| |
| |||||||
Log-Analyse und Auswertung: Internet seit Tagen extrem ausgebremstWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.12.2010, 00:34
| #16 |
 |  Internet seit Tagen extrem ausgebremstCode:
ATTFilter OTL logfile created on: 28.12.2010 00:41:13 - Run 3 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\***\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 581,17 Gb Total Space | 233,36 Gb Free Space | 40,15% Space Free | Partition Type: NTFS Drive D: | 14,99 Gb Total Space | 2,79 Gb Free Space | 18,64% Space Free | Partition Type: FAT32 Drive H: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.12.26 22:42:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2010.11.19 15:32:52 | 000,743,232 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010.11.19 15:31:52 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2010.09.01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.03.26 17:02:56 | 008,546,848 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2010.03.03 05:12:32 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010.03.03 05:11:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009.10.20 00:11:52 | 000,616,712 | ---- | M] (hxxp://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.10 22:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009.02.23 10:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2008.12.16 09:52:02 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Shared\Database2\bin\FABS.exe PRC - [2008.11.24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2008.11.24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2006.10.26 12:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe ========== Modules (SafeList) ========== MOD - [2010.12.26 22:42:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS) SRV - [2010.12.24 15:06:02 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010.11.19 15:31:52 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010.11.19 15:29:54 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010.11.05 19:44:16 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.08.18 00:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.05.06 08:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP) SRV - [2010.03.18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator) SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator) SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator) SRV - [2010.03.03 05:11:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.02.23 10:48:50 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2008.12.16 09:52:02 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe -- (Fabs) SRV - [2008.10.21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2008.08.07 09:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\***\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\AmdLLD.sys -- (AmdLLD) DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\DRIVERS\amdide.sys -- (amdide) DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2010.11.25 06:59:16 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2010.10.09 13:27:23 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010.10.09 13:27:21 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.10.08 20:44:38 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2010.03.26 17:24:58 | 003,048,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010.03.03 05:22:26 | 005,340,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2010.03.03 04:07:16 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010.02.24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010.01.25 16:55:07 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009.12.20 10:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009.10.14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2009.10.02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009.09.23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.09.14 13:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009.09.01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009.05.20 17:04:40 | 000,157,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008.12.26 11:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008.09.26 12:30:54 | 000,651,264 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2008.04.28 14:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.autohotkey.com/docs/Tutorial.htm" FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747 FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "hxxp://search.qip.ru/search?from=FF&query=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.12 19:35:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.28 00:02:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.10.08 20:45:48 | 000,000,000 | ---D | M] [2010.01.16 22:31:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.12.28 00:05:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions [2010.04.27 15:26:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.14 14:39:01 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010.12.24 21:32:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.11.03 19:31:51 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2010.04.27 15:26:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fr2rqa3m.default\extensions\youtube2mp3@mondayx.de [2010.03.10 18:05:01 | 000,002,288 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\fr2rqa3m.default\searchplugins\call-of-duty-wiki-en.xml [2010.12.05 20:51:42 | 000,002,062 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\fr2rqa3m.default\searchplugins\qip-search.xml [2010.12.28 00:00:40 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.18 02:48:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.12.28 00:00:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.10.08 20:47:04 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010.12.27 23:59:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.12.28 00:01:22 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.07.22 13:44:58 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.21 14:00:00 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.07.22 13:44:58 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.22 13:44:58 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.22 13:44:58 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.22 13:44:58 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\***\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\***\AppData\Roaming\FlashGetBHO\GetAllUrl.htm () O8 - Extra context menu item: Download by FlashGet3 - C:\Users\***\AppData\Roaming\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: 使用快车3下载 - C:\Users\***\AppData\Roaming\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\***\AppData\Roaming\FlashGetBHO\GetAllUrl.htm () O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE 10\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.02.25 16:24:44 | 000,000,051 | R--- | M] () - H:\autorun.inf -- [ UDF ] O33 - MountPoints2\{5f0589ac-02cd-11df-96cc-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5f0589ac-02cd-11df-96cc-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Installer.exe -- File not found O33 - MountPoints2\{645b992f-c8dd-11df-bb74-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{645b992f-c8dd-11df-bb74-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Install.exe -- [2004.10.21 19:38:02 | 000,126,976 | R--- | M] (Macrovision Corporation) O33 - MountPoints2\{fa799ce1-09cb-11df-a2a2-002421e021bd}\Shell - "" = AutoRun O33 - MountPoints2\{fa799ce1-09cb-11df-a2a2-002421e021bd}\Shell\AutoRun\command - "" = J:\MafiaLauncher.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.28 00:02:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Foxit [2010.12.28 00:01:53 | 000,000,000 | ---D | C] -- C:\Programme\Foxit Software [2010.12.28 00:00:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.28 00:00:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.28 00:00:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.27 23:50:19 | 003,738,880 | ---- | C] (Foxit Software) -- C:\Users\***\Desktop\FoxitReader30_enu_Setup.exe [2010.12.27 23:44:53 | 016,795,424 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\***\Desktop\jre-6u23-windows-i586-s.exe [2010.12.27 22:43:36 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\hijackthis(2).exe [2010.12.27 00:15:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\RootRepeal [2010.12.27 00:13:26 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\avira_antirootkit [2010.12.27 00:06:33 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\osam_autorun_manager_version_portable [2010.12.26 22:43:21 | 000,000,000 | ---D | C] -- C:\_OTL [2010.12.26 22:42:12 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.12.26 14:25:08 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client [2010.12.26 14:23:51 | 013,326,816 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Users\***\Desktop\TeamSpeak3-Client-win32-3.0.0-beta36.exe [2010.12.24 23:47:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ENBSeries Configurator for GTA San Andreas [2010.12.24 23:47:43 | 000,000,000 | ---D | C] -- C:\Programme\ENBSeries Configurator for GTA San Andreas [2010.12.24 22:23:11 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\TXD Workshop [2010.12.24 15:06:08 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010.12.24 15:06:05 