| |
| |||||||
Log-Analyse und Auswertung: PC langsam / seltsame FehlerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.04.2011, 16:56
| #1 |
 |  PC langsam / seltsame Fehler Hallo Experten, Ich wusste nicht genau wie ich meinen Threadtitel auswählen sollte und versuche hier noch einmal mein Problem zu schildern. Seit ein paar Tagen läuft mein System nicht mehr so wie es sollte, es läuft langsam und hat z.B ständig Probleme meine Opere.exe zu öffnen (Ja, ich benutze Opera als Webbrowser). Mein Opera Problem sieht wie folgt aus: Damit Opera auch irgendwann startet, muss ich es mehrmals versuchen zu starten, d.h. irgendwann befinden sich auch mehrere opera einträge im task-manager, nur starten tut es nicht, selbst wenn ich es als admin ausführe (vista 32bit system), irgendwann wird es jedoch gestartet. Desweiteren kann ich keine Windows-Updates machen, wenn ich es versuche kommt eine "80072EFE" fehlermeldung. Im Laufe meiner Zeit am Rechner kommt zwischen durch eine Fehlermeldung ( ich weiß nicht genau wie sie heisst) "Hostprozesse für Windowsdienste wurde beendet". Ich werde mal meine Logfiles posten. Malwarebytes: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6390
Windows 6.0.6000
Internet Explorer 8.0.6001.18928
18.04.2011 17:41:21
mbam-log-2011-04-18 (17-41-21).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 164757
Laufzeit: 3 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 18.04.2011 17:44:54 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\sushikiste\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 137,79 Gb Free Space | 47,84% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,84 Gb Free Space | 58,37% Space Free | Partition Type: NTFS
Drive E: | 636,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SUSHIKISTE-PC | User Name: sushikiste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{134958DB-DFD9-43F6-87AF-F711B35F8DBF}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{14176646-394A-41C4-8C2D-7486E00146E3}" = lport=6947 | protocol=17 | dir=in | name=league of legends launcher |
"{161F70BC-06EC-4EF9-96D8-3729DD28E876}" = lport=6885 | protocol=17 | dir=in | name=league of legends launcher |
"{174032D4-5922-4FD3-B911-C93DEE7D08DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{22C8603C-8F7D-4AA5-BD3D-89E18D04AB6C}" = lport=6951 | protocol=6 | dir=in | name=league of legends launcher |
"{2D52D9CD-4917-4356-878F-52F25D639227}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{300A04D8-A4A3-4E05-BE8E-1382D42C422F}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{316170C2-B6EF-478D-ACAB-5735C24AE569}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{32B94D00-1164-4F0B-8D87-B403C9C7230A}" = lport=6908 | protocol=17 | dir=in | name=league of legends launcher |
"{32D59CD5-85DA-44AF-B7FB-71712020A41C}" = lport=6918 | protocol=17 | dir=in | name=league of legends launcher |
"{395B5EF4-D9A0-436C-A858-9CFDFD1266C2}" = lport=6951 | protocol=17 | dir=in | name=league of legends launcher |
"{41621D54-DB13-4E66-8663-3B298BA7A275}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{434802E4-14D3-47A6-93BF-B5E18D5D1664}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher |
"{4619CF0E-A1E7-4F9E-8E7B-693026BFFCD1}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{578754C2-1F38-4284-9877-43D746C3FD89}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{6C1BA13D-5C86-49E4-B08D-3A2CB8EF18A4}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{7957E408-9DD5-4B54-A6F7-7826F19B5F39}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{87E2E196-89F8-43CC-A1D9-C74231FBEFB8}" = lport=6918 | protocol=6 | dir=in | name=league of legends launcher |
"{895B5833-ACBB-44EB-BBDB-23A957760230}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8A455C22-9424-432E-B188-E7CB0F59C182}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{8B920C42-3DB4-4989-A33E-FB076FC96DB3}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{8FB0EE13-C11F-48B9-94E9-6585739004F1}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{8FD5C8D7-ED5F-48FD-8FD8-349E8EDD01A7}" = lport=6925 | protocol=17 | dir=in | name=league of legends launcher |
"{9561D2F1-D0E0-4F82-9573-2B7B3FEC1D8F}" = lport=6912 | protocol=6 | dir=in | name=league of legends launcher |
"{9DC76A25-C7E6-4E98-98EE-A4027CEE54DC}" = lport=6908 | protocol=6 | dir=in | name=league of legends launcher |
"{A0AE6E0E-96BE-42A3-A4EE-530DAB8367B9}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{A101703D-12EE-4407-AD2E-BF1DB1C8AC95}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{AD52F745-60A2-419A-AC14-F381C8FAA30E}" = lport=6885 | protocol=6 | dir=in | name=league of legends launcher |
"{BDED8C30-F196-4F7A-8590-80EAED1EE10E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{C454E5BB-604B-4D36-91DC-CF788C27A198}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{C553120F-62D6-4B1F-8FD6-58BF057CB91F}" = lport=6925 | protocol=6 | dir=in | name=league of legends launcher |
"{CCE15F3E-75BA-4D78-A261-FC83995DA834}" = lport=6912 | protocol=17 | dir=in | name=league of legends launcher |
"{D70089E2-E681-4D7B-98E7-BF53995529A3}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{D8D98E1B-5880-42F9-A299-E7F1FDAF028B}" = lport=6947 | protocol=6 | dir=in | name=league of legends launcher |
"{DE80B1E0-BAE0-4895-9F7F-1A10DAEC1D30}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{F37EBBF7-0B35-441D-BD8B-C30B8DA466CC}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{F5635713-4D86-4B36-99B1-5BBD8BF5DC35}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{F60C41CA-EFDA-428A-8629-10AB282DD9CC}" = lport=6979 | protocol=6 | dir=in | name=league of legends launcher |
"{F8F0952F-BBB7-4A09-80D4-BCF73D573D09}" = lport=6979 | protocol=17 | dir=in | name=league of legends launcher |
"{F903F641-E43C-42DB-A795-57340AAD9FF6}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher |
"{FCB3E0E7-6CEA-48B6-90CF-6DBB741A0DBC}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{FDA7C0E0-306B-4751-8C58-3432C2DECED2}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E95800-5724-409A-AB51-249DFD858CB2}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{0D73330A-79DB-4557-B596-664052D93D8B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{1CC92585-F9C1-4BEB-893F-E12F6530687B}" = protocol=6 | dir=in | app=c:\program files\game\league of legends.exe |
"{2933756A-4B30-49CE-9342-B4E8F6A2771D}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{2DEDA199-9F24-4AAE-BD0D-58390412D977}" = protocol=6 | dir=in | app=c:\program files\world of warcraft public test\launcher.exe |
"{3342639A-A1A6-4025-BBEC-5193D5B5CA40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E7C95C6-EAFA-4060-893B-2D18ABDD5927}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{410821A2-EF28-4CDD-A2DC-257E97C64D5A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{472B86F3-FE39-47C9-ABC3-A5FEDAA8FF33}" = protocol=17 | dir=in | app=c:\program files\air\lolclient.exe |
"{55668923-92AD-4071-8F65-1AC6146D6675}" = protocol=17 | dir=in | app=c:\program files\game\league of legends.exe |
"{59D014BB-DA4B-41F7-B4FA-2F824616A502}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7D2C5C15-D284-4E18-B4FE-FE28F81DB722}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{8B752F90-3DA3-4145-BBFF-705350D49530}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{94D98139-93C4-4AE7-A701-8BB96D145453}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{A7BEBE6F-3F91-48BB-BD2F-D9CA3257599B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AD51EDD3-FAB6-47B0-AE47-397CABE3FABC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD7D7896-4C5B-4ECE-B807-5CE2ED46D306}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B08F4550-2409-44EB-9ABB-A1225CA55428}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B268C401-25FB-4570-9177-4D0DABDACA88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B634123A-FDEF-4720-9C26-4B2FD8263097}" = protocol=6 | dir=in | app=c:\program files\air\lolclient.exe |
"{BB21382E-6AB3-4E39-AA02-DBAE3D5B681A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BE23A2C2-1DCD-4599-9A05-884083ACD78A}" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"{C1FFA3C9-594E-452A-9115-00F6405E6228}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C8A2F66C-23B1-47E5-BB86-E1918C0ECD91}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{CF2B2289-F165-4DEC-A10D-A02B52C556BB}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D2286D3D-0B96-4317-9566-62E6FC9F5583}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D7676590-6A95-4380-8879-EB47F0F6228B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{DEA1C3EC-5E58-46AF-916B-5F0AEF700848}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E14D4D6D-D925-4C9B-85B2-D4FA6DBF94E6}" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"{F55A049C-E8C6-4CFE-AFD1-79F74E89363E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F70A21E5-86F3-4250-91C8-713138D17FEB}" = protocol=17 | dir=in | app=c:\program files\world of warcraft public test\launcher.exe |
"{F8503D22-A725-4AA5-8B92-4909AED843EC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1F6D77E3-ECBA-484B-A637-6FDE926D6EE7}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{3A518229-DE3C-47B4-95C4-7C9EE6155B39}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{4DBB2CA4-39ED-43E6-AD47-AE9143F3F2F6}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{624BB05E-22DE-4C1B-85E0-451DABB921D4}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{636C2056-CDFA-4039-A5D9-F93762DD95F5}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{665CCF3B-AD33-4637-BD66-2022FFC4DF2F}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{789EA55B-22FD-45FE-B7B5-26B361BE5C74}C:\users\sushikiste\desktop\wow offi\launcher.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"TCP Query User{A52B9186-E3DB-4CE2-8A4B-FD83D9337C01}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D391F10B-9D60-4DE7-8C1E-AFB77423F92F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{ECDFBF2D-1729-4B09-99B8-FBC2B3449C6C}C:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{30DA3827-0A79-46D3-A2D0-684433F92CC8}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{5DF47BED-0E00-44E5-85F8-D1E32FF6A91A}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{740D67FE-DD54-4047-8030-93E3221A00EE}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{97403973-67F3-46A8-ABC9-D4DCC70FAA62}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{A0C4FCB3-75A4-4229-AD04-C27FFA028820}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{A2647C15-25DF-44EC-8E7D-0B9F1C41B033}C:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{A502E949-1F50-41A8-B86A-9277DC96F046}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{B2C53353-F6AC-4A8E-B2AF-4DDCDB6B3AD3}C:\users\sushikiste\desktop\wow offi\launcher.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"UDP Query User{B91EB6C5-F877-496D-9AC1-77F7C8ACAD55}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{FE2E8CD0-47F3-44E0-BCE5-3C14D41E2960}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{49058C21-E4F6-4A99-B715-D62715E0A2A2}" = Vegas Pro 9.0
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57C36BD9-856B-4070-8F9C-0D01DC69C8F0}_is1" = Click & Learn 2007
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A96BFADF-A159-4395-8E9C-A9E2F059A3BB}" = Camtasia Studio 7
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CA796D95-C706-4BB9-BDDE-FF228D13D28A}" = Livestream Procaster
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"1EC636D2DBA2D9924E02E10DA797DEC16306C1A9" = Windows Driver Package - Logitech HIDClass (10/16/2006 1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"LogMeIn Hamachi" = LogMeIn Hamachi
