED636101-1959-4360-8BF7-209436E7DEE4} Windows Live Writer --> MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4} -- Application Event Log ------------------------------------------------------- Event Record #/Type15705 / Success Event Submitted/Written: 12/17/2010 11:13:58 PM Event ID/Source: 903 / Software Protection Platform Service Event Description: Der Softwareschutzdienst wurde beendet. Event Record #/Type15704 / Success Event Submitted/Written: 12/17/2010 11:08:58 PM Event ID/Source: 902 / Software Protection Platform Service Event Description: Der Softwareschutzdienst wurde gestartet. 6.1.7600.16385 Event Record #/Type15692 / Success Event Submitted/Written: 12/17/2010 11:05:50 PM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type15691 / Success Event Submitted/Written: 12/17/2010 11:05:50 PM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type15680 / Success Event Submitted/Written: 12/17/2010 00:10:39 PM Event ID/Source: 903 / Software Protection Platform Service Event Description: Der Softwareschutzdienst wurde beendet. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type55857 / Error Event Submitted/Written: 12/17/2010 11:26:20 PM Event ID/Source: 7000 / Service Control Manager Event Description: Der Dienst "MBAMCatchMe" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Event Record #/Type55856 / Error Event Submitted/Written: 12/17/2010 11:26:20 PM Event ID/Source: 1060 / Application Popup Event Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mbamcatchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Event Record #/Type55852 / Error Event Submitted/Written: 12/17/2010 11:22:10 PM Event ID/Source: 7000 / Service Control Manager Event Description: Der Dienst "MBAMCatchMe" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Event Record #/Type55851 / Error Event Submitted/Written: 12/17/2010 11:22:10 PM Event ID/Source: 1060 / Application Popup Event Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mbamcatchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Event Record #/Type55845 / Warning Event Submitted/Written: 12/17/2010 11:14:05 PM Event ID/Source: 4101 / Display Event Description: Der Anzeigetreiber "nvlddmkm" reagiert nicht mehr und wurde wiederhergestellt. -- End of Deckard's System Scanner: finished at 2010-12-17 23:32:30 ------------ |
|
17.12.2010, 23:36
| #7 |
| | malware,trojaner,oder doch nur paranoia ;)? OTLOTL Logfile: Code:
ATTFilter OTL logfile created on: 17.12.2010 23:25:16 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = F:\ 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free 12,00 Gb Paging File | 10,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,95 Gb Total Space | 358,78 Gb Free Space | 78,34% Space Free | Partition Type: NTFS Drive D: | 458,46 Gb Total Space | 223,47 Gb Free Space | 48,74% Space Free | Partition Type: NTFS Drive E: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 931,28 Gb Total Space | 771,47 Gb Free Space | 82,84% Space Free | Partition Type: FAT32 Computer Name: PC | User Name: MediaMarkt | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.12.17 23:23:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2010.12.10 19:32:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.09.23 12:13:06 | 000,751,432 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe PRC - [2009.12.07 14:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe PRC - [2009.11.26 12:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe PRC - [2009.09.24 09:50:56 | 001,124,424 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2009.09.18 14:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2009.09.10 11:41:38 | 002,356,256 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe PRC - [2009.09.04 02:56:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009.08.08 11:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2009.07.20 22:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe PRC - [2009.06.15 04:22:00 | 000,537,120 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe PRC - [2009.06.04 21:48:00 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009.06.04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008.09.21 12:52:40 | 002,131,600 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe PRC - [2008.09.21 12:52:40 | 000,380,536 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe PRC - [2008.05.27 23:07:10 | 000,214,528 | ---- | M] (Atribune.org) -- F:\Moi\BigT\VundoFix.exe PRC - [2008.05.05 20:46:30 | 001,179,256 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2008.01.22 14:13:52 | 002,449,455 | ---- | M] (FreeDownloadManager.ORG) -- C:\PROGRA~2\FREEDO~1\fdm.exe ========== Modules (SafeList) ========== MOD - [2010.12.17 23:23:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe MOD - [2010.12.15 23:20:55 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_net.m32 MOD - [2010.12.15 23:20:54 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_extra.m32 MOD - [2010.12.15 23:20:53 | 000,286,720 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_nt.m32 MOD - [2010.12.15 23:20:53 | 000,155,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_base.m32 MOD - [2010.12.15 23:20:52 | 000,667,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_fragments.m32 MOD - [2010.12.15 23:20:52 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\midas32.dll MOD - [2010.12.15 23:20:52 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_registry.m32 MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.12.08 19:03:42 | 000,116,224 | ---- | M] (BitDefender SRL) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\leaktests.m32 ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.12.15 23:20:14 | 002,612,208 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV) SRV:64bit: - [2010.12.15 23:19:48 | 000,051,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv) SRV - [2010.11.17 23:34:50 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.10.11 18:48:24 | 000,467,248 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Programme\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.07 14:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2009.11.26 12:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan) SRV - [2009.11.25 02:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2009.11.25 02:05:05 | 001,664,560 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2009.10.28 22:05:19 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.08.08 11:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.04 21:48:00 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.06.04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2008.12.08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2008.09.21 12:52:40 | 000,380,536 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.08.24 19:30:21 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2010.08.24 19:30:08 | 000,057,288 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2010.08.24 11:57:34 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2010.08.24 11:57:29 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2010.07.09 