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010.12.24 15:06:05 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010.12.24 15:05:27 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010 [2010.12.24 15:01:23 | 019,904,832 | ---- | C] (TuneUp Software) -- C:\Users\***\Desktop\TU2010TrialDE.exe [2010.12.23 21:20:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2010.12.23 21:20:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.23 21:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.12.23 21:20:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.23 21:20:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.12.23 21:17:53 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup.exe [2010.12.23 20:50:14 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis.exe [2010.12.23 12:18:59 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2010.12.23 12:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.12.23 10:55:41 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\GTA San Andreas User Files [2010.12.23 10:38:22 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games [2010.12.23 10:29:32 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\alle [2010.12.23 10:17:20 | 000,000,000 | ---D | C] -- C:\Programme\GAMI [2010.12.21 15:23:59 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Kakawurst [2010.12.17 08:37:34 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Hitman Blood Money [2010.12.17 08:28:38 | 000,000,000 | ---D | C] -- C:\Programme\Eidos [2010.12.17 08:17:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Hitman iso [2010.12.17 08:16:12 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Hitman [2010.12.16 22:40:41 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\test [2010.12.16 13:01:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DVDVideoSoft [2010.12.16 13:01:28 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft [2010.12.16 13:01:28 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DVDVideoSoft [2010.12.15 16:08:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.15 16:08:43 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.15 16:08:41 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.15 16:08:40 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.15 16:08:40 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.15 16:07:17 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.15 16:07:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.15 16:07:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.15 16:07:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.14 09:52:57 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2010.12.11 09:42:03 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\sacamhack12 [2010.12.11 09:36:22 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dx8vb.dll [2010.12.08 16:09:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Divinity 2 [2010.12.07 23:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2 [2010.12.07 23:10:28 | 000,000,000 | ---D | C] -- C:\Programme\Divinity II - Ego Draconis [2010.12.05 20:50:50 | 000,000,000 | ---D | C] -- C:\Programme\QIP 2010 [2010.12.05 08:58:39 | 000,000,000 | ---D | C] -- C:\Programme\Mafia [2010.12.05 08:56:01 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\eax.dll [2010.12.05 08:56:01 | 000,000,000 | ---D | C] -- C:\Programme\Creative [2010.12.05 08:55:59 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe [2010.12.03 18:14:56 | 000,000,000 | ---D | C] -- C:\Programme\Postal2 [2010.11.30 23:19:04 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2010.11.30 23:16:10 | 000,000,000 | ---D | C] -- C:\Programme\Postal2STP [2010.11.28 20:00:45 | 000,000,000 | ---D | C] -- C:\Programme\osu! [2010.11.28 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Downloaded Installations [2010.11.26 18:57:29 | 000,254,464 | ---- | C] (Mpath Interactive) -- C:\Programme\MPLAYNOW.EXE [2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll [2005.11.23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll ========== Files - Modified Within 30 Days ========== [2010.12.28 00:41:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-125589784-1136540592-1035784495-1004UA.job [2010.12.28 00:27:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.12.28 00:01:46 | 000,742,356 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.12.28 00:01:46 | 000,690,518 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.28 00:01:46 | 000,173,876 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.12.28 00:01:46 | 000,141,156 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.27 23:59:58 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.27 23:59:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.27 23:59:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.27 23:59:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.12.27 23:56:36 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.12.27 23:55:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.27 23:55:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.27 23:55:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.27 23:50:34 | 003,738,880 | ---- | M] (Foxit Software) -- C:\Users\***\Desktop\FoxitReader30_enu_Setup.exe [2010.12.27 23:49:16 | 000,132,597 | ---- | M] () -- C:\Users\***\Desktop\Flash_Disinfector(2).exe [2010.12.27 23:48:55 | 016,795,424 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\***\Desktop\jre-6u23-windows-i586-s.exe [2010.12.27 23:35:33 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010.12.27 22:44:17 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Desktop\hijackthis(2).exe [2010.12.27 20:49:35 | 000,000,287 | ---- | M] () -- C:\Users\***\Desktop\test script.ahk [2010.12.27 17:41:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-125589784-1136540592-1035784495-1004Core.job [2010.12.27 14:50:06 | 000,207,143 | ---- | M] () -- C:\Users\***\Desktop\test script.exe [2010.12.27 10:40:07 | 000,000,105 | ---- | M] () -- C:\Users\***\Desktop\hi.ahk [2010.12.27 01:48:10 | 000,041,355 | ---- | M] () -- C:\Users\***\Desktop\Logs.zip [2010.12.27 01:04:48 | 000,000,184 | ---- | M] () -- C:\Users\***\Desktop\Google.ahk [2010.12.27 00:15:09 | 000,465,298 | ---- | M] () -- C:\Users\***\Desktop\RootRepeal.rar [2010.12.27 00:13:00 | 000,089,324 | ---- | M] () -- C:\Users\***\Desktop\avira_antivir_antirootkit_en.zip [2010.12.26 22:55:14 | 385,498,455 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.12.26 22:42:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.12.26 16:10:29 | 000,296,448 | ---- | M] () -- C:\Users\***\Desktop\3wloftrm.exe [2010.12.26 14:25:09 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.12.26 14:24:50 | 013,326,816 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Users\***\Desktop\TeamSpeak3-Client-win32-3.0.0-beta36.exe [2010.12.25 19:03:17 | 000,002,710 | ---- | M] () -- C:\Users\***\.recently-used.xbel [2010.12.25 19:03:03 | 000,001,349 | ---- | M] () -- C:\Users\***\Desktop\muzzle_texture4.png [2010.12.25 17:25:33 | 000,444,416 | ---- | M] () -- C:\Users\***\Desktop\desert_eagle.txd [2010.12.25 16:21:19 | 000,001,271 | ---- | M] () -- C:\Users\***\Desktop\bloodpool_64.png [2010.12.25 14:40:56 | 000,040,960 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.25 11:42:14 | 000,000,287 | ---- | M] () -- C:\Users\***\Desktop\radardisc.png [2010.12.25 00:20:30 | 000,000,354 | ---- | M] () -- C:\Users\***\Desktop\radar_centre.png [2010.12.25 00:19:02 | 000,000,256 | ---- | M] () -- C:\Users\***\Desktop\siteM16.png [2010.12.24 23:46:11 | 004,866,209 | ---- | M] () -- C:\Users\***\Desktop\SAStreamMemFix.rar [2010.12.24 23:45:25 | 001,443,095 | ---- | M] () -- C:\Users\***\Desktop\ENB-Series-Configurator.rar [2010.12.24 22:22:44 | 000,430,455 | ---- | M] () -- C:\Users\***\Desktop\txdworkshop40.rar [2010.12.24 15:47:31 | 000,830,065 | ---- | M] () -- C:\Users\***\Desktop\3304_1122614819_Faggio.zip [2010.12.24 15:46:19 | 000,148,442 | ---- | M] () -- C:\Users\***\Desktop\11447_Stage 6 Aerox Engine Sounds.rar [2010.12.24 15:05:57 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2010.12.24 15:05:57 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010.12.24 15:02:59 | 019,904,832 | ---- | M] (TuneUp Software) -- C:\Users\***\Desktop\TU2010TrialDE.exe [2010.12.24 13:10:56 | 000,331,828 | ---- | M] () -- C:\Users\***\Desktop\undercover hud addon.rar [2010.12.23 22:42:54 | 000,381,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.12.23 22:04:18 | 000,030,547 | ---- | M] () -- C:\Users\***\Desktop\Log Dateien.zip [2010.12.23 22:01:00 | 000,030,419 | ---- | M] () -- C:\Users\***\Desktop\Log Dateien.rar [2010.12.23 21:20:28 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.23 21:20:09 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup.exe [2010.12.23 20:50:39 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis.exe [2010.12.23 10:54:04 | 009,408,623 | ---- | M] () -- C:\Users\***\Desktop\sa-downgrade patch 0.3.1.rar [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.16 22:13:32 | 000,001,624 | ---- | M] () -- C:\Users\***\Desktop\Deamon Tools.lnk [2010.12.16 22:12:41 | 000,000,705 | ---- | M] () -- C:\Users\***\Desktop\Mafia.lnk [2010.12.16 19:57:05 | 000,646,095 | ---- | M] () -- C:\Users\***\Desktop\knifem9probisiiiww.rar [2010.12.11 09:36:27 | 001,227,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dx8vb.dll [2010.12.08 20:16:57 | 000,114,243 