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.10.2092" = Opera 11.10
"SearchAnonymizer" = SearchAnonymizer
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"f031ef6ac137efc5" = Dell Driver Download Manager
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2011 20:07:26 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 20:07:26 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 20:07:37 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 20:07:37 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 22:14:38 | Computer Name = sushikiste-PC | Source = Application Hang | ID = 1002
Description = Programm WoW.exe, Version 4.0.6.13623 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1424 Anfangszeit: 01cbfca52aa9cc9b Zeitpunkt der Beendigung:
157
Error - 17.04.2011 10:10:04 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x42c, Anwendungsstartzeit
01cbfcf7be59d189.
Error - 17.04.2011 21:10:03 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x47c, Anwendungsstartzeit
01cbfd5950137d14.
Error - 18.04.2011 00:50:17 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x6c8, Anwendungsstartzeit
01cbfd658e3802bc.
Error - 18.04.2011 10:10:03 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x434, Anwendungsstartzeit
01cbfdccfa982681.
Error - 18.04.2011 11:10:01 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x1364, Anwendungsstartzeit
01cbfdd26dc4dc9b.
[ System Events ]
Error - 10.06.2010 09:34:22 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2010 09:58:58 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.06.2010 09:58:58 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.06.2010 10:00:56 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.06.2010 08:22:22 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:22:22 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:24:20 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.06.2010 08:37:55 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:37:55 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:39:53 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Ich hoffe ich habe so viel Information wie möglich geliefert. |
|
18.04.2011, 17:17
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC langsam / seltsame Fehler Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________Bitte auch mal dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ |
|
18.04.2011, 18:17
| #3 |
| | PC langsam / seltsame Fehler Ok, ich habe das kaspersky tool ausgeführt und es wurde 1 "rootkit" entfernt glaube ich, jedenfalls gab es 1 fund, allerdings habe ich vergessen das logfile zu kopieren, weil ich den pc neustarten sollte, kann ich das logfile noch finden? oder meinst du das logfile von malwarebytes, welches ich nach der anwendung von tdsskiller ausführen soll (wie im tdsskiller thread beschrieben)?
__________________erst einmal meine alten logfiles von Malwarebytes seit dem 11.4 (das nächst ältere ist vom 10.10.2010, falls dir das auch wichtig ist bitte bescheid sagen) 11.4.2011 Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6333
Windows 6.0.6000
Internet Explorer 8.0.6001.18928
11.04.2011 19:22:11
mbam-log-2011-04-11 (19-22-11).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
Durchsuchte Objekte: 319581
Laufzeit: 1 Stunde(n), 26 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\sushikiste\AppData\Local\temp\22CC.tmp (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.
c:\Windows\temp\0.035133400434813944.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6348
Windows 6.0.6000
Internet Explorer 8.0.6001.18928
13.04.2011 05:47:05
mbam-log-2011-04-13 (05-47-05).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
Durchsuchte Objekte: 300244
Laufzeit: 1 Stunde(n), 14 Minute(n), 28 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
hier nochmal das logfile von Malwarebytes nach dem scan von tdsskiller: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6391
Windows 6.0.6000
Internet Explorer 8.0.6001.18928
18.04.2011 19:16:52
mbam-log-2011-04-18 (19-16-52).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 164455
Laufzeit: 3 Minute(n), 4 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
18.04.2011, 18:18
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame FehlerZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.04.2011, 18:25
| #5 |
| | PC langsam / seltsame Fehler hier das logfile: Code:
ATTFilter 2011/04/18 19:22:41.0000 3000 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/18 19:22:41.0290 3000 ================================================================================
2011/04/18 19:22:41.0290 3000 SystemInfo:
2011/04/18 19:22:41.0290 3000
2011/04/18 19:22:41.0290 3000 OS Version: 6.0.6000 ServicePack: 0.0
2011/04/18 19:22:41.0290 3000 Product type: Workstation
2011/04/18 19:22:41.0290 3000 ComputerName: SUSHIKISTE-PC
2011/04/18 19:22:41.0290 3000 UserName: sushikiste
2011/04/18 19:22:41.0290 3000 Windows directory: C:\Windows
2011/04/18 19:22:41.0290 3000 System windows directory: C:\Windows
2011/04/18 19:22:41.0290 3000 Processor architecture: Intel x86
2011/04/18 19:22:41.0290 3000 Number of processors: 2
2011/04/18 19:22:41.0291 3000 Page size: 0x1000
2011/04/18 19:22:41.0291 3000 Boot type: Normal boot
2011/04/18 19:22:41.0291 3000 ================================================================================
2011/04/18 19:22:47.0690 3000 Initialize success
2011/04/18 19:22:49.0861 3472 ================================================================================
2011/04/18 19:22:49.0861 3472 Scan started
2011/04/18 19:22:49.0861 3472 Mode: Manual;
2011/04/18 19:22:49.0861 3472 ================================================================================
2011/04/18 19:22:51.0205 3472 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/04/18 19:22:51.0276 3472 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/18 19:22:51.0330 3472 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/18 19:22:51.0377 3472 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/18 19:22:51.0408 3472 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/18 19:22:51.0477 3472 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/04/18 19:22:51.0539 3472 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/18 19:22:51.0608 3472 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/18 19:22:51.0684 3472 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
2011/04/18 19:22:51.0715 3472 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/18 19:22:51.0733 3472 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
2011/04/18 19:22:51.0760 3472 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/18 19:22:51.0799 3472 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/18 19:22:51.0895 3472 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/18 19:22:51.0965 3472 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/18 19:22:52.0034 3472 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/18 19:22:52.0079 3472 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
2011/04/18 19:22:52.0116 3472 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/18 19:22:52.0198 3472 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/18 19:22:52.0278 3472 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/04/18 19:22:52.0301 3472 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/04/18 19:22:52.0359 3472 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/18 19:22:52.0407 3472 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/18 19:22:52.0437 3472 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/18 19:22:52.0513 3472 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/18 19:22:52.0576 3472 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/18 19:22:52.0638 3472 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/18 19:22:52.0662 3472 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/18 19:22:52.0688 3472 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/18 19:22:52.0801 3472 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/18 19:22:52.0852 3472 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/18 19:22:52.0901 3472 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/18 19:22:52.0957 3472 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/04/18 19:22:53.0024 3472 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
2011/04/18 19:22:53.0050 3472 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/18 19:22:53.0071 3472 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/18 19:22:53.0101 3472 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/18 19:22:53.0166 3472 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/04/18 19:22:53.0236 3472 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/04/18 19:22:53.0284 3472 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/18 19:22:53.0315 3472 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/18 19:22:53.0368 3472 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/18 19:22:53.0395 3472 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/04/18 19:22:53.0479 3472 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/18 19:22:53.0532 3472 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/04/18 19:22:53.0571 3472 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/18 19:22:53.0617 3472 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/04/18 19:22:53.0659 3472 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/04/18 19:22:53.0684 3472 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/18 19:22:53.0703 3472 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/04/18 19:22:53.0761 3472 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/18 19:22:53.0798 3472 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/18 19:22:53.0863 3472 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/18 19:22:53.0927 3472 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/18 19:22:54.0006 3472 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/18 19:22:54.0052 3472 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/18 19:22:54.0093 3472 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/18 19:22:54.0123 3472 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/18 19:22:54.0168 3472 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/18 19:22:54.0212 3472 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/18 19:22:54.0273 3472 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/04/18 19:22:54.0318 3472 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/18 19:22:54.0386 3472 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/18 19:22:54.0419 3472 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/18 19:22:54.0505 3472 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/18 19:22:54.0619 3472 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/18 19:22:54.0685 3472 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
2011/04/18 19:22:54.0718 3472 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/18 19:22:54.0782 3472 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/18 19:22:54.0837 3472 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/18 19:22:54.0872 3472 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/18 19:22:54.0896 3472 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/04/18 19:22:54.0929 3472 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/18 19:22:59.0204 3472 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/18 19:22:59.0248 3472 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/18 19:22:59.0275 3472 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/18 19:22:59.0446 3472 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/18 19:22:59.0466 3472 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/18 19:22:59.0525 3472 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/18 19:22:59.0605 3472 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys
2011/04/18 19:22:59.0641 3472 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys
2011/04/18 19:22:59.0685 3472 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/18 19:22:59.0753 3472 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/18 19:22:59.0842 3472 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/18 19:22:59.0903 3472 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/18 19:22:59.0924 3472 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/04/18 19:23:00.0149 3472 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/04/18 19:23:00.0396 3472 LVRS (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys
2011/04/18 19:23:00.0494 3472 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/18 19:23:00.0575 3472 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/04/18 19:23:00.0626 3472 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/18 19:23:00.0660 3472 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/18 19:23:00.0714 3472 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/18 19:23:00.0750 3472 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/04/18 19:23:00.0834 3472 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/18 19:23:00.0891 3472 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/18 19:23:00.0950 3472 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/18 19:23:01.0029 3472 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/04/18 19:23:01.0063 3472 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/18 19:23:01.0090 3472 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/18 19:23:01.0113 3472 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/18 19:23:01.0189 3472 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
2011/04/18 19:23:01.0262 3472 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/18 19:23:01.0296 3472 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/04/18 19:23:01.0342 3472 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/04/18 19:23:01.0441 3472 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/18 19:23:01.0466 3472 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/18 19:23:01.0497 3472 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/04/18 19:23:01.0545 3472 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/04/18 19:23:01.0594 3472 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/18 19:23:01.0630 3472 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/04/18 19:23:01.0676 3472 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/04/18 19:23:01.0776 3472 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/18 19:23:01.0820 3472 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/04/18 19:23:01.0895 3472 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/18 19:23:01.0916 3472 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/18 19:23:01.0938 3472 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/18 19:23:01.0969 3472 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/04/18 19:23:01.0992 3472 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/18 19:23:02.0019 3472 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/18 19:23:02.0084 3472 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/18 19:23:02.0110 3472 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/04/18 19:23:02.0160 3472 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/18 19:23:02.0217 3472 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/04/18 19:23:02.0294 3472 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/18 19:23:02.0389 3472 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/04/18 19:23:02.0455 3472 NVENETFD (19055a1c1076ef48e738d26ea7fb8017) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/04/18 19:23:02.0729 3472 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/18 19:23:02.0818 3472 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\Windows\nvoclock.sys
2011/04/18 19:23:02.0879 3472 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
2011/04/18 19:23:02.0936 3472 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/04/18 19:23:03.0052 3472 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/18 19:23:03.0215 3472 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/18 19:23:03.0348 3472 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/04/18 19:23:03.0372 3472 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/04/18 19:23:03.0428 3472 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/04/18 19:23:03.0476 3472 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/04/18 19:23:03.0528 3472 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
2011/04/18 19:23:03.0594 3472 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/18 19:23:03.0661 3472 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/18 19:23:03.0735 3472 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\Windows\system32\DRIVERS\lv302af.sys
2011/04/18 19:23:03.0893 3472 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/04/18 19:23:04.0151 3472 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/18 19:23:04.0225 3472 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/18 19:23:04.0370 3472 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/18 19:23:04.0460 3472 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/18 19:23:04.0545 3472 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/18 19:23:04.0611 3472 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/18 19:23:04.0658 3472 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/18 19:23:04.0712 3472 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/18 19:23:04.0745 3472 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/18 19:23:05.0277 3472 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/18 19:23:05.0396 3472 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/18 19:23:05.0481 3472 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/18 19:23:05.0658 3472 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/18 19:23:05.0877 3472 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/04/18 19:23:06.0002 3472 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/18 19:23:06.0137 3472 RTL8187B (872c4e777bedcd7f99dc09016b5e6f39) C:\Windows\system32\DRIVERS\wg111v3.sys
2011/04/18 19:23:06.0661 3472 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
2011/04/18 19:23:06.0721 3472 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
2011/04/18 19:23:06.0771 3472 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
2011/04/18 19:23:06.0856 3472 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
2011/04/18 19:23:06.0904 3472 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
2011/04/18 19:23:06.0944 3472 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
2011/04/18 19:23:06.0988 3472 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
2011/04/18 19:23:07.0091 3472 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/18 19:23:07.0162 3472 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/18 19:23:07.0223 3472 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
2011/04/18 19:23:07.0313 3472 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/04/18 19:23:07.0357 3472 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/04/18 19:23:07.0442 3472 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/04/18 19:23:07.0562 3472 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/18 19:23:07.0594 3472 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/18 19:23:07.0661 3472 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/18 19:23:07.0695 3472 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/18 19:23:07.0782 3472 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/18 19:23:07.0870 3472 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/18 19:23:07.0961 3472 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/18 19:23:08.0023 3472 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/04/18 19:23:08.0067 3472 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/04/18 19:23:08.0284 3472 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/04/18 19:23:08.0284 3472 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/04/18 19:23:08.0291 3472 sptd - detected Locked file (1)
2011/04/18 19:23:08.0353 3472 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/18 19:23:08.0493 3472 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/18 19:23:08.0629 3472 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/18 19:23:08.0765 3472 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/18 19:23:09.0203 3472 SVKP (f05028b163b92c302a74409d683ac9b0) C:\Windows\system32\SVKP.sys
2011/04/18 19:23:09.0735 3472 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/18 19:23:10.0177 3472 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/18 19:23:10.0513 3472 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/18 19:23:10.0731 3472 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/18 19:23:10.0922 3472 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/04/18 19:23:11.0032 3472 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/18 19:23:11.0349 3472 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/18 19:23:11.0973 3472 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/04/18 19:23:12.0504 3472 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/18 19:23:13.0356 3472 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/18 19:23:14.0184 3472 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/18 19:23:14.0417 3472 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/18 19:23:14.0576 3472 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/18 19:23:14.0823 3472 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/18 19:23:15.0015 3472 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/18 19:23:15.0443 3472 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/18 19:23:16.0641 3472 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/18 19:23:17.0777 3472 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/18 19:23:18.0829 3472 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/18 19:23:19.0709 3472 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/18 19:23:19.0946 3472 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/18 19:23:20.0174 3472 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/18 19:23:20.0238 3472 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
2011/04/18 19:23:20.0337 3472 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/18 19:23:20.0384 3472 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/18 19:23:20.0440 3472 usbehci (63fe924d8a1113c3ba6750693fbec7d3) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/18 19:23:20.0589 3472 usbhub (5edec5510592c905e91817707dce62a2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/18 19:23:20.0718 3472 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/18 19:23:20.0871 3472 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/04/18 19:23:21.0037 3472 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/18 19:23:21.0204 3472 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/18 19:23:21.0382 3472 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/18 19:23:21.0499 3472 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/04/18 19:23:21.0612 3472 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/18 19:23:21.0761 3472 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/18 19:23:22.0058 3472 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