14:08:16 | 000,388,168 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr) DRV:64bit: - [2010.06.28 11:55:44 | 001,040,976 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf) DRV:64bit: - [2010.06.28 11:55:38 | 000,692,816 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3) DRV:64bit: - [2010.05.13 15:52:08 | 000,162,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM) DRV:64bit: - [2009.10.28 21:59:10 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2009.09.04 03:14:27 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2009.07.14 17:46:48 | 001,708,800 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.26 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.06.22 04:05:58 | 000,273,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2008.02.23 02:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV:64bit: - [2008.01.24 23:08:34 | 000,057,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2008.01.24 23:08:24 | 000,015,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2008.01.24 23:08:04 | 000,032,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2008.01.24 23:07:54 | 000,022,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010.08.20 17:42:04 | 000,099,408 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf) DRV - [2008.04.11 09:20:06 | 000,010,608 | ---- | M] (Emsi Software GmbH) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\a-squared Anti-Malware\a2exec64.sys -- (a2exec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=181099" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.studivz.net/" FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.8.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2010.12.15 23:18:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.10 19:32:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.10 19:32:53 | 000,000,000 | ---D | M] [2010.08.24 12:00:27 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Extensions [2010.12.17 11:36:27 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions [2010.12.04 21:45:29 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.10.22 10:11:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.12.14 23:19:25 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.12.10 17:13:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.10.31 17:30:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.10.25 18:08:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.31 17:30:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.07.23 01:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.07.23 01:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.07.23 01:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.23 01:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.07.23 01:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2011\Antispam32\ietoolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [a-squared] C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe (Emsi Software GmbH) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG) O4 - HKLM..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe (IOI) O4 - HKCU..\Run: [Software Suite SE] C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.230 80.69.100.174 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe () O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.09.02 20:21:51 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{d666f874-c403-11de-a303-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d666f874-c403-11de-a303-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchBFII.exe -- [2005.09.23 23:54:10 | 000,557,056 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.17 23:20:01 | 000,000,000 | ---D | C] -- C:\VundoFix Backups [2010.12.16 12:38:32 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.12.16 12:38:32 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.12.16 12:38:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.12.16 12:38:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.12.16 12:38:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.12.16 12:38:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.12.16 12:38:16 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.12.16 12:38:16 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.12.16 12:38:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.12.16 12:38:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.12.16 12:38:16 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.12.16 12:38:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.12.16 12:38:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.12.16 12:38:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.12.16 12:38:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.12.16 12:38:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.12.16 12:38:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.12.16 12:38:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.12.16 12:37:36 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010.12.16 12:37:07 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010.12.16 12:37:07 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010.12.16 12:36:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010.12.16 12:36:58 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010.12.16 12:36:58 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010.12.16 12:36:58 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010.12.16 12:36:58 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010.12.16 12:36:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010.12.16 12:36:58 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010.12.16 12:36:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010.12.15 23:18:05 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\AppData\Roaming\BitDefender [2010.12.15 23:17:50 | 000,000,000 | ---D | C] -- C:\Programme\BitDefender [2010.12.15 23:06:47 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\AppData\Roaming\QuickScan [2010.12.15 23:06:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender [2010.12.15 23:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender [2010.12.15 23:06:23 | 000,388,168 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys [2010.12.15 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\a-squared Anti-Malware [2010.12.15 23:04:30 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\Documents\a-squared [2010.12.15 12:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010.12.13 12:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts [2010.11.24 05:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Almightysoft [2010.06.02 04:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\DSETUP.dll [2009.09.03 15:13:01 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2010.12.17 23:19:12 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.17 23:13:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.17 23:13:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.17 23:05:50 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.12.17 23:05:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.17 