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2010.12.08 20:16:57 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2010.12.05 08:57:34 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini ========== Files Created - No Company Name ========== [2010.12.27 23:49:15 | 000,132,597 | ---- | C] () -- C:\Users\***\Desktop\Flash_Disinfector(2).exe [2010.12.27 14:50:04 | 000,207,143 | ---- | C] () -- C:\Users\***\Desktop\test script.exe [2010.12.27 14:33:58 | 000,000,287 | ---- | C] () -- C:\Users\***\Desktop\test script.ahk [2010.12.27 01:53:04 | 000,000,105 | ---- | C] () -- C:\Users\***\Desktop\hi.ahk [2010.12.27 00:46:12 | 000,000,184 | ---- | C] () -- C:\Users\***\Desktop\Google.ahk [2010.12.27 00:15:08 | 000,465,298 | ---- | C] () -- C:\Users\***\Desktop\RootRepeal.rar [2010.12.27 00:12:59 | 000,089,324 | ---- | C] () -- C:\Users\***\Desktop\avira_antivir_antirootkit_en.zip [2010.12.26 16:10:28 | 000,296,448 | ---- | C] () -- C:\Users\***\Desktop\3wloftrm.exe [2010.12.26 14:25:09 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.12.25 19:03:17 | 000,002,710 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2010.12.25 19:03:03 | 000,001,349 | ---- | C] () -- C:\Users\***\Desktop\muzzle_texture4.png [2010.12.25 17:25:33 | 000,444,416 | ---- | C] () -- C:\Users\***\Desktop\desert_eagle.txd [2010.12.25 16:21:19 | 000,001,271 | ---- | C] () -- C:\Users\***\Desktop\bloodpool_64.png [2010.12.25 00:20:30 | 000,000,354 | ---- | C] () -- C:\Users\***\Desktop\radar_centre.png [2010.12.24 23:45:15 | 004,866,209 | ---- | C] () -- C:\Users\***\Desktop\SAStreamMemFix.rar [2010.12.24 23:45:04 | 001,443,095 | ---- | C] () -- C:\Users\***\Desktop\ENB-Series-Configurator.rar [2010.12.24 22:29:52 | 000,000,256 | ---- | C] () -- C:\Users\***\Desktop\siteM16.png [2010.12.24 22:25:31 | 000,000,287 | ---- | C] () -- C:\Users\***\Desktop\radardisc.png [2010.12.24 22:22:43 | 000,430,455 | ---- | C] () -- C:\Users\***\Desktop\txdworkshop40.rar [2010.12.24 15:47:31 | 000,830,065 | ---- | C] () -- C:\Users\***\Desktop\3304_1122614819_Faggio.zip [2010.12.24 15:46:18 | 000,148,442 | ---- | C] () -- C:\Users\***\Desktop\11447_Stage 6 Aerox Engine Sounds.rar [2010.12.24 15:05:57 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2010.12.24 15:05:57 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010.12.24 13:10:55 | 000,331,828 | ---- | C] () -- C:\Users\***\Desktop\undercover hud addon.rar [2010.12.23 22:12:15 | 000,041,355 | ---- | C] () -- C:\Users\***\Desktop\Logs.zip [2010.12.23 22:04:18 | 000,030,547 | ---- | C] () -- C:\Users\***\Desktop\Log Dateien.zip [2010.12.23 22:00:59 | 000,030,419 | ---- | C] () -- C:\Users\***\Desktop\Log Dateien.rar [2010.12.23 21:20:28 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.23 20:25:51 | 385,498,455 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.12.23 10:52:54 | 009,408,623 | ---- | C] () -- C:\Users\***\Desktop\sa-downgrade patch 0.3.1.rar [2010.12.16 22:13:22 | 000,001,624 | ---- | C] () -- C:\Users\***\Desktop\Deamon Tools.lnk [2010.12.16 22:12:41 | 000,000,705 | ---- | C] () -- C:\Users\***\Desktop\Mafia.lnk [2010.12.16 19:57:03 | 000,646,095 | ---- | C] () -- C:\Users\***\Desktop\knifem9probisiiiww.rar [2010.12.05 08:56:00 | 000,233,472 | ---- | C] () -- C:\Windows\System32\MafiaSetup.exe [2010.12.05 08:47:09 | 2139,502,592 | ---- | C] () -- C:\Users\***\Desktop\sd-maf.iso [2010.11.26 18:57:30 | 005,180,072 | ---- | C] () -- C:\Programme\KATALYST.EXE [2010.11.26 18:57:30 | 000,022,862 | ---- | C] () -- C:\Programme\README.TXT [2010.11.26 18:57:30 | 000,002,483 | ---- | C] () -- C:\Programme\POSTAL.INI [2010.11.26 18:57:29 | 001,020,416 | ---- | C] () -- C:\Programme\POSTAL.EXE [2010.11.26 18:57:29 | 000,008,718 | ---- | C] () -- C:\Programme\DEISL1.ISU [2010.11.26 18:57:29 | 000,005,832 | ---- | C] () -- C:\Programme\WEBULLET.HTM [2010.11.26 18:57:29 | 000,000,460 | ---- | C] () -- C:\Programme\WB.INI [2010.11.11 16:55:34 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.11.03 19:31:07 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2010.10.09 13:27:23 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.10.09 13:27:21 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.05.24 22:18:13 | 000,024,206 | ---- | C] () -- C:\Users\***\AppData\Roaming\UserTile.png [2010.05.10 13:12:53 | 000,000,094 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat [2010.05.02 09:07:24 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.04.07 14:37:23 | 000,022,328 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys [2010.04.05 21:12:55 | 000,001,356 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.04.05 12:49:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010.04.05 12:49:04 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.04.01 13:18:42 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.03.31 19:11:02 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2010.03.28 04:37:33 | 000,000,552 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat [2010.03.18 11:51:23 | 000,462,249 | ---- | C] () -- C:\Users\***\AppData\Roaming\SMW SRPI SNES.ips [2010.03.03 04:06:00 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2010.01.25 16:46:51 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.01.16 19:49:22 | 000,040,960 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.07.24 09:02:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.06.12 20:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008.04.12 07:41:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008.04.12 07:30:20 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.12.2010 00:41:13 - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581,17 Gb Total Space | 233,36 Gb Free Space | 40,15% Space Free | Partition Type: NTFS
Drive D: | 14,99 Gb Total Space | 2,79 Gb Free Space | 18,64% Space Free | Partition Type: FAT32
Drive H: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18D8B309-1F10-43AF-BD58-816B23D2BA85}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{60185C11-81FD-44E2-8829-D72BE8E97C54}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{77881CE2-49D0-4300-B296-7584E61D9171}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{79F9F2B1-FFDB-4B94-9E92-33E7F5A9BEBA}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{A92A184E-2EDF-45F8-9781-D7B9EEEF1089}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{BFCC54E2-8064-4110-B1A6-AF39C16AF4C1}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{F4E97F4F-1827-4A2C-A878-8FAA9BE7560E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{FFD5E3EA-0C01-4DBF-A65F-1D7B3ADC1B17}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0015B30F-2C2E-43BE-A908-A16F66E3F83A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{019A3477-E66C-4603-9E3A-DCE9FDFA34D6}" = protocol=6 | dir=in | app=c:\starcraft ii\starcraft ii.exe |
"{04A7C978-F044-4FD4-8D5F-E9FBC5C5FE1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{075ED6B4-9D3E-4297-8B85-C90A709D2C5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{084A3554-9D06-4EFC-8959-A69BA0A9E3DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B7AAD56-7B6D-4D29-8E41-C363620B153F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CDF5960-7FD7-406D-96AD-7061F8E7D2C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F04B2F1-707D-41AE-A384-566DB9B29222}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{0F404EA9-3F07-4667-A789-4A7E9C9E2709}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{11F8D904-0456-46B0-BD7B-E72DD9EAD9DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D8C49FC-EB02-4CC8-A96A-8A229B39BA5F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2391E4BF-D0B5-49AA-A738-FE9086DDB235}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24B9FD5B-9A3F-4C11-9D59-75BE7985E484}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{269A4FCF-1E07-4531-A252-A174A97AC02A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{27C03EE0-0C58-4C73-82E4-EA736998F478}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28A602AD-6EAF-4478-87A4-F8A88A21070F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29C59390-C436-4B84-BBFD-0682CB9BB551}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30007948-BD6D-4347-BFAA-379731AA9DFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3000EFBB-095C-490B-A9DC-021F1AB4541C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw.exe |
"{31FB10EE-957B-4746-A23E-F9D0FC389A1F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{320C7255-94E8-4CAF-AB2C-E16834D16EE9}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{332A233B-B2F3-4DC8-8EA5-F3FCB30F5895}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{37047DE3-7AFC-4201-A489-506BCC9A4CEF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3862D832-BAE1-46A8-A8CE-6F495B6F8EAA}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{3A4AE8C6-E383-40B4-94E4-CC025828F2E2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\help.htm |
"{3D7ED399-2B0D-42EF-A847-DD23556A17ED}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\help.htm |
"{3DFB454E-E253-490E-8817-7884C1F5A909}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4163060A-2CE9-4F79-AAA1-0FCDC52B53CB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\day of defeat\hl.exe |
"{418CE828-7DE0-4079-8577-72CD5267F8B3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{47587DFB-9FD1-4B3D-8547-E40AE6C132B8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torched\editor.exe |
