| |
| |||||||
Alles rund um Windows: Computer crash/neustart, dann keine Laufwerke gefundenWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
07.01.2011, 15:07
| #1 |
| |  Problem: Computer crash/neustart, dann keine Laufwerke gefunden Hi, hab seit gestern ein Problem mit meinem Computer. Jedes Mal wenn ich was größeres auf dem Rechner installieren will, oder ne CD brennen etc. hängt sich mein PC auf und startet dann neu. Bei diesem Neustart werd ich dann aufgefordet ein boot device ins CD Laufwerk zu legen, da er keine Festplatte findet. Erst wenn ich den Rechner manuell aus und dann wieder einschalte läuft der Rechner wieder "normal", bzw. er zeigt an das ein Festplattenfehler vorhanden ist. Hab schon MBR sowie OTL laufen lassen, weiß aber selbst nich genau wie ich jetzt mit dem Ergebnis umzugehen hab. Während bei MBR alles in Ordnung zu sein scheint: PHP-Code: PHP-Code: PHP-Code: |
|
07.01.2011, 19:10
| #2 |
| | Computer crash/neustart, dann keine Laufwerke gefunden Anleitung / Hilfe ups hab versehentlich im php tag die logs geschrieben... hier noch mal im code
__________________Code:
ATTFilter Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7600 Disk: ST350041 rev.CC38 -> Harddisk0\DR0 -> \Device\0000005a
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Code:
ATTFilter OTL logfile created on: 07.01.2011 13:57:09 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Augustin\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,32 Gb Total Space | 153,00 Gb Free Space | 78,33% Space Free | Partition Type: NTFS Drive D: | 270,44 Gb Total Space | 205,15 Gb Free Space | 75,86% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive F: | 15,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: AUGUSTIN-PC | User Name: Augustin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.01.07 13:42:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Augustin\Downloads\OTL.exe PRC - [2010.02.08 21:55:46 | 003,871,752 | ---- | M] (ASRock) -- C:\Programme\ASRock Utility\OCTuner\ASROC.exe PRC - [2009.12.04 08:48:54 | 001,728,512 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2009.07.14 02:14:16 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe PRC - [2009.07.14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2009.04.19 08:33:38 | 000,387,616 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2009.04.19 08:33:38 | 000,178,720 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe ========== Modules (SafeList) ========== MOD - [2011.01.07 13:42:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Augustin\Downloads\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV) SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009.04.19 08:33:38 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2009.04.19 08:33:38 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AsrOcDrv.sys -- (AsrOcDrv) DRV - [2010.04.22 05:15:04 | 000,019,232 | ---- | M] () [Kernel | System | Running] -- C:\Programme\Ray Adams\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009.12.07 19:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.12.07 19:36:48 | 000,201,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009.11.25 14:02:46 | 001,108,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.10.12 15:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009.07.14 04:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM) DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009.06.30 10:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32) DRV - [2009.04.30 13:06:56 | 000,287,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET) DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclock.sys -- (NVR0Dev) DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2004.11.29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004.11.25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2004.10.28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004.10.07 15:09:22 | 000,115,744 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004.10.07 15:05:05 | 000,080,576 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 22 97 48 62 AA CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.02 10:50:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.06 21:08:15 | 000,000,000 | ---D | M] [2011.01.02 10:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin\AppData\Roaming\mozilla\Extensions [2011.01.06 20:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Augustin\AppData\Roaming\mozilla\Firefox\Profiles\99bk0skq.default\extensions [2011.01.02 10:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [VIAAUD] C:\Program Files\VIA\VIAudioi\VDeck\VIAAUD.exe File not found O4 - HKCU..\Run: [ASRockIES] File not found O4 - HKCU..