23:05:39 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys [2010.12.17 12:31:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.12.16 13:05:24 | 000,469,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.12.16 12:40:17 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk [2010.12.15 23:22:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\imblacklist.dat [2010.12.15 23:21:38 | 000,058,897 | ---- | M] () -- C:\ProgramData\bdinstall.bin [2010.12.15 23:19:22 | 000,000,415 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml [2010.12.15 23:18:08 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk [2010.12.15 23:04:39 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk [2010.12.15 12:10:02 | 000,002,105 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\HijackThis.lnk [2010.12.13 12:36:36 | 000,002,663 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Launch Gaming Software Profiler.lnk [2010.12.13 12:36:30 | 000,001,064 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Star Wars Battlefront II spielen.lnk [2010.12.05 02:37:57 | 500,629,830 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.11.29 21:00:51 | 002,933,472 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.11.29 21:00:51 | 001,279,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.29 21:00:51 | 000,835,576 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.11.29 21:00:51 | 000,740,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.29 21:00:51 | 000,005,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.11.24 05:17:03 | 000,001,175 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Desktop-Lupe.lnk ========== Files Created - No Company Name ========== [2010.12.17 23:19:11 | 000,027,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\mbamcatchme.sys [2010.12.17 23:19:11 | 000,015,864 | ---- | C] () -- C:\Windows\SysWow64\drivers\mbam.sys [2010.12.15 23:22:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\imblacklist.dat [2010.12.15 23:19:22 | 000,000,415 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml [2010.12.15 23:18:08 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk [2010.12.15 23:06:23 | 000,058,897 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2010.12.15 23:04:39 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk [2010.12.15 12:10:02 | 000,002,105 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\HijackThis.lnk [2010.12.13 12:36:36 | 000,002,663 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Launch Gaming Software Profiler.lnk [2010.12.13 12:36:30 | 000,001,064 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Star Wars Battlefront II spielen.lnk [2010.12.05 02:37:57 | 500,629,830 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.11.24 05:17:03 | 000,001,175 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Desktop-Lupe.lnk [2010.10.04 12:16:00 | 000,003,584 | ---- | C] () -- C:\Users\MediaMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.04 12:13:43 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll [2010.10.04 12:13:43 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\libfaac.dll [2010.10.04 12:13:42 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2010.09.10 16:35:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.07.08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Programme\Common Files\LinkInstaller.exe [2010.06.02 04:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab [2010.06.02 04:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab [2010.06.02 04:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x64.cab [2010.06.02 04:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x86.cab [2010.06.02 04:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x64.cab [2010.06.02 04:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x86.cab [2010.06.02 04:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x64.cab [2010.06.02 04:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x86.cab [2010.06.02 04:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab [2010.06.02 04:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab [2010.06.02 04:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab [2010.06.02 04:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x64.cab [2010.06.02 04:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x86.cab [2010.06.02 04:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x64.cab [2010.06.02 04:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x86.cab [2010.06.02 04:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab [2010.06.02 04:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x64.cab [2010.06.02 04:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x86.cab [2010.06.02 04:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x64.cab [2010.06.02 04:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x86.cab [2010.06.02 04:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab [2010.06.02 04:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab [2010.06.02 04:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab [2010.06.02 04:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab [2010.06.02 04:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x86.cab [2010.06.02 04:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x64.cab [2010.06.02 04:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x64.cab [2010.06.02 04:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x86.cab [2010.06.02 04:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x64.cab [2010.06.02 04:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x86.cab [2010.06.02 04:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab [2010.06.02 04:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab [2010.06.02 04:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab [2010.06.02 04:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab [2010.06.02 04:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x64.cab [2010.06.02 04:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x86.cab [2010.06.02 04:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x64.cab [2010.06.02 04:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x86.cab [2010.06.02 04:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab [2010.06.02 04:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab [2010.06.02 04:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab [2010.06.02 04:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x64.cab [2010.06.02 04:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x86.cab [2010.06.02 04:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab [2010.06.02 04:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab [2010.06.02 04:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab [2010.06.02 04:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x86.cab [2010.06.02 04:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x64.cab [2010.06.02 04:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x64.cab [2010.06.02 04:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x86.cab [2010.06.02 04:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab [2010.06.02 04:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab [2010.06.02 04:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab [2010.06.02 04:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab [2010.06.02 04:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab [2010.06.02 04:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 04:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 04:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab [2010.06.02 04:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x86.cab [2010.06.02 04:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab [2010.06.02 04:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab [2010.06.02 04:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab [2010.06.02 04:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab [2010.06.02 04:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x64.cab [2010.06.02 04:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x86.cab [2010.06.02 04:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x64.cab [2010.06.02 04:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x86.cab [2010.06.02 04:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x64.cab [2010.06.02 04:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x86.cab [2010.06.02 04:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab [2010.06.02 04:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab [2010.06.02 04:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab [2010.06.02 04:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab [2010.06.02 04:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab [2010.06.02 04:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x64.cab [2010.06.02 04:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x64.cab [2010.06.02 04:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x86.cab [2010.06.02 04:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab [2010.06.02 04:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x86.cab [2010.06.02 04:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x64.cab [2010.06.02 04:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x64.cab [2010.06.02 04:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x86.cab [2010.06.02 04:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x64.cab [2010.06.02 04:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x86.cab [2010.06.02 04:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x64.cab [2010.06.02 04:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x86.cab [2010.06.02 04:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x64.cab [2010.06.02 04:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x86.cab [2010.06.02 04:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab [2010.06.02 04:22:02 | 001,801,048 | ---- | C] () -- C:\Program Files (x86)\dsetup32.dll [2010.06.02 04:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab [2010.06.02 04:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab [2010.06.02 04:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab [2010.06.02 04:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab [2010.06.02 04:22:02 | 000,537,432 | ---- | C] () -- C:\Program Files (x86)\DXSETUP.exe [2010.06.02 04:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x64.cab [2010.06.02 04:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x86.cab [2010.06.02 04:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files (x86)\dxupdate.cab [2010.06.02 04:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files (x86)\dxdllreg_x86.cab [2010.06.02 04:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab [2010.06.02 04:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab [2010.06.02 04:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab [2010.06.02 04:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x64.cab [2010.06.02 04:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x86.cab [2010.06.02 04:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab [2010.06.02 04:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab [2010.06.02 04:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x64.cab [2010.06.02 04:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x86.cab [2010.06.02 04:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab [2010.06.02 04:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab [2010.06.02 04:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab [2010.06.02 04:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab [2010.06.02 04:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab [2010.06.02 04:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab [2010.06.02 04:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab [2010.06.02 04:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab [2010.06.02 04:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 04:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 04:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x64.cab [2010.06.02 04:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x86.cab [2010.06.02 04:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab [2010.06.02 04:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab [2010.06.02 04:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab [2010.06.02 04:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x64.cab [2010.06.02 04:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x86.cab [2010.06.02 04:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x64.cab [2010.06.02 04:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x86.cab [2010.06.02 04:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab [2010.06.02 04:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab [2010.06.02 04:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab [2010.06.02 04:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab [2010.06.02 04:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab [2010.06.02 04:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab [2010.06.02 04:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab [2010.06.02 04:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x64.cab [2010.06.02 04:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x86.cab [2010.06.02 04:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x64.cab [2010.06.02 04:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x86.cab [2010.06.02 04:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x86.cab [2010.06.02 04:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x86.cab [2010.06.02 04:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x64.cab [2010.06.02 04:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x86.cab [2010.06.02 04:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x64.cab [2010.06.02 04:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x64.cab [2010.06.02 04:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x64.cab [2010.06.02 04:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x86.cab [2010.06.02 04:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x86.cab [2010.06.02 04:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x64.cab [2010.06.02 04:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab [2010.06.02 04:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86.cab [2010.06.02 04:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x64.cab [2010.06.02 04:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x86.cab [2010.06.02 04:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab [2010.06.02 04:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab [2010.06.02 04:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab [2010.06.02 04:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab [2009.09.03 15:19:59 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2009.09.03 15:12:41 | 000,776,614 | ---- | C] () -- C:\Program Files (x86)\Common Files\packardbell.ico [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 17.12.2010 23:25:16 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = F:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,95 Gb Total Space | 358,78 Gb Free Space | 78,34% Space Free | Partition Type: NTFS
Drive D: | 458,46 Gb Total Space | 223,47 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Drive E: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 931,28 Gb Total Space | 771,47 Gb Free Space | 82,84% Space Free | Partition Type: FAT32
Computer Name: PC | User Name: MediaMarkt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %* File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{340A2AD6-0679-46DA-9180-DABBD5B36FD1}" = BitDefender Antivirus Pro 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ECDF0939-A653-44D0-8B8E-597B890F45EC}" = Logitech Gaming Software 5.02
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BitDefender" = BitDefender Antivirus Pro 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{248e4799-db04-4b1a-902c-194669f995ce}" = Nero Move it
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{3A438F62-00EE-4422-906B-6D9E107FC33F}" = Serif DrawPlus X2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3f6c76b9-ad6f-4674-82f6-46e491b21791}" = Nero 9 Essentials
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6e345bf7-2af5-4adc-901c-72941b68258b}" = Nero Move it Essentials
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DCFC564-606E-424F-8A1C-56DD14908AF6}" = Serif PhotoPlus X2
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{D729E05E-B2B9-4DC4-AF57-47310576EDE0}" = G Data InternetSecurity SE
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{defa5390-8533-47b5-81f7-3816916bdc6f}" = Nero Move it Help
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"a-squared Anti-Malware_is1" = a-squared Anti-Malware 3.5 - 9x Edition
"Desktop-Lupe" = Desktop-Lupe 1.8
"Free Download Manager_is1" = Free Download Manager 2.5
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"JDownloader" = JDownloader
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Media Suite D" = MAGIX Media Suite
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metaboli" = Metaboli
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP3 Ringtone Extractor_is1" = MP3 Ringtone Extractor 1.1
"mufin player D" = mufin player
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Photo Frame" = Packard Bell Photo Frame 4.2.3.10
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"StarCraft II" = StarCraft II
"Steam App 34030" = Napoleon: Total War
"Steam App 8930" = Sid Meier's Civilization V
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.11.2010 06:44:36 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CivilizationV.exe, Version: 1.0.0.62,
Zeitstempel: 0x4cc5a14e Name des fehlerhaften Moduls: MSVCP90.dll, Version: 9.0.30729.4926,
Zeitstempel: 0x4a1743c5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000d929 ID des fehlerhaften
Prozesses: 0xba8 Startzeit der fehlerhaften Anwendung: 0x01cb87025b7609fd Pfad der
fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\sid meier's
civilization v\CivilizationV.exe Pfad des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\MSVCP90.dll
Berichtskennung:
d56f0aac-f300-11df-8547-00016c71130c
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 19.11.2010 18:21:56 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 19.11.2010 18:21:57 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 19.11.2010 18:21:57 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
[ System Events ]
Error - 29.11.2010 15:50:32 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error - 29.11.2010 15:50:33 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error - 29.11.2010 15:50:33 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error - 29.11.2010 15:50:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error - 29.11.2010 16:04:46 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 04.12.2010 21:38:07 | Computer Name = PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?12.?2010 um 02:35:25 unerwartet heruntergefahren.
Error - 04.12.2010 21:38:17 | Computer Name = PC | Source = BugCheck | ID = 1001
Description =
Error - 11.12.2010 10:43:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 11.12.2010 10:43:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 11.12.2010 10:43:35 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
< End of report >
|
|
17.12.2010, 23:43
| #8 |
| | malware,trojaner,oder doch nur paranoia ;)? Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Datenbank Version: 5346 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 17.12.2010 23:43:17 mbam-log-2010-12-17 (23-43-17).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 156094 Laufzeit: 1 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
19.12.2010, 15:30
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | malware,trojaner,oder doch nur paranoia ;)?Zitat:
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.12.2010, 17:16
| #10 |
| | malware,trojaner,oder doch nur paranoia ;)? Malwarebytes' Anti-Malware 1.50 Malwarebytes Datenbank Version: 5346 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 19.12.2010 17:11:02 mbam-log-2010-12-19 (17-11-02).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Durchsuchte Objekte: 304857 Laufzeit: 49 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
19.12.2010, 17:18
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | malware,trojaner,oder doch nur paranoia ;)? Sieht alles unauffällig aus.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.12.2010, 07:45
| #12 |
| | malware,trojaner,oder doch nur paranoia ;)? danke,für die hilfe,arne.ich weiß deine mühe und den zeitaufwand zuschätzen. wünsche dir nen frohes fest,rutsch jut rein. bis denne cronolux |
|
| Themen zu malware,trojaner,oder doch nur paranoia ;)? |
| adobe, antivirus, avg, avg pc tuneup, bho, download, excel, explorer, firefox, firewall, frame, free download, google, hijack, hijackthis, internet, internet explorer, malware, mozilla, nvidia, packard bell, photoshop, plug-in, proxy, security, software, system, syswow64, trojaner, windows, wmp |
Linear-Darstellung