"{490211D8-AD58-4ABE-8086-1660E7C6B324}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5694E7C5-9FF9-4CCE-8D76-54CC5DDA8FF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57ACC302-6672-49C4-8926-5170A629CA18}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw.exe |
"{5838F3FC-919B-4C6E-ABE8-FBA1BB05B5D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D52019D-1325-409E-BB9A-025DF89295B5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5DDB32D2-A019-4214-BEB8-9B4B3B0BE92C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{5DE62AF9-E7CC-480A-888F-CAA22BD5E5D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60DF8CF5-6804-4E26-B125-0275F6CC3BEF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{630617CF-9BC1-4729-ADE4-0D7A28B04E28}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{661F07DD-C536-4834-8663-39658DF38C80}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\help.htm |
"{67354739-9435-471F-9741-3C6C786FB1A6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{67521540-DDEB-4E98-8C50-78FC948445A2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\day of defeat\hl.exe |
"{795C97F8-A0F0-4379-831C-05E83EAE9C5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C54F273-DE94-4992-8CF2-F19186562C2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F4EA9FA-D2F1-4A20-B574-5B48B4B5A100}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FB79324-EEDB-477A-AD42-241BBE4F6B4E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{83B18C70-4E8E-4B86-88BA-A33EEC073C83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83F9FA0C-6EA1-4912-82B0-DB378A8FF663}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8400D72A-3DBE-4209-AF6E-24130861A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84D933F7-5F34-47BC-96D1-DA6DF116E75E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A99ADF7-3C63-43B9-9912-BF3BF91D172A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BD2374E-CBBA-48A9-A685-F908D2DA541B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\help.htm |
"{8BEF610C-0359-4A45-91ED-F8D2C3BF0DC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DB1D253-6DE8-4362-8529-A422FDEF86E1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\satansdevil\garrysmod\hl2.exe |
"{8E86D4FC-C764-4346-B93C-09323B8CD204}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{927CB7BD-D2E0-4943-ADFA-B7A708C3A550}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94638789-C49C-48B4-8084-24440A415618}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{97122998-E718-47FE-B957-81AA96BEEB5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98477BA8-2D27-483D-8237-A8948ABC0ECE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98EE0D59-D4BE-4FC1-9030-245A5A7B0DAD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{9D7B9A3B-0B9F-4CD2-BFD1-EFD1D4522A0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DB41C33-56C1-43CF-A2AB-2E7098270090}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DF25309-D057-4D2F-9948-5A44C7A11F8D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{9E2B576C-2892-403B-B0EF-0A6F20673ADF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{A647D6E6-7BBF-4175-95E6-368F6A34FB87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A93092A0-C85E-431A-828C-8F088A7AF84B}" = protocol=17 | dir=in | app=c:\starcraft ii\starcraft ii.exe |
"{AECF544E-DD0B-4DE3-A1C5-CE03BF27A8A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AED8C1C0-1918-4EFF-B72E-74C3A0EE4F58}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest immortal throne\tqit.exe |
"{AF216EE2-521A-4BA4-8E20-996CC5382DA9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B58837F3-3D9D-4901-BFD8-9B3B52DB34F0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B64B01CF-0CC3-4870-B779-0F90FEDB6639}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B8D68992-B9D1-4B95-AF1B-7A11DB5B0651}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\satansdevil\garrysmod\hl2.exe |
"{BA789A8F-47BF-4EF2-A3E1-B7D5FE34A454}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{BC9FACD4-BAA8-4D0E-9176-EDECF3CECAE2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{C5C802C9-7280-4E60-A19A-D2E735B9C1FD}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{CC4D1298-CE1F-4418-B824-64D0C9FCDCFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD09CE19-5BE4-406E-B8D9-B686903BF022}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D0120BF9-49D8-461B-B637-B431C0D57FBA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{D1668BF5-3F95-4768-906B-CDD7B9134559}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5BC38ED-3D08-4472-BF52-3416BEA78839}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5E1EB80-E488-4689-9C8E-8A69C502B61E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{D5E4BCD6-AE50-45E0-A297-9DFD6036FACA}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{DCD2D5D4-407C-4A11-B4DE-70AA959E51F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDD7B56B-DDA3-49C6-9D88-75E6BCCE7590}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{E356EADC-4DBC-426C-A21A-71DDCD882967}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E3EFEBC3-E137-4213-B262-68C75785AA06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E88CF489-A548-451B-94CD-1949E96C2CAA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torched\editor.exe |
"{E92A05F7-052B-4ADA-AC96-78DEDF0777F7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{ECAE8295-A0A4-4FE2-9060-6D3A5603E86C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED9C17F4-9E77-4A69-A4E6-E8C2DBBB5CEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6EAAB43-C41F-4EFF-8A2A-331EE16A91D2}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{FA7B874D-2C26-4EAE-BC0F-5FDFFDB2721D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{00FBF39C-E456-4676-89AA-3CE1B0E92D9E}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{0B00423C-14F0-4355-8352-E10F3DA36B59}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{14B3D75E-AED7-4ABB-9B1C-97F87E5901D0}C:\users\public\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\world of warcraft\launcher.exe |
"TCP Query User{3C9CD4E3-BEFF-4E2C-A002-475EAF823ADE}C:\program files\steam\steamapps\common\titan quest\titan quest.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\titan quest.exe |
"TCP Query User{4219818A-225D-42A1-86FF-599B56EF760D}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{5DF21010-E94B-42C3-97C5-B0478348FDA3}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{779332E5-E980-4D83-83EF-831138F025D6}C:\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{C50E8E54-17B6-4F2A-A50D-01DA802DD7E2}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"TCP Query User{CC7A1841-6F23-4D37-9CD6-C8B0EDBB495C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe.exe |
"TCP Query User{DC26D9A1-E676-4691-B886-77F5A234304D}C:\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{DE70B447-D396-490F-BA54-49F311DE6D75}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DE84835B-EC48-40EB-8CE5-41E416450DD8}C:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{FD6C44BC-4A25-41A9-B8D8-7DD9F05A1A62}C:\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{1409DF71-9998-41E8-90CD-33DDD54D9157}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{303A4053-CBB9-40F9-86E8-D5780E63050D}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{35B57E77-41E3-43BD-90A8-5C6489B43068}C:\users\public\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\world of warcraft\launcher.exe |
"UDP Query User{3A026671-C200-4A50-B999-2A6E234A275F}C:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{5F9EA9E9-4C91-4659-9C7D-5B4D1FB9EB86}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{600B51AD-3439-4885-A9D7-EAFC73203825}C:\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{9054F45D-FC3F-431E-AE66-2BC04FC87B2B}C:\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{97F16B50-4249-40EF-B923-DA6BF9D67C3C}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{AC8A45D4-D32E-4706-AB49-E1C5B41CF89E}C:\program files\steam\steamapps\common\titan quest\titan quest.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\titan quest\titan quest.exe |
"UDP Query User{B40390C6-9C4B-4014-A2B4-3B4158959097}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe |
"UDP Query User{BCBB972E-6791-411C-AD20-DCF4CD170BEC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DD97E332-F69B-4CA3-B3C6-9876BE8CB927}C:\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{FADBA5B6-08B4-4274-8E08-CD430E29F5DE}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{090EFAEF-E0C1-5311-7A96-817BC18B43BB}" = ccc-utility
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{19666E73-D9E5-44D4-8F33-037ED151ECBC}" = Firebird SQL Server - MAGIX Edition
"{1BF43B74-1EDE-060E-A612-56A116A381F8}" = Catalyst Control Center Core Implementation
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.5
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{437220AC-2A97-8338-E012-74B8DF30E9DA}" = Catalyst Control Center InstallProxy
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4E2CD272-0F2F-98EA-9596-510EF0D24E28}" = ccc-core-static
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin Wireless USB Adapter Setup
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72C02F89-9E8E-2DBD-11D7-EB5F075FE081}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DB77BE4-629D-458D-BD68-9F36667C2177}" = TubeBox!
