| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rechner spielt Komischen Sound ungewollt abWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.05.2011, 00:51
| #1 |
 |  Rechner spielt Komischen Sound ungewollt ab Hallo und zwar habe ich ein problem folgendes. Mein Rechner spielt immer wieder irgendein Geräusch ab und nach einiger zeit Googlen habe ich es auf Youtube gefunden hxxp://www.youtube.com/watch?v=FzRH3iTQPrk Genau diesen sound spielt er immer ab und ich weiß nicht wieso. Ansonsten läuft auch alles ganz gut er ist weder langsamer geworden noch sonst etwas. Ich habe auch nicht irgendwelche software auf meinem pc die ich nicht kenne. Nun weiß ich halt nicht genau wie ich anfangen soll ob ich ein Virus Trojaner oder gar Malware aufn Rechner habe. Ich habe bereits auch einen Scan mit Malwarebytes durchgeführt, aber Malwarebytes konnte auch nichts finden leider. Das log von Malwarebytes poste ich natürlich auch. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6523 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 07.05.2011 01:35:13 mbam-log-2011-05-07 (01-35-13).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Durchsuchte Objekte: 295249 Laufzeit: 35 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Bedanke mich vorerst hiermit. mfg denniiii |
|
07.05.2011, 15:38
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Rechner spielt Komischen Sound ungewollt ab Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
07.05.2011, 18:13
| #3 |
| | Rechner spielt Komischen Sound ungewollt ab Nein gibt keine habe Malwarebytes dafür extra runter geladen daher halt nur dieses eine logfile vom ersten vollständigen Scan.
__________________ |
|
07.05.2011, 18:15
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner spielt Komischen Sound ungewollt ab CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.05.2011, 18:50
| #5 |
| | Rechner spielt Komischen Sound ungewollt ab Hallo ich habe es gemacht und habe nun ein OTL txt file und ein Extras txt file auf dem Desktop ich poste mal beide: OTL file OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.05.2011 19:35:00 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\denniiii\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 7,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 916,69 Gb Total Space | 735,30 Gb Free Space | 80,21% Space Free | Partition Type: NTFS Drive D: | 14,82 Gb Total Space | 2,09 Gb Free Space | 14,07% Space Free | Partition Type: NTFS Computer Name: DENNIIII-PC | User Name: denniiii | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.05.07 01:02:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\denniiii\Desktop\OTL.exe PRC - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.11.22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe PRC - [2008.11.20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe ========== Modules (SafeList) ========== MOD - [2011.05.07 01:02:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\denniiii\Desktop\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011.04.30 21:33:06 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.11.22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.04 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.11.12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV:64bit: - [2009.01.20 16:49:48 | 000,195,584 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2009.01.20 00:41:48 | 000,609,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x) DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Pavilion&pf=cndt IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..network.proxy.http: "www-proxy.t-online.de " FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 01:27:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.30 01:27:48 | 000,000,000 | ---D | M] [2011.04.12 12:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\denniiii\AppData\Roaming\mozilla\Extensions [2011.05.07 00:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\denniiii\AppData\Roaming\mozilla\Firefox\Profiles\n6g73xj0.default\extensions [2011.04.17 15:53:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\denniiii\AppData\Roaming\mozilla\Firefox\Profiles\n6g73xj0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.05.05 01:42:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\denniiii\AppData\Roaming\mozilla\Firefox\Profiles\n6g73xj0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.05.05 17:39:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\denniiii\AppData\Roaming\mozilla\Firefox\Profiles\n6g73xj0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.03 17:36:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\denniiii\AppData\Roaming\mozilla\Firefox\Profiles\n6g73xj0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\denniiii\AppData\Roaming\Mozilla\Firefox\Profiles\n6g73xj0.default\searchplugins\icqplugin.xml [2011.04.16 13:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.03.20 01:06:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.03.20 01:06:12 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.04.15 14:32:08 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011.03.20 01:06:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.03.20 01:06:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.03.20 01:06:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\denniiii\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\denniiii\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\denniiii\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\denniiii\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) MsConfig:64bit - StartUpReg: facemoods - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\denniiii\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: HPADVISOR - hkey= - key= - File not found MsConfig:64bit - StartUpReg: OsdMaestro - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: WudfPf - Driver SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.05.07 01:02:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\denniiii\Desktop\OTL.exe [2011.05.07 00:54:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.05.07 00:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.05.07 00:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.05.05 17:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011.05.05 17:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011.05.05 17:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2011.05.05 17:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011.05.05 17:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Plasmoo [2011.05.05 01:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.05.05 01:43:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar [2011.05.05 01:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2011.05.05 01:42:50 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\ICQ [2011.05.05 01:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5 [2011.05.05 00:11:34 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Desktop\youtube downloads [2011.05.03 18:52:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.05.03 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\.minecraft [2011.05.03 11:41:59 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\TuneUp Software [2011.05.03 11:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2011.05.03 11:38:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2011.05.03 09:43:05 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Desktop\mucke [2011.05.01 16:16:03 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MCEdit-64bit [2011.05.01 16:16:02 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\MCEdit-64bit [2011.05.01 16:14:38 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Desktop\downloads [2011.05.01 11:57:55 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2011.05.01 11:57:37 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Panda Security [2011.05.01 11:57:32 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\SurfSecret Privacy Suite [2011.05.01 11:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2011.05.01 11:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2011.04.30 21:37:37 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2011.04.30 21:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.04.30 21:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011.04.28 20:12:55 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\Tunngle [2011.04.28 20:12:55 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Tunngle [2011.04.28 20:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2011.04.28 20:12:50 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys [2011.04.28 20:12:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2011.04.28 20:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2011.04.28 20:12:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2011.04.26 09:47:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool [2011.04.26 09:47:40 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices [2011.04.26 09:47:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices [2011.04.26 09:47:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2011.04.26 09:47:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2011.04.23 12:57:36 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\gba [2011.04.22 21:49:39 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Desktop\- [2011.04.22 21:38:54 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\rar [2011.04.22 21:37:23 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\text [2011.04.20 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN [2011.04.20 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES [2011.04.20 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES [2011.04.20 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES [2011.04.20 09:04:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES [2011.04.20 09:04:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN [2011.04.20 08:46:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011.04.19 08:58:51 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\vlc [2011.04.19 08:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.04.19 08:57:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2011.04.17 11:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011.04.17 10:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.04.17 10:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.04.17 10:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.04.17 10:53:15 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.04.17 10:53:15 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.04.17 09:31:39 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\links [2011.04.16 21:10:26 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\TS3Client [2011.04.16 21:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2011.04.16 21:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2011.04.16 13:25:23 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Mozilla [2011.04.16 13:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.04.15 14:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.04.15 14:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011.04.15 11:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.04.14 10:48:28 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Malwarebytes [2011.04.14 10:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.14 10:48:07 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.04.14 10:41:09 | 000,238,968 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011.04.14 10:39:44 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2011.04.14 10:39:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011.04.14 09:37:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011.04.14 09:37:00 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011.04.13 03:39:09 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.04.12 15:26:09 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.12 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\DVDVideoSoft [2011.04.12 15:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2011.04.12 15:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2011.04.12 15:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2011.04.12 12:49:11 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Mozilla [2011.04.12 12:49:11 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Gomez [2011.04.12 12:49:11 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Gomez [2011.04.12 12:47:44 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\LolClient [2011.04.12 11:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GomezPEER [2011.04.12 11:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gomez [2011.04.12 11:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011.04.12 09:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.04.12 09:42:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Riot [2011.04.12 09:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.04.12 09:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.04.12 09:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.04.12 09:29:52 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\minecraft server [2011.04.12 09:15:29 | 000,000,000 | ---D | C] -- C:\Users\denniiii\Documents\freewar proxy [2011.04.12 09:02:57 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\PMB Files [2011.04.12 09:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.04.12 09:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011.04.12 08:50:12 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\WinRAR [2011.04.12 08:50:12 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.04.12 08:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.04.12 08:50:03 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2011.04.12 07:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011.04.12 07:15:51 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2011.04.12 07:15:28 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.04.12 07:03:38 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.04.12 07:03:12 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Google [2011.04.12 07:03:03 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Deployment [2011.04.12 07:03:03 