\Run: [ASRockOCTuner] File not found O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams) O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O13 - gopher Prefix: missing O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.08.24 11:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2010.03.11 01:26:10 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{0dccfa1f-1652-11e0-8fbe-00252240a24e}\Shell - "" = AutoRun O33 - MountPoints2\{0dccfa1f-1652-11e0-8fbe-00252240a24e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2009.08.24 11:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.06 21:55:05 | 000,000,000 | ---D | C] -- C:\My Music [2011.01.06 21:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey [2011.01.06 21:45:43 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\MediaMonkey [2011.01.06 21:45:43 | 000,000,000 | ---D | C] -- C:\Programme\MediaMonkey [2011.01.06 21:08:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR [2011.01.06 21:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.01.06 21:08:10 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2011.01.06 21:08:10 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2011.01.06 21:02:05 | 000,211,456 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll [2011.01.06 21:02:05 | 000,181,248 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\ViaMicArrayAPO.dll [2011.01.06 21:02:05 | 000,076,288 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll [2011.01.06 21:02:05 | 000,071,680 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll [2011.01.06 21:01:45 | 000,000,000 | ---D | C] -- C:\Programme\VIA [2011.01.06 21:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.01.06 19:55:28 | 000,000,000 | ---D | C] -- C:\Programme\Paradox Interactive [2011.01.06 19:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive [2011.01.05 03:01:11 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2011.01.04 16:10:03 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Mozilla-Cache [2011.01.04 16:09:48 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PartyPoker [2011.01.04 16:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker [2011.01.04 16:09:22 | 000,000,000 | ---D | C] -- C:\Programs [2011.01.04 16:03:59 | 000,000,000 | ---D | C] -- C:\Users\Augustin\Documents\888Poker [2011.01.04 16:03:58 | 000,000,000 | ---D | C] -- C:\Users\Augustin\Start Menu [2011.01.04 16:03:58 | 000,000,000 | ---D | C] -- C:\Users\Augustin\Application Data [2011.01.04 16:03:58 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker [2011.01.04 16:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker [2011.01.04 16:03:48 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\PacificPoker [2011.01.04 16:03:44 | 000,000,000 | ---D | C] -- C:\Programme\PacificPoker [2011.01.03 23:28:13 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Activision [2011.01.03 23:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2011.01.03 23:22:39 | 000,000,000 | ---D | C] -- C:\Programme\Activision [2011.01.03 23:14:07 | 000,000,000 | ---D | C] -- C:\Programme\Dreamcatcher [2011.01.03 23:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dreamcatcher [2011.01.03 21:03:36 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.01.03 20:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lionhead Studios Ltd [2011.01.03 20:58:32 | 000,000,000 | ---D | C] -- C:\Programme\Lionhead Studios Ltd [2011.01.03 20:53:40 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD [2011.01.03 20:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD [2011.01.03 20:53:10 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD [2011.01.03 20:40:19 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atari [2011.01.03 20:38:11 | 000,000,000 | ---D | C] -- C:\Programme\Atari [2011.01.03 20:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAce [2011.01.03 20:35:03 | 000,000,000 | ---D | C] -- C:\Programme\WinAce [2011.01.03 20:18:24 | 000,000,000 | ---D | C] -- C:\Fahrenheit [2011.01.03 18:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Cycling Manager [2011.01.03 18:45:08 | 000,000,000 | ---D | C] -- C:\Programme\Pro Cycling Manager [2011.01.03 08:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Tray Tools [2011.01.03 08:54:41 | 000,000,000 | ---D | C] -- C:\Programme\Ray Adams [2011.01.03 08:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2011.01.03 08:52:03 | 000,000,000 | ---D | C] -- C:\Programme\Lavalys [2011.01.03 08:48:35 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2011.01.03 08:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2011.01.03 08:48:34 | 000,000,000 | ---D | C] -- C:\Programme\SpeedFan [2011.01.03 08:41:09 | 000,000,000 | ---D | C] -- C:\Programme\ASRock Utility [2011.01.03 08:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility [2011.01.03 08:40:55 | 000,000,000 | ---D | C] -- C:\Users\Augustin\Documents\IES(2.0.9) [2011.01.03 08:20:34 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2011.01.03 08:20:25 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\NVIDIA Corporation [2011.01.03 08:20:24 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2011.01.03 08:20:00 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield [2011.01.03 08:19:40 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA nTune Performance Application [2011.01.02 21:47:38 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\Reality Pump [2011.01.02 20:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011.01.02 20:59:12 | 000,000,000 | ---D | C] -- C:\Programme\AGEIA Technologies [2011.01.02 20:59:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA [2011.01.02 20:59:09 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.01.02 20:59:05 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard [2011.01.02 20:58:25 | 000,000,000 | ---D | C] -- C:\Programme\Reality