2011/04/18 19:23:22.0151 3472 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/04/18 19:23:22.0174 3472 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/04/18 19:23:22.0224 3472 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/04/18 19:23:22.0367 3472 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/18 19:23:22.0527 3472 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/18 19:23:22.0602 3472 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/18 19:23:22.0662 3472 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/18 19:23:22.0708 3472 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/18 19:23:23.0150 3472 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/18 19:23:23.0391 3472 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/18 19:23:23.0641 3472 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/18 19:23:23.0717 3472 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/18 19:23:23.0844 3472 ================================================================================
2011/04/18 19:23:23.0844 3472 Scan finished
2011/04/18 19:23:23.0844 3472 ================================================================================
2011/04/18 19:23:23.0856 3156 Detected object count: 1
2011/04/18 19:23:33.0089 3156 Locked file(sptd) - User select action: Skip
|
|
18.04.2011, 18:38
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame Fehler Poste bitte neue OTL-Logs: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ --> PC langsam / seltsame Fehler |
|
18.04.2011, 18:42
| #7 |
| | PC langsam / seltsame Fehler OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 18.04.2011 19:39:44 - Run 5 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\sushikiste\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 288,04 Gb Total Space | 137,76 Gb Free Space | 47,83% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,84 Gb Free Space | 58,37% Space Free | Partition Type: NTFS Drive E: | 636,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SUSHIKISTE-PC | User Name: sushikiste | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\sushikiste\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe () ========== Modules (SafeList) ========== MOD - C:\Users\sushikiste\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SearchAnonymizer) -- C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (SVKP) -- C:\Windows\System32\SVKP.sys (AntiCracking) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.) DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.) DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.) DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (NVR0Dev) -- C:\Windows\nvoclock.sys (NVidia Corp.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.de/search?q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2 FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?q=" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:35:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.15 03:05:00 | 000,000,000 | ---D | M] [2010.09.16 23:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Extensions [2011.04.11 18:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions [2011.02.08 08:32:44 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010.09.17 19:38:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.11 18:24:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.28 19:53:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.03.28 19:53:04 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.03.11 02:04:25 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011.03.11 02:04:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com [2011.03.11 02:04:39 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com [2010.12.08 16:47:52 | 000,000,927 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\Mozilla\Firefox\Profiles\aumc5ur9.default\searchplugins\conduit.xml [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\Mozilla\Firefox\Profiles\aumc5ur9.default\searchplugins\icqplugin.xml [2011.02.22 15:52:49 | 000,001,196 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\Mozilla\Firefox\Profiles\aumc5ur9.default\searchplugins\winamp-search.xml [2011.04.11 22:46:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010.11.26 18:26:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.11 22:46:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.04.11 22:46:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2011.04.12 19:20:57 | 000,001,382 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.14 23:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml [2010.09.14 23:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.14 23:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.14 23:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found. O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [Ocs_SM] C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - File not found O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: ({DLL_Str}) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\unlgluhp\dtasvuqg.exe) - File not found O24 - Desktop WallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.18 18:54:24 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\sushikiste\Desktop\tdsskiller.exe [2011.04.18 16:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.04.18 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011.04.18 16:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps [2011.04.18 16:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.04.18 16:10:27 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.04.18 02:06:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe [2011.04.18 01:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.15 03:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011.04.13 01:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\lol-cb3.game_p [2011.04.13 01:37:35 | 000,194,376 | ---- | C] (Solid State Networks) -- C:\Program Files\patcher_update_tmp.exe [2011.04.13 01:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\lol-cb3.patcher_15 [2011.04.13 01:36:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2011.04.13 01:36:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2011.04.13 01:36:23 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2011.04.13 01:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\html [2011.04.13 01:29:53 | 000,114,688 | ---- | C] (TODO: <Company name>) -- C:\Program Files\CRiotInternetSecurityManagerCom.dll [2011.04.13 01:29:53 | 000,110,592 | ---- | C] (Solid State Networks) -- C:\Program Files\CRiotLauncherElevateCOM.dll [2011.04.13 01:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\air [2011.04.13 01:29:51 | 000,421,888 | ---- | C] (Solid State Networks) -- C:\Program Files\lol.launcher.exe [2011.04.13 01:29:51 | 000,194,376 | ---- | C] (Solid State Networks) -- C:\Program Files\patcher_update.exe [2011.04.13 01:29:51 | 000,176,968 | ---- | C] (Solid State Networks) -- C:\Program Files\patcher_lib.decode.dll [2011.04.13 01:29:51 | 000,118,784 | ---- | C] (Solid State Networks) -- C:\Program Files\launcher.maestro.dll [2011.04.13 01:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\game [2011.04.13 01:29:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.04.12 22:32:14 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\League of Legends [2011.04.12 22:30:59 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Local\PMB Files [2011.04.12 22:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.04.12 19:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2011.04.11 22:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011.04.11 22:46:47 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.04.11 22:46:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.04.11 22:46:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.04.11 22:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.04.11 18:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4 [2011.04.11 18:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.4 [2011.04.11 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2011.04.11 18:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Teamspeak3 [2011.04.11 15:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\unlgluhp [2011.04.03 12:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.04.03 12:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2011.03.28 19:53:21 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Local\Conduit [2011.03.21 18:23:37 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\Sun [2011.02.12 17:09:31 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5285.dll [2011.02.12 17:03:44 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe3F8.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\sushikiste\*.tmp files -> C:\Users\sushikiste\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.18 19:28:14 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.18 19:28:14 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.18 19:28:14 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.18 19:28:14 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.18 19:22:36 | 000,037,397 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.04.18 19:22:36 | 000,037,397 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.04.18 19:21:59 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.18 19:21:59 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.18 19:21:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.18 18:54:27 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\sushikiste\Desktop\tdsskiller.exe [2011.04.18 18:52:11 | 000,000,127 | ---- | M] () -- C:\Program Files\launcher_options.ini [2011.04.18 16:59:22 | 000,109,568 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.18 16:40:12 | 858,282,968 | ---- | M] () -- C:\Users\sushikiste\Documents\KarimZappex.avi [2011.04.18 16:11:04 | 000,000,730 | ---- | M] () -- C:\Users\sushikiste\Desktop\Fraps.lnk [2011.04.18 16:10:06 | 001,530,725 | ---- | M] () -- C:\Users\sushikiste\Desktop\wrar400d.exe [2011.04.18 02:06:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe [2011.04.18 01:53:32 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.15 16:53:39 | 000,000,190 | ---- | M] () -- C:\Program Files\lol-cb3.game.version [2011.04.15 16:53:38 | 000,000,020 | ---- | M] () -- C:\Program Files\gameversion_Live_04_11_2011_01 [2011.04.15 16:50:43 | 000,000,010 | ---- | M] () -- C:\Program Files\airversion_v1.33.22 [2011.04.15 03:05:01 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.04.15 02:59:10 | 000,001,574 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2011.04.13 01:37:43 | 000,000,190 | ---- | M] () -- C:\Program Files\lol-cb3.patcher.version [2011.04.13 01:37:40 | 000,001,693 | ---- | M] () -- C:\Program Files\launcher_config.xml [2011.04.13 01:36:26 | 000,001,513 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.04.12 22:29:40 | 002,257,408 | ---- | M] () -- C:\Users\sushikiste\Desktop\LeagueofLegends.exe [2011.04.11 22:46:34 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.04.11 22:46:34 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.04.11 22:46:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.04.11 22:46:34 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.04.11 