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C19FFB1-25FC-43FC-AC78-919E5E2A6DD0}" = TortoiseSVN 1.6.6.17493 (32 bit)
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{9DD16C0E-B9E7-417C-0C30-E57916C353E3}" = CCC Help English
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1E1D1EE-3F04-CC1A-8498-0D48463F579D}" = Catalyst Control Center Localization All
"{A680643A-1155-02F6-6B29-BF4FBA1190E8}" = Catalyst Control Center Graphics Full Existing
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABB6F00C-9722-82C2-FE1E-893313CCF612}" = Catalyst Control Center Graphics Light
"{B04836D8-4170-D430-6297-3DD084AAEC09}" = Catalyst Control Center Graphics Full New
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BCC78381-4B63-5352-BF57-BDBF7A77823A}" = Catalyst Control Center HydraVision Full
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{CE03D1DC-FD8D-2F5C-5FAD-02570BA0383B}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{DF181652-D4F9-7D64-AED8-57D31E8D0410}" = Media Go Video Playback Engine 1.32.101.05130
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EE02955B-74BC-3995-6B67-2A9D1651D4F5}" = Catalyst Control Center Graphics Previews Vista
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F34D6DAE-7777-5C40-E143-8A0D6A048F75}" = ATI Catalyst Install Manager
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.04 beta
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Active WebCam" = Active WebCam
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AutoHotkey" = AutoHotkey 1.0.48.05
"AV Voice Changer Software GOLD 7.0" = AV Voice Changer Software GOLD 7.0
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EA Download Manager" = EA Download Manager
"EAX Unified" = EAX Unified
"FlashGet 3.5" = FlashGet 3.5
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.10
"GAMI (Gta-Action Mod-Installer)" = GAMI (Gta-Action Mod-Installer)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"JDownloader" = JDownloader
"Mafia" = Mafia
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Postal 2 Apocalypse Weekend Expansion Pack" = Postal 2 Apocalypse Weekend Expansion Pack
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"PROHYBRIDR" = 2007 Microsoft Office system
"RPGAdvocates_RTP_1.0" = Common RTP 1.0
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"Steam App 30" = Day of Defeat
"Steam App 300" = Day of Defeat: Source
"Steam App 35700" = Trine
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 41500" = Torchlight
"Steam App 41520" = Torchlight Editor
"Steam App 440" = Team Fortress 2
"Steam App 4540" = Titan Quest
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 4700" = Medieval II: Total War
"Steam App 4760" = Rome: Total War - Gold Edition
"Steam App 630" = Alien Swarm
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.9
"VRS" = VRS Recording System
"VTFEdit_is1" = VTFEdit 1.2.5
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Darth Mod M2TW 1.4D" = Darth Mod M2TW 1.4D
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.12.2010 19:01:59 | Computer Name = ***-PC | Source = VSS | ID = 8194
Description =
Error - 27.12.2010 05:27:16 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 06:03:13 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm gta_sa.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: ff4 Anfangszeit: 01cba5a9e437c676 Zeitpunkt der Beendigung:
9524
Error - 27.12.2010 15:35:50 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 16:33:22 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 16:53:17 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 17:38:49 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 17:52:48 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 18:38:25 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.12.2010 18:56:58 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 27.12.2010 16:53:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.12.2010 16:53:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.12.2010 17:38:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.12.2010 17:38:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.12.2010 17:52:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.12.2010 17:52:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.12.2010 18:38:25 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.12.2010 18:38:25 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.12.2010 18:56:59 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.12.2010 18:56:59 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Geändert von Brauny (28.12.2010 um 00:48 Uhr) |
|
28.12.2010, 11:39
| #17 |
| /// Helfer-Team  | Internet seit Tagen extrem ausgebremst Deinstallier bitte die IE9 Beta, dass du wieder bei dem 8er bist. Mit Betas sollte man vorsichtig sein, da diese noch sehr viele Fehler enthalten können. Betas sind eher für Testsysteme geeignet und nicht für Computer, die ganz normal zu Hause benutzt werden.
__________________Zum Internet Explorer: Auch wenn du ihn nicht benutzt um zu surfen, wird er dennoch nötig sein, um die Windowsupdates downloaden zu können (mittlerweile gibt es aber auch ein Firefox-Addon dafür). Ausserdem ist der IE ziemlich stark ins Betriebssystem integriert, weshalb es immer wichtig ist, den aktuell zu halten (und besser auf Betas zu verzichten). Hast du Hitman aus garantiert sicherer Quelle installiert? 1.) Malwarebytes Antimalware Lasse dann erneut Malwarebytes Antimalware scannen: Bringe das Programm vorweg über den Reiter "Aktualisierung" auf den neuesten Stand. Starte danach über den Reiter "Suchlauf" einen "Vollständigen Suchlauf" (nicht den Quickscan!) Werden Funde gemacht, lasse diese entfernen und poste mir abschliessend das Logfile hierher. 2.) Eset Online Scan ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
3.) Sind die Probleme noch vorhanden?
__________________ |
|
28.12.2010, 22:48
| #18 |
| | Internet seit Tagen extrem ausgebremst Hitman ist aus einer Quelle, die garantiert NICHT sicher ist.Ich war schon am überlegen, denn hitman wurde genau an dem Tag installiert /fertig heruntergeladen, als die Probleme anfingen.Vlt. hat es ja was damit zu tun.
__________________1.) lass ich heute über nacht laufen, der Eset Scan hat 3 stunden gedauert und ich hab keine Lust nochmal 3 Stunden zu warten bis ich wieder an den Computer kann 2.)ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6419 # api_version=3.0.2 # EOSSerial=8bdcecd5b54eb145a317994d5d7764c6 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-12-28 03:03:48 # local_time=2010-12-28 04:03:48 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1280 16777215 100 0 6971863 6971863 0 0 # compatibility_mode=5892 16776573 100 100 5575 131071704 0 0 # compatibility_mode=8192 67108863 100 0 4023 4023 0 0 # scanned=423978 # found=0 # cleaned=0 # scan_time=9651 3) ja das problem ist immer noch da.Es tritt immer nach einiger Zeit auf (beispielsweise wenn ich zum ersten mal starte ist die Leitung perfekt, im Verlaufe des Tages wird es immer schlimmer) |
|
28.12.2010, 23:08
| #19 | |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremstZitat:
Ich würd dir auf jeden Fall raten, dich schnell wieder davon zu trennen, schmeiß alles runter von Hitman wir müssen dann sicher noch weitersuchen. Edit: Was ist mit dem Internet Explorer?
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte!  |
|
28.12.2010, 23:24
| #20 | |
| | Internet seit Tagen extrem ausgebremstZitat:
|
|
28.12.2010, 23:53
| #21 |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremst Dann schau mal hier, ob dir das hilft: IE 9 deinstallieren Wäre übrigens grad ein guter Zeitpunkt sich von jeglicher Software zu trennen, die aus nicht sicherer Quelle stammt  Ich warte dann aufs Log von Mbam.