Pump [2011.01.02 15:27:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive [2011.01.02 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2011.01.02 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Augustin\Documents\Sports Interactive [2011.01.02 15:26:41 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Sports Interactive [2011.01.02 15:26:41 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\Sports Interactive [2011.01.02 15:09:38 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sports Interactive [2011.01.02 15:07:46 | 000,000,000 | -H-D | C] -- C:\Programme\Zero G Registry [2011.01.02 15:07:46 | 000,000,000 | ---D | C] -- C:\Programme\Sports Interactive [2011.01.02 15:07:31 | 000,000,000 | -H-D | C] -- C:\Users\Augustin\InstallAnywhere [2011.01.02 11:00:45 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Macromedia [2011.01.02 11:00:45 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Adobe [2011.01.02 11:00:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2011.01.02 10:50:35 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Mozilla [2011.01.02 10:50:35 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\Mozilla [2011.01.02 10:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.01.02 10:50:32 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2011.01.02 10:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner [2011.01.02 10:40:43 | 000,201,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys [2011.01.02 10:40:43 | 000,103,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2011.01.02 10:40:43 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys [2011.01.02 10:40:43 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2011.01.02 10:40:38 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner [2011.01.02 10:39:33 | 000,000,000 | R--D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.01.02 10:39:33 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Searches [2011.01.02 10:39:33 | 000,000,000 | R--D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.01.02 10:39:26 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Identities [2011.01.02 10:39:25 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Contacts [2011.01.02 10:39:21 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\VirtualStore [2011.01.02 10:39:20 | 000,000,000 | --SD | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Videos [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Saved Games [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Pictures [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Music [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Links [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Favorites [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Downloads [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Documents [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\Desktop [2011.01.02 10:39:20 | 000,000,000 | R--D | C] -- C:\Users\Augustin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Vorlagen [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\AppData\Local\Verlauf [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\AppData\Local\Temporary Internet Files [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Startmenü [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\SendTo [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Recent [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Netzwerkumgebung [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Lokale Einstellungen [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Documents\Eigene Videos [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Documents\Eigene Musik [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Eigene Dateien [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Documents\Eigene Bilder [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Druckumgebung [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Cookies [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\AppData\Local\Anwendungsdaten [2011.01.02 10:39:20 | 000,000,000 | -HSD | C] -- C:\Users\Augustin\Anwendungsdaten [2011.01.02 10:39:20 | 000,000,000 | -H-D | C] -- C:\Users\Augustin\AppData [2011.01.02 10:39:20 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\Temp [2011.01.02 10:39:20 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Local\Microsoft [2011.01.02 10:39:20 | 000,000,000 | ---D | C] -- C:\Users\Augustin\AppData\Roaming\Media Center Programs [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Programme [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.01.02 10:39:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.01.02 10:28:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.01.02 10:20:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.01.02 10:19:17 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.01.02 10:19:07 | 000,000,000 | -HSD | C] -- C:\Boot [2011.01.02 10:13:15 | 000,000,000 | ---D | C] -- C:\Windows.old ========== Files - Modified Within 30 Days ========== [2011.01.07 13:55:32 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.01.07 13:55:32 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.07 13:55:32 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.01.07 13:55:32 