18:24:17 | 000,001,569 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.04.11 18:14:34 | 000,000,863 | ---- | M] () -- C:\Users\sushikiste\Desktop\TeamSpeak 3 Client.lnk [2011.04.09 13:17:10 | 000,002,032 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\d3d9caps.dat [2011.04.03 12:57:36 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2011.03.28 19:52:50 | 000,001,151 | ---- | M] () -- C:\Users\sushikiste\Desktop\Free YouTube to MP3 Converter.lnk [2011.03.28 10:45:36 | 000,300,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\sushikiste\*.tmp files -> C:\Users\sushikiste\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.18 16:39:20 | 858,282,968 | ---- | C] () -- C:\Users\sushikiste\Documents\KarimZappex.avi [2011.04.18 16:11:04 | 000,000,730 | ---- | C] () -- C:\Users\sushikiste\Desktop\Fraps.lnk [2011.04.18 16:10:06 | 001,530,725 | ---- | C] () -- C:\Users\sushikiste\Desktop\wrar400d.exe [2011.04.18 01:53:32 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.15 16:53:38 | 000,000,020 | ---- | C] () -- C:\Program Files\gameversion_Live_04_11_2011_01 [2011.04.15 16:50:43 | 000,000,010 | ---- | C] () -- C:\Program Files\airversion_v1.33.22 [2011.04.15 03:05:01 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.04.15 03:05:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.04.15 02:59:11 | 000,001,586 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011.04.15 02:59:10 | 000,001,574 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2011.04.13 01:36:26 | 000,001,513 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.04.13 01:29:51 | 000,192,512 | ---- | C] () -- C:\Program Files\xdelta.exe [2011.04.13 01:29:51 | 000,059,904 | ---- | C] () -- C:\Program Files\zlib1.dll [2011.04.13 01:29:51 | 000,001,693 | ---- | C] () -- C:\Program Files\launcher_config.xml [2011.04.13 01:29:51 | 000,000,190 | ---- | C] () -- C:\Program Files\lol-cb3.patcher.version [2011.04.13 01:29:51 | 000,000,190 | ---- | C] () -- C:\Program Files\lol-cb3.game.version [2011.04.13 01:29:51 | 000,000,127 | ---- | C] () -- C:\Program Files\launcher_options.ini [2011.04.13 01:29:50 | 000,954,368 | ---- | C] () -- C:\Program Files\launcher.lib.dll [2011.04.13 01:29:50 | 000,057,344 | ---- | C] () -- C:\Program Files\launcher.lang-fr.dll [2011.04.13 01:29:50 | 000,057,344 | ---- | C] () -- C:\Program Files\launcher.lang-es.dll [2011.04.13 01:29:50 | 000,057,344 | ---- | C] () -- C:\Program Files\launcher.lang-de.dll [2011.04.13 01:29:50 | 000,053,248 | ---- | C] () -- C:\Program Files\launcher.lang-en.dll [2011.04.12 22:29:37 | 002,257,408 | ---- | C] () -- C:\Users\sushikiste\Desktop\LeagueofLegends.exe [2011.04.11 18:24:17 | 000,001,569 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.03.28 19:52:50 | 000,001,151 | ---- | C] () -- C:\Users\sushikiste\Desktop\Free YouTube to MP3 Converter.lnk [2011.01.13 18:41:25 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2010.10.05 14:54:28 | 000,037,397 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.10.05 14:54:25 | 000,037,397 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.08.08 21:02:18 | 000,017,408 | ---- | C] () -- C:\Users\sushikiste\AppData\Local\WebpageIcons.db [2010.07.28 15:44:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.24 16:49:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010.06.24 16:49:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010.06.24 16:49:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010.06.24 16:49:16 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010.06.24 16:49:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.06.13 18:35:09 | 000,139,152 | ---- | C] () -- C:\Users\sushikiste\AppData\Roaming\PnkBstrK.sys [2010.04.22 10:48:53 | 000,000,000 | ---- | C] () -- C:\Windows\I531_1013.INI [2010.04.21 18:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2010.04.21 13:45:51 | 000,109,568 | ---- | C] () -- C:\Users\sushikiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.20 20:49:23 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2010.04.20 20:43:37 | 000,002,032 | ---- | C] () -- C:\Users\sushikiste\AppData\Local\d3d9caps.dat [2009.10.07 02:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2009.10.07 02:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,300,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Zeug:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Videos:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Musik:Roxio EMC Stream @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > Extras OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 18.04.2011 19:39:44 - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\sushikiste\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 137,76 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,84 Gb Free Space | 58,37% Space Free | Partition Type: NTFS
Drive E: | 636,70 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SUSHIKISTE-PC | User Name: sushikiste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{134958DB-DFD9-43F6-87AF-F711B35F8DBF}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{14176646-394A-41C4-8C2D-7486E00146E3}" = lport=6947 | protocol=17 | dir=in | name=league of legends launcher |
"{161F70BC-06EC-4EF9-96D8-3729DD28E876}" = lport=6885 | protocol=17 | dir=in | name=league of legends launcher |
"{174032D4-5922-4FD3-B911-C93DEE7D08DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{22C8603C-8F7D-4AA5-BD3D-89E18D04AB6C}" = lport=6951 | protocol=6 | dir=in | name=league of legends launcher |
"{2D52D9CD-4917-4356-878F-52F25D639227}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{300A04D8-A4A3-4E05-BE8E-1382D42C422F}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{316170C2-B6EF-478D-ACAB-5735C24AE569}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{32B94D00-1164-4F0B-8D87-B403C9C7230A}" = lport=6908 | protocol=17 | dir=in | name=league of legends launcher |
"{32D59CD5-85DA-44AF-B7FB-71712020A41C}" = lport=6918 | protocol=17 | dir=in | name=league of legends launcher |
"{395B5EF4-D9A0-436C-A858-9CFDFD1266C2}" = lport=6951 | protocol=17 | dir=in | name=league of legends launcher |
"{41621D54-DB13-4E66-8663-3B298BA7A275}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{434802E4-14D3-47A6-93BF-B5E18D5D1664}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher |
"{4619CF0E-A1E7-4F9E-8E7B-693026BFFCD1}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{578754C2-1F38-4284-9877-43D746C3FD89}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{6C1BA13D-5C86-49E4-B08D-3A2CB8EF18A4}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{7957E408-9DD5-4B54-A6F7-7826F19B5F39}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{87E2E196-89F8-43CC-A1D9-C74231FBEFB8}" = lport=6918 | protocol=6 | dir=in | name=league of legends launcher |
"{895B5833-ACBB-44EB-BBDB-23A957760230}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8A455C22-9424-432E-B188-E7CB0F59C182}" = lport=6886 | protocol=17 | dir=in | name=league of legends launcher |
"{8B920C42-3DB4-4989-A33E-FB076FC96DB3}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{8FB0EE13-C11F-48B9-94E9-6585739004F1}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{8FD5C8D7-ED5F-48FD-8FD8-349E8EDD01A7}" = lport=6925 | protocol=17 | dir=in | name=league of legends launcher |
"{9561D2F1-D0E0-4F82-9573-2B7B3FEC1D8F}" = lport=6912 | protocol=6 | dir=in | name=league of legends launcher |
"{9DC76A25-C7E6-4E98-98EE-A4027CEE54DC}" = lport=6908 | protocol=6 | dir=in | name=league of legends launcher |
"{A0AE6E0E-96BE-42A3-A4EE-530DAB8367B9}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{A101703D-12EE-4407-AD2E-BF1DB1C8AC95}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{AD52F745-60A2-419A-AC14-F381C8FAA30E}" = lport=6885 | protocol=6 | dir=in | name=league of legends launcher |
"{BDED8C30-F196-4F7A-8590-80EAED1EE10E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{C454E5BB-604B-4D36-91DC-CF788C27A198}" = lport=6886 | protocol=6 | dir=in | name=league of legends launcher |
"{C553120F-62D6-4B1F-8FD6-58BF057CB91F}" = lport=6925 | protocol=6 | dir=in | name=league of legends launcher |
"{CCE15F3E-75BA-4D78-A261-FC83995DA834}" = lport=6912 | protocol=17 | dir=in | name=league of legends launcher |
"{D70089E2-E681-4D7B-98E7-BF53995529A3}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{D8D98E1B-5880-42F9-A299-E7F1FDAF028B}" = lport=6947 | protocol=6 | dir=in | name=league of legends launcher |
"{DE80B1E0-BAE0-4895-9F7F-1A10DAEC1D30}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{F37EBBF7-0B35-441D-BD8B-C30B8DA466CC}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{F5635713-4D86-4B36-99B1-5BBD8BF5DC35}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{F60C41CA-EFDA-428A-8629-10AB282DD9CC}" = lport=6979 | protocol=6 | dir=in | name=league of legends launcher |
"{F8F0952F-BBB7-4A09-80D4-BCF73D573D09}" = lport=6979 | protocol=17 | dir=in | name=league of legends launcher |
"{F903F641-E43C-42DB-A795-57340AAD9FF6}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher |
"{FCB3E0E7-6CEA-48B6-90CF-6DBB741A0DBC}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{FDA7C0E0-306B-4751-8C58-3432C2DECED2}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E95800-5724-409A-AB51-249DFD858CB2}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{0D73330A-79DB-4557-B596-664052D93D8B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{1CC92585-F9C1-4BEB-893F-E12F6530687B}" = protocol=6 | dir=in | app=c:\program files\game\league of legends.exe |
"{2933756A-4B30-49CE-9342-B4E8F6A2771D}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{2DEDA199-9F24-4AAE-BD0D-58390412D977}" = protocol=6 | dir=in | app=c:\program files\world of warcraft public test\launcher.exe |
"{3342639A-A1A6-4025-BBEC-5193D5B5CA40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E7C95C6-EAFA-4060-893B-2D18ABDD5927}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{410821A2-EF28-4CDD-A2DC-257E97C64D5A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{472B86F3-FE39-47C9-ABC3-A5FEDAA8FF33}" = protocol=17 | dir=in | app=c:\program files\air\lolclient.exe |
"{55668923-92AD-4071-8F65-1AC6146D6675}" = protocol=17 | dir=in | app=c:\program files\game\league of legends.exe |
"{59D014BB-DA4B-41F7-B4FA-2F824616A502}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7D2C5C15-D284-4E18-B4FE-FE28F81DB722}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{8B752F90-3DA3-4145-BBFF-705350D49530}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{94D98139-93C4-4AE7-A701-8BB96D145453}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{A7BEBE6F-3F91-48BB-BD2F-D9CA3257599B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AD51EDD3-FAB6-47B0-AE47-397CABE3FABC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD7D7896-4C5B-4ECE-B807-5CE2ED46D306}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B08F4550-2409-44EB-9ABB-A1225CA55428}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B268C401-25FB-4570-9177-4D0DABDACA88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B634123A-FDEF-4720-9C26-4B2FD8263097}" = protocol=6 | dir=in | app=c:\program files\air\lolclient.exe |