__________________ --> Internet seit Tagen extrem ausgebremst |
|
29.12.2010, 11:40
| #22 |
| | Internet seit Tagen extrem ausgebremstCode:
ATTFilter ´Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5406
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
29.12.2010 04:09:50
mbam-log-2010-12-29 (04-09-50).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 541733
Laufzeit: 3 Stunde(n), 34 Minute(n), 8 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
29.12.2010, 12:26
| #23 |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremst Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
29.12.2010, 12:40
| #24 |
| | Internet seit Tagen extrem ausgebremstCode:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: MEDIONPC
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: MEDIONPC
System Product Name: MS-7501
Logical Drives Mask: 0x000002fc
Kernel Drivers (total 153):
0x83A43000 \SystemRoot\system32\ntkrnlpa.exe
0x83A10000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\PSHED.dll
0x80421000 \SystemRoot\system32\BOOTVID.dll
0x80429000 \SystemRoot\system32\CLFS.SYS
0x8046A000 \SystemRoot\system32\CI.dll
0x8054A000 \SystemRoot\system32\drivers\klbg.sys
0x80557000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805D3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8060D000 \SystemRoot\System32\Drivers\sphe.sys
0x80700000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x80709000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8072F000 \SystemRoot\system32\drivers\acpi.sys
0x80775000 \SystemRoot\system32\drivers\msisadrv.sys
0x8077D000 \SystemRoot\system32\drivers\pci.sys
0x807A4000 \SystemRoot\System32\drivers\partmgr.sys
0x807B3000 \SystemRoot\system32\drivers\volmgr.sys
0x80C0C000 \SystemRoot\System32\drivers\volmgrx.sys
0x80C56000 \SystemRoot\system32\DRIVERS\pciide.sys
0x80C5D000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x80C6B000 \SystemRoot\System32\drivers\mountmgr.sys
0x80C7B000 \SystemRoot\system32\drivers\atapi.sys
0x80C83000 \SystemRoot\system32\drivers\ataport.SYS
0x80CA1000 \SystemRoot\system32\DRIVERS\msahci.sys
0x80CAB000 \SystemRoot\system32\drivers\fltmgr.sys
0x80CDD000 \SystemRoot\system32\drivers\fileinfo.sys
0x80CED000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x80CF6000 \SystemRoot\System32\Drivers\ksecdd.sys
0x80E09000 \SystemRoot\system32\drivers\ndis.sys
0x80F14000 \SystemRoot\system32\drivers\msrpc.sys
0x80F3F000 \SystemRoot\system32\drivers\NETIO.SYS
0x8C205000 \SystemRoot\System32\drivers\tcpip.sys
0x8C2EF000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C403000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8C513000 \SystemRoot\system32\drivers\volsnap.sys
0x8C54C000 \SystemRoot\System32\Drivers\spldr.sys
0x8C554000 \SystemRoot\System32\Drivers\mup.sys
0x8C563000 \SystemRoot\System32\drivers\ecache.sys
0x8C58A000 \SystemRoot\system32\drivers\disk.sys
0x8C59B000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8C5BC000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8C5C4000 \SystemRoot\system32\drivers\crcdisk.sys
0x8C5EF000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8C30A000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8C313000 \SystemRoot\system32\DRIVERS\processr.sys
0x8C322000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x91A02000 \SystemRoot\system32\DRIVERS\atipmdag.sys
0x8C34C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x91F69000 \SystemRoot\System32\drivers\watchdog.sys
0x80D67000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x91F75000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x91FB0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x91FC0000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x91FCE000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x91FE6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x91FEC000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x80F7A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8C3ED000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x80FB8000 \SystemRoot\system32\DRIVERS\serial.sys
0x91FF6000 \SystemRoot\system32\DRIVERS\serenum.sys
0x80FD2000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x80FE5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x807C2000 \SystemRoot\System32\Drivers\a7at6a5m.SYS
0x92404000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x92433000 \SystemRoot\system32\DRIVERS\storport.sys
0x92474000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x9247F000 \SystemRoot\system32\DRIVERS\vcsvad.sys
0x92484000 \SystemRoot\system32\DRIVERS\portcls.sys
0x924B1000 \SystemRoot\system32\DRIVERS\drmk.sys
0x924D6000 \SystemRoot\system32\DRIVERS\ks.sys
0x92500000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x92517000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x92522000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x92545000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92554000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x92568000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x9257D000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9258D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x92598000 \SystemRoot\system32\DRIVERS\swenum.sys
0x9259A000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x925A4000 \SystemRoot\system32\DRIVERS\umbus.sys
0x925B1000 \SystemRoot\System32\drivers\vga.sys
0x925BD000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x925DE000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9400F000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x94044000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x94055000 \SystemRoot\system32\drivers\RtHDMIV.sys
0x9420F000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x944F6000 \SystemRoot\system32\DRIVERS\klif.sys
0x94547000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x94550000 \SystemRoot\System32\Drivers\Null.SYS
0x94557000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x9456C000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9456E000 \SystemRoot\System32\Drivers\Beep.SYS
0x9457E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x94585000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x9458D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x94595000 \SystemRoot\System32\Drivers\Msfs.SYS
0x945A0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x945AE000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x945B7000 \SystemRoot\system32\DRIVERS\tdx.sys
0x94609000 \SystemRoot\system32\DRIVERS\kl1.sys
0x94B29000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
0x94BC9000 \SystemRoot\system32\DRIVERS\smb.sys
0x9407A000 \SystemRoot\system32\drivers\afd.sys
0x945CD000 \SystemRoot\System32\DRIVERS\netbt.sys
0x94BDD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x94BF3000 \SystemRoot\system32\DRIVERS\klim6.sys
0x94200000 \SystemRoot\system32\DRIVERS\netbios.sys
0x940C2000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x940D5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x94111000 \SystemRoot\system32\drivers\nsiproxy.sys
0x9411B000 \SystemRoot\System32\Drivers\dfsc.sys
0x94600000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x94132000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x94575000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x94142000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x9414B000 \SystemRoot\System32\Drivers\fastfat.SYS
0x94173000 \SystemRoot\system32\DRIVERS\udfs.sys
0x941AE000 \SystemRoot\System32\Drivers\crashdmp.sys
0x941BB000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x941C6000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x82000000 \SystemRoot\System32\win32k.sys
0x941D0000 \SystemRoot\System32\drivers\Dxapi.sys
0x82220000 \SystemRoot\System32\TSDDD.dll
0x82240000 \SystemRoot\System32\cdd.dll
0x941DA000 \SystemRoot\system32\drivers\luafv.sys
0xA1606000 \SystemRoot\system32\drivers\spsys.sys
0xA16B6000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA16C6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA16F0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA16FA000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA170D000 \SystemRoot\system32\drivers\HTTP.sys
0xA177A000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA1797000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA17B0000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA17C5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA2009000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA2042000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA205A000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA2082000 \SystemRoot\System32\DRIVERS\srv.sys
0xA20D0000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA2113000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA2118000 \SystemRoot\system32\drivers\peauth.sys
0xA21F6000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA17E4000 \SystemRoot\System32\drivers\tcpipreg.sys
0x8C5CD000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x925ED000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xA2000000 \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
0x805E0000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77C50000 \Windows\System32\ntdll.dll
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
Processes (total 66):
0 System Idle Process
4 System
544 C:\Windows\System32\smss.exe
632 csrss.exe
672 C:\Windows\System32\wininit.exe
680 csrss.exe
724 C:\Windows\System32\services.exe
736 C:\Windows\System32\lsass.exe
768 C:\Windows\System32\lsm.exe
932 C:\Windows\System32\svchost.exe
976 C:\Windows\System32\winlogon.exe
1052 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\atiesrxx.exe
1236 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1424 C:\Windows\System32\audiodg.exe
1448 C:\Windows\System32\svchost.exe
1476 C:\Windows\System32\SLsvc.exe
1528 C:\Windows\System32\atieclxx.exe
1608 C:\Windows\System32\svchost.exe
1812 C:\Windows\System32\svchost.exe
2040 C:\Windows\System32\spoolsv.exe
276 C:\Windows\System32\svchost.exe
796 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1260 C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
1552 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
1776 C:\Program Files\Bonjour\mDNSResponder.exe
360 C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
2184 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
2212 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
2308 C:\Windows\System32\IoctlSvc.exe
2328 C:\Windows\System32\PnkBstrA.exe
2360 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
2384 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2440 C:\Windows\System32\svchost.exe
2472 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
2536 C:\Windows\System32\svchost.exe
2700 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2928 WUDFHost.exe
3080 C:\Windows\System32\taskeng.exe
3388 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3996 C:\Windows\System32\taskeng.exe
3400 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
3740 C:\Windows\System32\dwm.exe
3636 C:\Windows\explorer.exe
820 C:\Program Files\Windows Defender\MSASCui.exe
3532 C:\Windows\vsnpstd3.exe
2960 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
1312 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
3752 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
1968 C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
2400 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2060 C:\Windows\ehome\ehtray.exe
2596 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3788 C:\Windows\ehome\ehmsas.exe
1360 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4188 C:\Windows\System32\wbem\unsecapp.exe
4252 WmiPrvSE.exe
4892 C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
5240 C:\Users\Brauny\Desktop\Rockstar Games\Grand Theft Auto San Andreas\samp.exe
5352 C:\Users\Brauny\Desktop\1_Keybinder\chaosAD Keybinder.exe
6028 C:\Users\Brauny\Desktop\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe
4020 C:\Users\Brauny\Desktop\MBRCheck.exe
3320 C:\Windows\System32\conime.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000091`4ae00000 (FAT32)
PhysicalDrive0 Model Number: WDCWD6400AACS-00G8B1, Rev: 05.04C05
Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done!