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.07 13:51:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.07 13:51:17 | 1408,737,280 | -HS- | M] () -- C:\hiberfil.sys [2011.01.07 12:52:00 | 000,089,088 | ---- | M] () -- C:\mbr.exe [2011.01.07 12:13:04 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.07 12:13:04 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.06 21:45:49 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk [2011.01.06 21:09:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk [2011.01.06 21:08:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.01.06 21:05:35 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\ASRock OC Tuner.lnk [2011.01.06 21:02:13 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk [2011.01.04 16:09:48 | 000,001,701 | ---- | M] () -- C:\Users\Augustin\Desktop\PartyPoker.lnk [2011.01.04 16:03:58 | 000,002,003 | ---- | M] () -- C:\Users\Augustin\Application Data\Microsoft\Internet Explorer\Quick Launch\888poker.lnk [2011.01.04 16:03:58 | 000,001,985 | ---- | M] () -- C:\Users\Augustin\Desktop\888poker.lnk [2011.01.04 03:35:37 | 000,267,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.03 23:19:19 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Play Superpower 2.lnk [2011.01.03 20:53:40 | 000,001,181 | ---- | M] () -- C:\Users\Augustin\Desktop\Fussballmanager Pro.lnk [2011.01.03 20:40:21 | 000,001,949 | ---- | M] () -- C:\Users\Augustin\Desktop\Fahrenheit Starten.lnk [2011.01.03 20:35:08 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2011.01.03 18:47:13 | 000,001,041 | ---- | M] () -- C:\Users\Augustin\Desktop\Pro Cycling Manager.lnk [2011.01.03 08:52:04 | 000,001,078 | ---- | M] () -- C:\Users\Augustin\Desktop\EVEREST Home Edition.lnk [2011.01.03 08:48:35 | 000,000,971 | ---- | M] () -- C:\Users\Augustin\Desktop\SpeedFan.lnk [2011.01.03 08:48:34 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo [2011.01.03 08:45:20 | 000,001,043 | ---- | M] () -- C:\Users\Augustin\Desktop\ASRock OC Tuner.lnk [2011.01.03 08:43:49 | 000,001,031 | ---- | M] () -- C:\Users\Augustin\Desktop\ASRock OC DNA.lnk [2011.01.03 08:41:09 | 000,001,019 | ---- | M] () -- C:\Users\Augustin\Desktop\ASRock IES.lnk [2011.01.03 08:20:33 | 000,002,052 | ---- | M] () -- C:\Users\Augustin\Desktop\NVIDIA Monitor.lnk [2011.01.03 08:20:33 | 000,001,866 | ---- | M] () -- C:\Users\Augustin\Desktop\nTune.lnk [2011.01.02 15:09:38 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Football Manager 2011.lnk [2011.01.02 10:50:33 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.01.02 10:40:47 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2011.01.02 10:23:23 | 000,056,735 | ---- | M] () -- C:\Windows\System32\license.rtf [2011.01.02 10:21:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.02 10:19:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011.01.02 10:19:07 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved [2011.01.02 10:19:07 | 000,000,367 | RHS- | M] () -- C:\boot.ini ========== Files Created - No Company Name ========== [2011.01.07 12:51:42 | 000,089,088 | ---- | C] () -- C:\mbr.exe [2011.01.06 21:45:49 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\MediaMonkey.lnk [2011.01.06 21:09:03 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk [2011.01.06 21:08:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.01.06 21:02:13 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk [2011.01.06 20:59:30 | 000,010,161 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu [2011.01.06 20:58:00 | 000,006,076 | R--- | C] () -- C:\Windows\System32\nvnrm.nvu [2011.01.04 16:09:48 | 000,001,701 | ---- | C] () -- C:\Users\Augustin\Desktop\PartyPoker.lnk [2011.01.04 16:03:58 | 000,002,003 | ---- | C] () -- C:\Users\Augustin\Application Data\Microsoft\Internet Explorer\Quick Launch\888poker.lnk [2011.01.04 16:03:58 | 000,001,985 | ---- | C] () -- C:\Users\Augustin\Desktop\888poker.lnk [2011.01.03 23:19:19 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Play Superpower 2.lnk [2011.01.03 20:53:40 | 000,001,181 | ---- | C] () -- C:\Users\Augustin\Desktop\Fussballmanager Pro.lnk [2011.01.03 20:40:21 | 000,001,949 | ---- | C] () -- C:\Users\Augustin\Desktop\Fahrenheit Starten.lnk [2011.01.03 20:35:08 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2011.01.03 18:47:13 | 000,001,041 | ---- | C] () -- C:\Users\Augustin\Desktop\Pro Cycling Manager.lnk [2011.01.03 08:52:04 | 000,001,078 | ---- | C] () -- C:\Users\Augustin\Desktop\EVEREST Home Edition.lnk [2011.01.03 08:48:35 | 000,000,971 | ---- | C] () -- C:\Users\Augustin\Desktop\SpeedFan.lnk [2011.01.03 08:48:33 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo [2011.01.03 08:46:28 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\ASRock OC Tuner.lnk [2011.01.03 08:43:49 | 000,001,031 | ---- | C] () -- C:\Users\Augustin\Desktop\ASRock OC DNA.lnk [2011.01.03 08:42:07 | 000,001,043 | ---- | C] () -- C:\Users\Augustin\Desktop\ASRock OC Tuner.lnk [2011.01.03 08:41:09 | 000,001,019 | ---- | C] () -- C:\Users\Augustin\Desktop\ASRock IES.lnk [2011.01.03 08:38:21 | 000,704,512 | ---- | C] () -- C:\Windows\System32\cohelper.dll [2011.01.03 08:38:21 | 000,005,940 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2011.01.03 08:20:33 | 000,002,052 | ---- | C] () -- C:\Users\Augustin\Desktop\NVIDIA Monitor.lnk [2011.01.03 08:20:33 | 000,001,866 | ---- | C] () -- C:\Users\Augustin\Desktop\nTune.lnk [2011.01.02 15:09:38 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Football Manager 2011.lnk [2011.01.02 10:50:33 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.01.02 10:40:47 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2011.01.02 10:21:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.02 10:20:01 | 1408,737,280 | -HS- | C] () -- C:\hiberfil.sys [2011.01.02 10:19:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2011.01.02 10:19:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2011.01.02 10:19:07 | 000,000,223 | -H-- | C] () -- C:\Boot.BAK [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.04.19 08:32:44 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResZHT.dll [2009.04.19 08:32:42 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResZHC.dll [2009.04.19 08:32:42 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResSV.dll [2009.04.19 08:32:42 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResRU.dll [2009.04.19 08:32:40 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResPTB.dll [2009.04.19 08:32:40 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResNO.dll [2009.04.19 08:32:40 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResNL.dll [2009.04.19 08:32:38 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResKO.dll [2009.04.19 08:32:38 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResJA.dll [2009.04.19 08:32:38 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResIT.dll [2009.04.19 08:32:36 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResFR.dll [2009.04.19 08:32:36 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResFI.dll [2009.04.19 08:32:36 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResESM.dll [2009.04.19 08:32:34 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResES.dll [2009.04.19 08:32:34 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResENG.dll [2009.04.19 08:32:32 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResDE.dll [2009.04.19 08:32:32 | 000,041,504 | ---- | C] () -- C:\Windows\System32\namResDA.dll [2009.04.19 08:32:30 | 000,129,568 | ---- | C] () -- C:\Windows\System32\nam_page.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== LOP Check ========== [2011.01.04 16:04:29 | 000,000,000 | ---D | M] -- C:\Users\Augustin\AppData\Roaming\PacificPoker [2011.01.02 18:39:48 | 000,000,000 | ---D | M] -- C:\Users\Augustin\AppData\Roaming\Sports Interactive [2009.07.14 05:53:46 | 000,003,904 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 55885 bytes -> C:\ProgramData:$SS_DESCRIPTOR_MVPUV9PFSVSJTX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPPX45BB8LLSV5XLFUT1YHS6J5KV14TEJSVVNJTK < End of report > Code:
ATTFilter OTL Extras logfile created on: 07.01.2011 13:57:09 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Augustin\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,32 Gb Total Space | 153,00 Gb Free Space | 78,33% Space Free | Partition Type: NTFS
Drive D: | 270,44 Gb Total Space | 205,15 Gb Free Space | 75,86% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 15,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: AUGUSTIN-PC | User Name: Augustin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{BA10AC78-E687-4523-8B93-540428FC256F}" = Fahrenheit
"{CFB9F7A0-A7ED-43A9-9551-EC1F319F971A}" = SuperPower 2
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"888poker" = 888poker
"Activision_THPS2UninstallKey" = Tony Hawk's Pro Skater 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASRock IES_is1" = ASRock IES v2.0.9
"ASRock OC DNA_is1" = ASRock OC DNA v1.5
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.39
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Football Manager 2011" = Football Manager 2011
"Fussballmanager Pro" = Fussballmanager Pro
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CFB9F7A0-A7ED-43A9-9551-EC1F319F971A}" = SuperPower 2
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PartyPoker" = PartyPoker
"Pro Cycling Manager_is1" = Pro Cycling Manager
"rayatitray" = Ray Adams ATI Tray Tools
"SpeedFan" = SpeedFan (remove only)
"Two Worlds" = Two Worlds
"WinAce Archiver" = WinAce Archiver
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Geändert von Sicarith (07.01.2011 um 19:18 Uhr) |
|
08.01.2011, 14:12
| #3 |
| /// Malware-holic   | Computer crash/neustart, dann keine Laufwerke gefunden Details versuch erst mal über computer, rechtsklick c: eigenschaften, tools, fehlerüberprüfung.
__________________dort beide haken setzen und starten. teile mir evtl. fehlermeldungen mit.
__________________ |
|
| Themen zu Computer crash/neustart, dann keine Laufwerke gefunden |
| adobe, alternate, autorun, black, computer, corp./icp, defender, error, explorer, fehler, festplatte, festplattenfehler, firefox, firefox.exe, flash player, fontcache, format, helper, home, home premium, hängt, install.exe, installation, langs, launch, location, logfile, media center, mozilla, neustart, nvlddmkm.sys, nvmf6232.sys, nvstor.sys, oldtimer, port, problem, programdata, registry, rundll, saver, scan, searchplugins, security, shell32.dll, software, start menu, webcheck |
Linear-Darstellung