"{BB21382E-6AB3-4E39-AA02-DBAE3D5B681A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BE23A2C2-1DCD-4599-9A05-884083ACD78A}" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"{C1FFA3C9-594E-452A-9115-00F6405E6228}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C8A2F66C-23B1-47E5-BB86-E1918C0ECD91}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{CF2B2289-F165-4DEC-A10D-A02B52C556BB}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D2286D3D-0B96-4317-9566-62E6FC9F5583}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D7676590-6A95-4380-8879-EB47F0F6228B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{DEA1C3EC-5E58-46AF-916B-5F0AEF700848}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E14D4D6D-D925-4C9B-85B2-D4FA6DBF94E6}" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"{F55A049C-E8C6-4CFE-AFD1-79F74E89363E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F70A21E5-86F3-4250-91C8-713138D17FEB}" = protocol=17 | dir=in | app=c:\program files\world of warcraft public test\launcher.exe |
"{F8503D22-A725-4AA5-8B92-4909AED843EC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1F6D77E3-ECBA-484B-A637-6FDE926D6EE7}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{3A518229-DE3C-47B4-95C4-7C9EE6155B39}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{4DBB2CA4-39ED-43E6-AD47-AE9143F3F2F6}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{624BB05E-22DE-4C1B-85E0-451DABB921D4}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{636C2056-CDFA-4039-A5D9-F93762DD95F5}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{665CCF3B-AD33-4637-BD66-2022FFC4DF2F}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{789EA55B-22FD-45FE-B7B5-26B361BE5C74}C:\users\sushikiste\desktop\wow offi\launcher.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"TCP Query User{A52B9186-E3DB-4CE2-8A4B-FD83D9337C01}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D391F10B-9D60-4DE7-8C1E-AFB77423F92F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{ECDFBF2D-1729-4B09-99B8-FBC2B3449C6C}C:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{30DA3827-0A79-46D3-A2D0-684433F92CC8}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{5DF47BED-0E00-44E5-85F8-D1E32FF6A91A}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{740D67FE-DD54-4047-8030-93E3221A00EE}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{97403973-67F3-46A8-ABC9-D4DCC70FAA62}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{A0C4FCB3-75A4-4229-AD04-C27FFA028820}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{A2647C15-25DF-44EC-8E7D-0B9F1C41B033}C:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{A502E949-1F50-41A8-B86A-9277DC96F046}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{B2C53353-F6AC-4A8E-B2AF-4DDCDB6B3AD3}C:\users\sushikiste\desktop\wow offi\launcher.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\wow offi\launcher.exe |
"UDP Query User{B91EB6C5-F877-496D-9AC1-77F7C8ACAD55}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{FE2E8CD0-47F3-44E0-BCE5-3C14D41E2960}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{49058C21-E4F6-4A99-B715-D62715E0A2A2}" = Vegas Pro 9.0
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57C36BD9-856B-4070-8F9C-0D01DC69C8F0}_is1" = Click & Learn 2007
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A96BFADF-A159-4395-8E9C-A9E2F059A3BB}" = Camtasia Studio 7
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CA796D95-C706-4BB9-BDDE-FF228D13D28A}" = Livestream Procaster
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"1EC636D2DBA2D9924E02E10DA797DEC16306C1A9" = Windows Driver Package - Logitech HIDClass (10/16/2006 1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"LogMeIn Hamachi" = LogMeIn Hamachi
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.10.2092" = Opera 11.10
"SearchAnonymizer" = SearchAnonymizer
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"f031ef6ac137efc5" = Dell Driver Download Manager
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2011 20:07:26 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 20:07:37 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 20:07:37 | Computer Name = sushikiste-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
Error - 16.04.2011 22:14:38 | Computer Name = sushikiste-PC | Source = Application Hang | ID = 1002
Description = Programm WoW.exe, Version 4.0.6.13623 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1424 Anfangszeit: 01cbfca52aa9cc9b Zeitpunkt der Beendigung:
157
Error - 17.04.2011 10:10:04 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x42c, Anwendungsstartzeit
01cbfcf7be59d189.
Error - 17.04.2011 21:10:03 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x47c, Anwendungsstartzeit
01cbfd5950137d14.
Error - 18.04.2011 00:50:17 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x6c8, Anwendungsstartzeit
01cbfd658e3802bc.
Error - 18.04.2011 10:10:03 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x434, Anwendungsstartzeit
01cbfdccfa982681.
Error - 18.04.2011 11:10:01 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x1364, Anwendungsstartzeit
01cbfdd26dc4dc9b.
Error - 18.04.2011 12:10:01 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x430, Anwendungsstartzeit
01cbfddc5d7bec78.
[ System Events ]
Error - 10.06.2010 09:32:24 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.06.2010 09:34:22 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 10.06.2010 09:58:58 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.06.2010 09:58:58 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 10.06.2010 10:00:56 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.06.2010 08:22:22 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:22:22 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:24:20 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.06.2010 08:37:55 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
9, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 11.06.2010 08:37:55 | Computer Name = sushikiste-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
< End of report >
|
|
18.04.2011, 18:48
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame Fehler Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Zeug:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Musik:Roxio EMC Stream
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF
[2011.04.13 01:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\lol-cb3.game_p
[2011.04.18 16:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O4 - HKLM..\Run: [] File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
[2010.09.16 23:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Extensions
[2011.04.11 18:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions
[2011.02.08 08:32:44 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.09.17 19:38:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.11 18:24:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.28 19:53:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.03.28 19:53:04 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.11 02:04:25 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.11 02:04:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2011, 18:54
| #9 |
| | PC langsam / seltsame FehlerCode:
ATTFilter All processes killed
========== OTL ==========
Unable to delete ADS C:\Users\sushikiste\Desktop\Zeug:Roxio EMC Stream .
ADS C:\Users\sushikiste\Desktop\Videos:Roxio EMC Stream deleted successfully.
ADS C:\Users\sushikiste\Desktop\Musik:Roxio EMC Stream deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Sounds\FMOD folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Sounds folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Shaders\DX9_P1\SIMPLE_ENVIRONMENT folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Shaders\DX9_P1 folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Shaders folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Particles folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\Menu folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\LanguageFilters folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\CFG\defaults folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA\CFG folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game\DATA folder moved successfully.
C:\Program Files\lol-cb3.game_p\Game folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\META-INF folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\css folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList\fr_FR folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList\es_ES folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList\en_US folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList\en_GB folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList\de_DE folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\wordList folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages\layout folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages\content\champion_portraits folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages\content\champions folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages\content\bundles folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages\content folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\storeImages folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\sounds\es_ES\champions folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\sounds\es_ES folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\sounds folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\locale folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\images\image folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\images\champions folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\images folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\help\de_DE folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\help folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\data\champions folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets\data folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air\assets folder moved successfully.
C:\Program Files\lol-cb3.game_p\Air folder moved successfully.
C:\Program Files\lol-cb3.game_p folder moved successfully.
C:\ProgramData\TEMP folder moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ not found.
File L:\LaunchU3.exe -a not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
C:\Program Files\softonic-de3\tbsoft.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ deleted successfully.
C:\Program Files\DVDVideoSoft\tbDVDV.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.
File C:\Program Files\DVDVideoSoft\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}\ not found.
File C:\Program Files\DVDVideoSoft\tbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
C:\Users\sushikiste\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\searchplugin folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\META-INF folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\lib folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\content\preferences folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\content\images folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\content folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\ffxtlbr@Facemoods.com folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions folder moved successfully.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Folder C:\Users\sushikiste\AppData\Roaming\mozilla\Firefox\Profiles\aumc5ur9.default\extensions\engine@conduit.com\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files\softonic-de3\tbsoft.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.
File C:\Program Files\DVDVideoSoft\tbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1104111824\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files\softonic-de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.