|
|
29.12.2010, 17:34
| #25 |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremst Räumen wir erstmal ein bisschen auf. Ccleaner Arbeite folgende Anleitung ab (Punkt 1 und 2): Ccleaner Danach deinstalliere bitte über die Systemsteuerung alle Programme die du nicht mehr benötigst. Starte danach deinen Computer neu. Starte dann erneut den Ccleaner, gehe auf den Menüpunkt Extras und dann unten links auf "Als Textdatei speichern". Speicher die Txt auf deinem Desktop und gehe danach die einzelnen noch installierten Softwares in dieser Liste durch und schreibe hinter jedes, ob du sie kennst und benötigst, oder ob sie dir unbekannt sind (zb "Bekannt" und "Unbekannt"). Poste mir diese Liste dann mit deinen Zusatzinfos hierher in Codetags in den Thread.
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
29.12.2010, 18:20
| #26 |
| | Internet seit Tagen extrem ausgebremst Also ich besitze schon seit langer Zeit Tune Up Utilities und wenn ich das mal so Vergleiche sehe ich keinen Unterschied zwischen den beiden Programmen...soll ich es trotzdem laufen lassen? |
|
29.12.2010, 18:47
| #27 |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremst Der Unterschied ist, dass man sich mit Tune Up schnell mal das System zerschiessen kann. CCleaner ist da deutlich sicherer. Ich würd dir auch glatt vorschlagen, dich auch von Tune Up zu trennen 
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
29.12.2010, 19:24
| #28 |
| | Internet seit Tagen extrem ausgebremstCode:
ATTFilter 2007 Microsoft Office system Microsoft Corporation 22.12.2010 525MB 12.0.6425.1000 kenn ich, office halt
7-Zip 9.04 beta 22.12.2010 3,23MB auch bekannt, zip programm
Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 22.12.2010 14,0MB unbekannt
Active WebCam 22.12.2010 22,5MB unbekannt
Adobe AIR Adobe Systems Inc. 22.12.2010 30,7MB 2.0.2.12610 unbekannt
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 22.12.2010 10.0.45.2 kenn ich, mein flash player halt
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 22.12.2010 10.1.85.3 firefox plugin von adobe flash player
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 22.12.2010 8,17MB 11.5.2.602 kenn ich
Apple Application Support Apple Inc. 21.06.2010 42,8MB 1.3.0 unbekannt
Apple Mobile Device Support Apple Inc. 21.06.2010 19,9MB 3.1.0.62 für mein Iphone
Apple Software Update Apple Inc. 21.06.2010 2,26MB 2.1.2.120 updater für itunes und quicktime
ATI Catalyst Install Manager ATI Technologies, Inc. 24.09.2010 16,6MB 3.0.790.0 für meine Grafikkarte
AutoHotkey 1.0.48.05 Chris Mallett 22.12.2010 2,59MB 1.0.48.05 auto-scripting programm, meine welt :)
Belkin Wireless USB Adapter Setup Belkin 15.01.2010 0,95MB 2.20 mein Internetstick
Business Contact Manager für Outlook 2007 SP2 Microsoft Corporation 22.12.2010 31,4MB 3.0.8619.1 keine Ahnung
Call of Duty(R) 4 - Modern Warfare(TM) Activision 06.04.2010 6.385MB 1.00.0000 unbekannt
Call of Duty: Modern Warfare 2 Infinity Ward 22.12.2010 11.496MB bekannt
Call of Duty: Modern Warfare 2 - Multiplayer Infinity Ward 22.12.2010 11.496MB bekannt
CCleaner Piriform 28.12.2010 3,41MB 3.02 bekannt
Common RTP 1.0 22.12.2010 unbekannt
Counter-Strike: Source Valve 22.12.2010 112,2MB bekannt
Day of Defeat Valve 22.12.2010 bekannt
Day of Defeat: Source Valve 22.12.2010 8,21MB bekannt
Driver Detective PC Drivers HeadQuarters 04.04.2010 6,00MB 8.0.1 unbekannt
EAX Unified 22.12.2010 8,00KB unbekannt
ESET Online Scanner v3 27.12.2010 104,5MB bekannt
Feedback Tool Microsoft Corporation 17.09.2010 2,28MB 1.1.0 bekannt
Firebird SQL Server - MAGIX Edition MAGIX AG 04.04.2010 10,1MB 2.1.22.0 unbekannt
FlashGet 3.5 hxxp://www.FlashGet.com 22.12.2010 16,4MB 3.5.0.1126 bekannt, downloader für firefox
Foxit Reader 27.12.2010 7,17MB bekannt
Fraps (remove only) 22.12.2010 10.741MB recording Program, bekannt
Garry's Mod Team Garry 22.12.2010 1.495MB bekannt
GIMP 2.6.8 24.02.2010 98,6MB bekannt
Google Chrome Google Inc. 24.07.2010 222MB 8.0.552.224 bekannt, aber unbenutzt (wird entfernt)
Grand Theft Auto San Andreas Rockstar Games 22.12.2010 4.839MB 1.00.00001 bekannt
iTunes Apple Inc. 21.06.2010 160,8MB 9.2.0.61 bekannt
Java(TM) 6 Update 23 Oracle 26.12.2010 97,1MB 6.0.230 bekannt
Kaspersky Security Suite CBE 10 Kaspersky Lab 22.12.2010 36,5MB 9.0.0.747 antivirenprogramm
Malwarebytes' Anti-Malware Malwarebytes Corporation 22.12.2010 4,80MB bekannt
Media Go Video Playback Engine 1.32.101.05130 Sony 24.06.2010 19,3MB 1.32.101.05130 unbekannt
Medieval II: Total War The Creative Assembly 22.12.2010 12.056MB bekannt
Microsoft .NET Framework 1.1 22.12.2010
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 22.12.2010 37,3MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 22.12.2010 37,3MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.12.2010 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.12.2010 24,5MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 22.12.2010 38,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 22.12.2010 7,50MB 4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 22.09.2010 83,5MB 4.0.30319
Microsoft Help Viewer 1.0 Microsoft Corporation 22.12.2010 6,09MB 1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 22.12.2010 6,09MB 1.0.30319
Microsoft Office 2003 Web Components Microsoft Corporation 15.09.2010 11.0.8003.0
Microsoft Office 2007 Primary Interop Assemblies Microsoft Corporation 08.06.2010 12.0.4518.1014
Microsoft Office Live Add-in 1.5 Microsoft Corporation 24.05.2010 0,49MB 2.0.4024.1
Microsoft Office Small Business Connectivity Components Microsoft Corporation 23.07.2009 0,15MB 2.0.7024.0
Microsoft Silverlight Microsoft Corporation 19.12.2010 4.0.51204.0
Microsoft SQL Server 2005 Microsoft Corporation 22.12.2010 58,4MB
Microsoft SQL Server 2005 Compact Edition [DEU] Microsoft Corporation 23.07.2009 0,32MB 3.1.0000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 23.07.2009 1,74MB 3.1.0000