File C:\Program Files\DVDVideoSoft\tbDVDV.dll not found.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
========== COMMANDS ==========
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Andere
->Temp folder emptied: 33697 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: sushikiste
->Temp folder emptied: 1812801 bytes
->Temporary Internet Files folder emptied: 5878685 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 47601498 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 2708024 bytes
->Flash cache emptied: 61069 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 177815475 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 270490 bytes
RecycleBin emptied: 198632 bytes
Total Files Cleaned = 226,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04182011_195022
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
18.04.2011, 18:59
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame Fehler Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2011, 19:05
| #11 |
| | PC langsam / seltsame FehlerCode:
ATTFilter 2011/04/18 20:03:31.0775 4544 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/18 20:03:32.0072 4544 ================================================================================
2011/04/18 20:03:32.0072 4544 SystemInfo:
2011/04/18 20:03:32.0072 4544
2011/04/18 20:03:32.0072 4544 OS Version: 6.0.6000 ServicePack: 0.0
2011/04/18 20:03:32.0072 4544 Product type: Workstation
2011/04/18 20:03:32.0072 4544 ComputerName: SUSHIKISTE-PC
2011/04/18 20:03:32.0072 4544 UserName: sushikiste
2011/04/18 20:03:32.0072 4544 Windows directory: C:\Windows
2011/04/18 20:03:32.0072 4544 System windows directory: C:\Windows
2011/04/18 20:03:32.0072 4544 Processor architecture: Intel x86
2011/04/18 20:03:32.0072 4544 Number of processors: 2
2011/04/18 20:03:32.0072 4544 Page size: 0x1000
2011/04/18 20:03:32.0072 4544 Boot type: Normal boot
2011/04/18 20:03:32.0072 4544 ================================================================================
2011/04/18 20:03:34.0565 4544 Initialize success
2011/04/18 20:03:36.0272 2932 ================================================================================
2011/04/18 20:03:36.0272 2932 Scan started
2011/04/18 20:03:36.0272 2932 Mode: Manual;
2011/04/18 20:03:36.0272 2932 ================================================================================
2011/04/18 20:03:41.0130 2932 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/04/18 20:03:41.0648 2932 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/18 20:03:41.0956 2932 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/18 20:03:43.0186 2932 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/18 20:03:43.0978 2932 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/18 20:03:44.0311 2932 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/04/18 20:03:44.0482 2932 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/18 20:03:44.0584 2932 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/18 20:03:44.0768 2932 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
2011/04/18 20:03:44.0849 2932 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/18 20:03:44.0902 2932 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
2011/04/18 20:03:44.0978 2932 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/18 20:03:45.0016 2932 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/18 20:03:45.0145 2932 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/18 20:03:45.0200 2932 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/18 20:03:45.0302 2932 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/18 20:03:45.0630 2932 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
2011/04/18 20:03:45.0733 2932 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/18 20:03:46.0890 2932 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/18 20:03:47.0578 2932 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/04/18 20:03:47.0891 2932 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/04/18 20:03:48.0049 2932 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/18 20:03:48.0099 2932 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/18 20:03:48.0296 2932 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/18 20:03:48.0380 2932 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/18 20:03:48.0401 2932 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/18 20:03:48.0614 2932 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/18 20:03:48.0629 2932 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/18 20:03:48.0655 2932 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/18 20:03:48.0850 2932 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/18 20:03:48.0894 2932 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/18 20:03:48.0935 2932 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/18 20:03:49.0640 2932 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/04/18 20:03:50.0433 2932 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
2011/04/18 20:03:50.0684 2932 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/18 20:03:51.0175 2932 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/18 20:03:51.0243 2932 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/18 20:03:51.0333 2932 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/04/18 20:03:51.0400 2932 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/04/18 20:03:51.0443 2932 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/18 20:03:51.0790 2932 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/18 20:03:51.0935 2932 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/18 20:03:51.0998 2932 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/04/18 20:03:52.0054 2932 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/18 20:03:52.0676 2932 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/04/18 20:03:53.0113 2932 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/18 20:03:54.0609 2932 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/04/18 20:03:55.0701 2932 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/04/18 20:03:57.0367 2932 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/18 20:03:57.0653 2932 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/04/18 20:03:58.0195 2932 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/18 20:03:58.0814 2932 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/18 20:03:59.0604 2932 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/18 20:03:59.0686 2932 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/18 20:03:59.0941 2932 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/18 20:04:00.0525 2932 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/18 20:04:00.0684 2932 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/18 20:04:00.0814 2932 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/18 20:04:00.0926 2932 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/18 20:04:01.0120 2932 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/18 20:04:01.0589 2932 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/04/18 20:04:01.0643 2932 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/18 20:04:01.0736 2932 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/18 20:04:02.0288 2932 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/18 20:04:02.0372 2932 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/18 20:04:02.0693 2932 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/18 20:04:02.0794 2932 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
2011/04/18 20:04:03.0234 2932 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/18 20:04:03.0357 2932 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/18 20:04:03.0670 2932 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/18 20:04:04.0069 2932 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/18 20:04:04.0411 2932 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/04/18 20:04:04.0604 2932 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/18 20:04:04.0797 2932 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/18 20:04:05.0448 2932 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/18 20:04:05.0650 2932 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/18 20:04:05.0696 2932 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/18 20:04:05.0800 2932 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/18 20:04:06.0339 2932 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/18 20:04:06.0613 2932 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\Windows\system32\drivers\LGBusEnum.sys
2011/04/18 20:04:06.0674 2932 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\Windows\system32\drivers\LGVirHid.sys
2011/04/18 20:04:06.0760 2932 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/18 20:04:07.0112 2932 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/18 20:04:07.0427 2932 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/18 20:04:07.0520 2932 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/18 20:04:07.0567 2932 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/04/18 20:04:07.0624 2932 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/04/18 20:04:08.0004 2932 LVRS (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys
2011/04/18 20:04:08.0118 2932 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/18 20:04:08.0424 2932 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/04/18 20:04:08.0534 2932 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/18 20:04:08.0618 2932 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/18 20:04:08.0972 2932 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/18 20:04:09.0327 2932 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/04/18 20:04:09.0451 2932 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/18 20:04:09.0615 2932 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/18 20:04:10.0066 2932 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/18 20:04:10.0770 2932 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/04/18 20:04:11.0003 2932 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/18 20:04:11.0640 2932 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/18 20:04:11.0806 2932 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/18 20:04:11.0847 2932 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
2011/04/18 20:04:12.0313 2932 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/18 20:04:12.0784 2932 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/04/18 20:04:12.0875 2932 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/04/18 20:04:12.0933 2932 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/18 20:04:12.0948 2932 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/18 20:04:13.0230 2932 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/04/18 20:04:13.0625 2932 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/04/18 20:04:13.0677 2932 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/18 20:04:13.0980 2932 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/04/18 20:04:14.0326 2932 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/04/18 20:04:14.0451 2932 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/18 20:04:14.0494 2932 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/04/18 20:04:14.0536 2932 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/18 20:04:14.0557 2932 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/18 20:04:15.0012 2932 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/18 20:04:15.0343 2932 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/04/18 20:04:15.0449 2932 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/18 20:04:15.0593 2932 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/18 20:04:15.0667 2932 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/18 20:04:15.0706 2932 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/04/18 20:04:15.0759 2932 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/18 20:04:16.0800 2932 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/04/18 20:04:17.0485 2932 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/18 20:04:17.0605 2932 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/04/18 20:04:17.0670 2932 NVENETFD (19055a1c1076ef48e738d26ea7fb8017) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/04/18 20:04:22.0326 2932 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/18 20:04:22.0475 2932 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\Windows\nvoclock.sys
2011/04/18 20:04:22.0611 2932 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
2011/04/18 20:04:22.0821 2932 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/04/18 20:04:22.0882 2932 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/18 20:04:23.0222 2932 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/18 20:04:23.0330 2932 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/04/18 20:04:23.0357 2932 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/04/18 20:04:23.0402 2932 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/04/18 20:04:23.0436 2932 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/04/18 20:04:23.0486 2932 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
2011/04/18 20:04:23.0635 2932 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/18 20:04:23.0693 2932 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/18 20:04:23.0742 2932 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\Windows\system32\DRIVERS\lv302af.sys
2011/04/18 20:04:23.0958 2932 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/04/18 20:04:24.0041 2932 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/18 20:04:24.0082 2932 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/18 20:04:24.0153 2932 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/18 20:04:24.0215 2932 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/18 20:04:24.0293 2932 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/18 20:04:24.0335 2932 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/18 20:04:24.0374 2932 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/18 20:04:24.0495 2932 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/18 20:04:24.0536 2932 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/18 20:04:24.0597 2932 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/18 20:04:24.0631 2932 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/18 20:04:24.0721 2932 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/18 20:04:24.0735 2932 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/18 20:04:24.0793 2932 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/04/18 20:04:24.0851 2932 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/18 20:04:25.0003 2932 RTL8187B (872c4e777bedcd7f99dc09016b5e6f39) C:\Windows\system32\DRIVERS\wg111v3.sys
2011/04/18 20:04:25.0077 2932 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
2011/04/18 20:04:25.0245 2932 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
2011/04/18 20:04:25.0295 2932 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
2011/04/18 20:04:25.0339 2932 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
2011/04/18 20:04:25.0370 2932 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
2011/04/18 20:04:25.0393 2932 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
2011/04/18 20:04:25.0429 2932 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
2011/04/18 20:04:25.0506 2932 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/18 20:04:25.0586 2932 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/18 20:04:25.0623 2932 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
2011/04/18 20:04:25.0661 2932 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/04/18 20:04:25.0701 2932 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/04/18 20:04:25.0774 2932 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/04/18 20:04:25.0836 2932 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/18 20:04:25.0852 2932 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/18 20:04:25.0935 2932 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/18 20:04:25.0952 2932 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/18 20:04:26.0040 2932 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/18 20:04:26.0110 2932 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/18 20:04:26.0135 2932 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/18 20:04:26.0647 2932 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/04/18 20:04:27.0666 2932 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/04/18 20:04:28.0599 2932 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/04/18 20:04:28.0600 2932 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/04/18 20:04:28.0609 2932 sptd - detected Locked file (1)
2011/04/18 20:04:29.0681 2932 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/18 20:04:30.0683 2932 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/18 20:04:31.0807 2932 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/18 20:04:32.0539 2932 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/18 20:04:32.0618 2932 SVKP (f05028b163b92c302a74409d683ac9b0) C:\Windows\system32\SVKP.sys
2011/04/18 20:04:33.0642 2932 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/18 20:04:34.0725 2932 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/18 20:04:35.0654 2932 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/18 20:04:35.0972 2932 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/18 20:04:37.0842 2932 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/04/18 20:04:39.0989 2932 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/18 20:04:40.0789 2932 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/18 20:04:41.0088 2932 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/04/18 20:04:42.0594 2932 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/18 20:04:43.0146 2932 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/18 20:04:43.0216 2932 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/18 20:04:43.0715 2932 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/18 20:04:45.0625 2932 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/18 20:04:46.0108 2932 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/18 20:04:46.0589 2932 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/18 20:04:47.0687 2932 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/18 20:04:48.0706 2932 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/18 20:04:49.0670 2932 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/18 20:04:50.0671 2932 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/18 20:04:51.0166 2932 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/18 20:04:51.0670 2932 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/18 20:04:52.0322 2932 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/18 20:04:52.0577 2932 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
2011/04/18 20:04:52.0742 2932 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/18 20:04:53.0499 2932 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/18 20:04:53.0663 2932 usbehci (63fe924d8a1113c3ba6750693fbec7d3) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/18 20:04:54.0579 2932 usbhub (5edec5510592c905e91817707dce62a2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/18 20:04:55.0583 2932 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/18 20:04:56.0236 2932 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/04/18 20:04:56.0277 2932 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/18 20:04:56.0311 2932 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/18 20:04:56.0431 2932 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/18 20:04:56.0605 2932 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/04/18 20:04:56.0835 2932 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/18 20:04:57.0651 2932 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/18 20:04:58.0689 2932 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
2011/04/18 20:04:59.0107 2932 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/04/18 20:04:59.0162 2932 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/04/18 20:04:59.0664 2932 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/04/18 20:05:00.0271 2932 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/18 20:05:01.0059 2932 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/18 20:05:01.0292 2932 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/18 20:05:01.0310 2932 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/18 20:05:01.0356 2932 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/18 20:05:01.0655 2932 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/18 20:05:01.0823 2932 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/18 20:05:02.0614 2932 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/18 20:05:03.0618 2932 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/18 20:05:03.0700 2932 ================================================================================
2011/04/18 20:05:03.0700 2932 Scan finished
2011/04/18 20:05:03.0700 2932 ================================================================================
2011/04/18 20:05:03.0714 4592 Detected object count: 1
2011/04/18 20:05:06.0920 4592 Locked file(sptd) - User select action: Skip
|
|
18.04.2011, 19:14
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame Fehler Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2011, 19:34
| #13 |
| | PC langsam / seltsame Fehler [Code] Combofix Logfile: Code:
ATTFilter ComboFix 11-04-17.03 - sushikiste 18.04.2011 20:22:13.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.3582.2607 [GMT 2:00] ausgeführt von:: c:\users\sushikiste\Desktop\cofi.exe . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\hpe3F8.dll c:\programdata\hpe5285.dll c:\users\sushikiste\AppData\Local\.# c:\windows\TEMP\logishrd\LVPrcInj01.dll . . ((((((((((((((((((((((( Dateien erstellt von 2011-03-18 bis 2011-04-18 )))))))))))))))))))))))))))))) . . 2011-04-18 18:26 . 2011-04-18 18:26 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-04-18 18:26 . 2011-04-18 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-18 18:26 . 2011-04-18 18:26 -------- d-----w- c:\users\Andere\AppData\Local\temp 2011-04-18 14:11 . 2011-04-18 15:18 -------- d-----w- c:\program files\Fraps 2011-04-15 01:04 . 2011-04-15 01:04 -------- d-----w- c:\program files\Common Files\Adobe 2011-04-12 23:37 . 2010-02-01 14:26 194376 ----a-w- c:\program files\patcher_update_tmp.exe 2011-04-12 23:37 . 2011-04-12 23:37 -------- d-----w- c:\program files\lol-cb3.patcher_15 2011-04-12 23:36 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2011-04-12 23:36 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2011-04-12 23:36 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2011-04-12 23:35 . 2011-04-12 23:35 -------- d-----w- c:\program files\html 2011-04-12 20:30 . 2011-04-13 02:13 -------- d-----w- c:\users\sushikiste\AppData\Local\PMB Files 2011-04-12 20:30 . 2011-04-12 20:31 -------- d-----w- c:\programdata\PMB Files 2011-04-12 17:35 . 2011-04-12 17:35 -------- d-----w- c:\users\sushikiste\A96BFADFA15943958E9CA9E2F059A3BB.TMP 2011-04-11 20:46 . 2011-04-11 20:46 -------- d-----w- c:\program files\Common Files\Java 2011-04-11 20:46 . 2011-04-11 20:46 -------- d-----w- c:\program files\Java 2011-04-11 16:23 . 2011-04-11 16:24 -------- d-----w- c:\program files\ICQ7.4 2011-04-11 16:14 . 2011-04-11 16:14 -------- d-----w- c:\program files\Teamspeak3 2011-04-11 13:37 . 2011-04-14 11:57 -------- d-----w- c:\program files\unlgluhp 2011-04-03 10:57 . 2011-04-03 10:57 -------- d-----w- c:\program files\LogMeIn Hamachi 2011-03-28 17:53 . 2011-03-28 17:53 -------- d-----w- c:\users\sushikiste\AppData\Local\Conduit . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-11 20:46 . 2010-08-11 01:46 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-17 13:55 . 2010-05-08 11:08 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 357448] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 1573448] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 3203144] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768] "Ocs_SM"="c:\users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2010-05-13 106496] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-06 74752] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2006-5-29 1708032] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] 2011-04-11 16:23 119608 ----a-w- c:\program files\ICQ7.4\ICQ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-03-25 23:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Livestream Procaster] 2010-09-27 07:05 3831072 ----a-w- c:\program files\Livestream Procaster\Procaster.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid] 2009-07-16 14:35 5458704 ------w- c:\program files\Logitech\Logitech Vid\Vid.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] 2011-03-28 13:41 1910152 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware (reboot)] 2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe . R3 cdrmkaun;cdrmkaun;c:\users\SUSHIK~1\AppData\Local\Temp\cdrmkaun.sys [x] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328] R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256] R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016] R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744] R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216] R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512] R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632] R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-29 691696] S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-03 135336] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S2 SearchAnonymizer;SearchAnonymizer;c:\users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2010-05-13 40960] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2010-04-21 2368] S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632] . . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de uInternet Settings,ProxyOverride = *.local IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Free YouTube to Mp3 Converter - c:\users\sushikiste\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe FF - ProfilePath - c:\users\sushikiste\AppData\Roaming\Mozilla\Firefox\Profiles\aumc5ur9.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . - - - - Entfernte verwaiste Registrierungseinträge - - - - . MSConfigStartUp-RayV - c:\program files\RayV\RayV\RayV.exe AddRemove-InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D} - c:\program files\InstallShield Installation Information\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\setup.exe AddRemove-InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} - c:\progra~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe . . . ************************************************************************** Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: . ************************************************************************** . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\nvvsvc.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\NVIDIA Corporation\nTune\nTuneService.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\WMPSideShowGadget.exe c:\program files\Windows Media Player\wmplayer.exe c:\windows\RtHDVCpl.exe c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe c:\program files\Logitech\GamePanel Software\Applets\LCDPop3.exe c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe c:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Zeit der Fertigstellung: 2011-04-18 20:33:13 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-04-18 18:33 ComboFix2.txt 2010-06-24 14:59 . Vor Suchlauf: 13 Verzeichnis(se), 148.136.894.464 Bytes frei Nach Suchlauf: 16 Verzeichnis(se), 148.073.562.112 Bytes frei . - - End Of File - - 3B4B358932AD31FEFDF355324ABA956D |
|
18.04.2011, 19:38
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam / seltsame Fehler Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File::
c:\users\SUSHIK~1\AppData\Local\Temp\cdrmkaun.sys
c:\windows\system32\SVKP.sys
c:\program files\patcher_update_tmp.exe
Folder::
c:\users\sushikiste\A96BFADFA15943958E9CA9E2F059A3BB.TMP
c:\program files\unlgluhp
Driver::
cdrmkaun
SVKP
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2011, 19:48
| #15 |
| | PC langsam / seltsame Fehler wenn ich die txt datei auf die cf.exe ziehen möchte, dann kommt folgende fehlermeldung: ____________________________________ C:\Users\sushikiste\Desktop\cofi.exe Es wurde versucht einen Registrierungsschlüssel einem unzulässigen Vorgang zu unterziehen, der zum Löschen markiert wurde _____________________________________________________________ Das kam auch als ich opera starten wollte, aber als admin konnte ich es ausführen und ausführen, aber wie stelle ich das nun mit dem "rüberziehen" an? |
|
| Themen zu PC langsam / seltsame Fehler |
| 32-bit, anti-malware, beendet, cleaner pro, code, curse, dateien, einträge, explorer, fehler, geliefert, information, langsam, league of legends, location, logfiles, microsoft office word, nicht mehr, ntdll.dll, office 2007, oldtimer, opera, pc langsam, problem, probleme, prozesse, rechner, saver, security update, seltsame, shell32.dll, skype.exe, starten, startet, studio, system, task-manager, usb 2.0, version, vista, vista 32bit, öffnen |
Linear-Darstellung