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 22.09.2010 17,1MB 10.50.1447.4
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 22.09.2010 3,69MB 3.5.8080.0
Microsoft SQL Server Native Client Microsoft Corporation 23.07.2009 2,63MB 9.00.4035.00
Microsoft SQL Server System CLR Types Microsoft Corporation 22.09.2010 2,55MB 10.50.1447.4
Microsoft SQL Server VSS Writer Microsoft Corporation 23.07.2009 0,68MB 9.00.4035.00
Microsoft Visual Basic 2010 Express - DEU Microsoft Corporation 22.12.2010 228MB 10.0.30319
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.02.2010 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 13.05.2010 0,41MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 24.02.2010 0,19MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 09.03.2010 1,41MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Corporation 16.01.2010 2,10MB 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 24.01.2010 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 04.04.2010 0,57MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 22.09.2010 0,58MB 9.0.30729.4974
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 22.09.2010 35,4MB 10.0.30319
Mozilla Firefox (3.6.13) Mozilla 22.12.2010 31,0MB 3.6.13 (de) mein web browser, bekannt
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 23.07.2009 34,00KB 4.20.9841.0 unbekannt
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 23.07.2009 1,28MB 4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 15.01.2010 1,34MB 4.20.9876.0 unbekannt
Nero 8 Essentials Nero AG 23.07.2009 1.835MB 8.3.124 bekannt, unbenutzt
Nur Deinstallierung der CopyTrans Suite möglich. WindSolutions 06.10.2010 14,5MB 2.15 bekannt, synch tool für Iphone
NVIDIA PhysX NVIDIA Corporation 06.12.2010 120,0MB 9.09.0428 bekannt
PhotoScape 22.12.2010 25,9MB bekannt
Picasa 3 Google, Inc. 22.12.2010 74,3MB 3.1 unbekannt
PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 21.07.2010 0,65MB 2.03.00126 bekannt, unbenutzt
PlayStation(R)Store Sony Computer Entertainment Inc. 21.07.2010 3,21MB 3.2.11.09227 bekannt, unbenutzt
Portal Valve 22.12.2010 155,3MB bekannt
QuickTime Apple Inc. 21.06.2010 73,8MB 7.66.73.0 bekannt
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 31.03.2010 13,7MB 6.0.1.6077 bekannt
Rome: Total War - Gold Edition The Creative Assembly 22.12.2010 3.215MB bekannt
Skype™ 5.0 Skype Technologies S.A. 13.12.2010 21,4MB 5.0.152 bekannt
StarCraft II Blizzard Entertainment 22.12.2010 8.870MB 1.1.3.16939 bekannt
Steam Valve Corporation 15.01.2010 1,49MB 1.0.0.0 bekannt
Team Fortress 2 Valve 22.12.2010 253MB bekannt
TeamSpeak 2 RC2 Dominating Bytes Design 22.12.2010 2.0.32.60 bekannt
TeamSpeak 3 Client TeamSpeak Systems GmbH 25.12.2010 29,5MB bekannt
Titan Quest IronLore 22.12.2010 2.635MB bekannt
Titan Quest: Immortal Throne IronLore 22.12.2010 1.201MB bekannt
Torchlight Runic Games, Inc. 22.12.2010 533MB bekannt
Torchlight Editor Runic Games, Inc. 22.12.2010 769MB bekannt
TortoiseSVN 1.6.6.17493 (32 bit) TortoiseSVN 16.01.2010 18,4MB 1.6.17493 bekannt
Trine Frozenbyte 22.12.2010 685MB bekannt
Unity Web Player Unity Technologies ApS 14.07.2010 80,00KB 2.6.1f3_31223 bekannt
Unlocker 1.8.9 Cedrick Collomb 22.12.2010 0,21MB 1.8.9 bekannt, unlocker für dateien (wenn z.B. etwas nicht löschbar ist)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 23.07.2009 30,6MB 9.00.4035.00
Vista Codec Package Shark007 16.01.2010 43,9MB 4.7.0 unbekannt
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 22.09.2010 11,2MB 4.0.8080.0 unbekannt
VTFEdit 1.2.5 Neil Jedrzejewski & Ryan Gregg 25.02.2010 2,66MB
Windows Live Essentials Microsoft Corporation 22.12.2010 136,5MB 14.0.8050.1202
Windows Live ID-Anmelde-Assistent Microsoft Corporation 24.05.2010 4,69MB 6.500.3165.0
Windows Live Sync Microsoft Corporation 23.07.2009 2,80MB 14.0.8050.1202
Windows Live-Uploadtool Microsoft Corporation 23.07.2009 0,22MB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 07.07.2010 0,29MB 1.0.0.8
WinRAR 22.12.2010 3,78MB bekannt
WinZip 12.1 WinZip Computing, S.L. 16.01.2010 15,9MB 12.1.8519 bekannt
World of Warcraft Blizzard Entertainment 22.12.2010 3.3.5.12340 bekannt
Bei den Windows Sachen halte ich mich raus, ich weiß das ich dafür viele für Spiele brauche, aber welche genau ist unbekannt. |
|
29.12.2010, 22:48
| #29 |
| | Internet seit Tagen extrem ausgebremst grad läuft mein Internet übrigens perfekt, mal sehen wie lange |
|
29.12.2010, 23:47
| #30 |
| /// Helfer-Team | Internet seit Tagen extrem ausgebremst Folgendes kannst du noch deinstallieren: Active WebCam 22.12.2010 22,5MB unbekannt Adobe AIR Adobe Systems Inc. 22.12.2010 30,7MB 2.0.2.12610 unbekannt Driver Detective PC Drivers HeadQuarters 04.04.2010 6,00MB 8.0.1 unbekannt ESET Online Scanner v3 Google Chrome Google Inc. 24.07.2010 222MB 8.0.552.224 bekannt, aber unbenutzt (wird entfernt) Media Go Video Playback Engine 1.32.101.05130 Sony 24.06.2010 19,3MB 1.32.101.05130 unbekannt Nero 8 Essentials Nero AG 23.07.2009 1.835MB 8.3.124 bekannt, unbenutzt Picasa 3 Google, Inc. 22.12.2010 74,3MB 3.1 unbekannt PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 21.07.2010 0,65MB 2.03.00126 bekannt, unbenutzt PlayStation(R)Store Sony Computer Entertainment Inc. 21.07.2010 3,21MB 3.2.11.09227 bekannt, unbenutzt 7-Zip 9.04 beta 22.12.2010 3,23MB auch bekannt, zip programm Und benötigst du gleichzeitig Gimp und PhotoScape?
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
| Themen zu Internet seit Tagen extrem ausgebremst |
| andreas, anhang, ausgehen, bruder, ergebnisse, erkennt, extrem, freitag, geladen, hijack, hijackthis, interne, internet, internetprobleme, internetseite, internetseiten, lange, malwarebytes, problem, probleme, seite, seiten, spiele, stimme, stimmen, tagen, total |
Button.
Linear-Darstellung