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Apps [2011.04.12 05:48:19 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.04.12 05:40:31 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Macromedia [2011.04.12 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Adobe [2011.04.12 05:26:56 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Hewlett-Packard [2011.04.12 05:25:34 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Hewlett-Packard [2011.04.12 00:00:24 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011.04.11 23:09:48 | 000,000,000 | R--D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.04.11 23:09:48 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Searches [2011.04.11 23:09:48 | 000,000,000 | R--D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.04.11 23:09:40 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Identities [2011.04.11 23:09:37 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Contacts [2011.04.11 23:09:36 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\VirtualStore [2011.04.11 23:09:29 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Hewlett-Packard_Company [2011.04.11 23:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works [2011.04.11 23:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2011.04.11 23:05:31 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\HP TCS [2011.04.11 23:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbücher [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Vorlagen [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\AppData\Local\Verlauf [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\AppData\Local\Temporary Internet Files [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Startmenü [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\SendTo [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Recent [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Netzwerkumgebung [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Lokale Einstellungen [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Documents\Eigene Videos [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Documents\Eigene Musik [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Eigene Dateien [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Documents\Eigene Bilder [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Druckumgebung [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Cookies [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\AppData\Local\Anwendungsdaten [2011.04.11 23:03:05 | 000,000,000 | -HSD | C] -- C:\Users\denniiii\Anwendungsdaten [2011.04.11 23:03:04 | 000,000,000 | --SD | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Videos [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Saved Games [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Pictures [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Music [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Links [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Favorites [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Downloads [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Documents [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\Desktop [2011.04.11 23:03:04 | 000,000,000 | R--D | C] -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.04.11 23:03:04 | 000,000,000 | -H-D | C] -- C:\Users\denniiii\AppData [2011.04.11 23:03:04 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Temp [2011.04.11 23:03:04 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Local\Microsoft [2011.04.11 23:03:04 | 000,000,000 | ---D | C] -- C:\Users\denniiii\AppData\Roaming\Media Center Programs [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Programme [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2011.04.11 23:00:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.05.07 19:13:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3416985773-2704160811-3591425436-1000UA.job [2011.05.07 19:12:01 | 000,000,065 | ---- | M] () -- C:\Users\denniiii\Desktop\Willkommen bei Heart of Death =H.o-D= --.url [2011.05.07 17:55:05 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.07 17:55:05 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.07 16:26:08 | 000,000,084 | ---- | M] () -- C:\Users\denniiii\Desktop\YouTube - Our Underground City is Not Safe (Minecraft).url [2011.05.07 15:33:24 | 000,012,846 | ---- | M] () -- C:\Users\denniiii\Desktop\3805753_big.jpg [2011.05.07 09:55:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.07 09:55:01 | 3488,800,768 | -HS- | M] () -- C:\hiberfil.sys [2011.05.07 01:55:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2011.05.07 01:51:23 | 000,000,120 | ---- | M] () -- C:\Users\denniiii\Desktop\Rechner spielt Komischen Sound ungewollt ab - Trojaner-Board.url [2011.05.07 01:02:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\denniiii\Desktop\OTL.exe [2011.05.07 00:44:41 | 000,000,068 | ---- | M] () -- C:\Users\denniiii\Desktop\YouTube - The Sneezing Baby Panda.URL [2011.05.05 06:13:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3416985773-2704160811-3591425436-1000Core.job [2011.05.04 13:06:27 | 000,095,044 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011.05.03 09:45:19 | 001,682,730 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.05.03 09:45:19 | 000,717,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.05.03 09:45:19 | 000,670,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.05.03 09:45:19 | 000,164,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.05.03 09:45:19 | 000,134,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.28 20:17:43 | 000,296,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.26 10:10:21 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat [2011.04.26 10:10:21 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat [2011.04.26 10:10:21 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat [2011.04.26 10:10:21 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat [2011.04.26 10:10:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011.04.26 10:10:08 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011.04.26 09:46:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf [2011.04.22 22:57:06 | 000,005,632 | ---- | M] () -- C:\Users\denniiii\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.20 09:11:43 | 001,570,086 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.20 08:35:03 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.04.16 13:25:24 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.04.14 10:41:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011.04.12 11:50:05 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GomezPEER.lnk [2011.04.12 07:14:59 | 000,000,732 | ---- | M] () -- C:\Users\denniiii\AppData\Local\d3d9caps64.dat [2011.04.12 06:54:17 | 000,000,680 | ---- | M] () -- C:\Users\denniiii\AppData\Local\d3d9caps.dat [2011.04.12 06:29:57 | 000,000,324 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2011.04.11 23:58:26 | 000,060,826 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.04.11 23:04:13 | 000,001,781 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_CPC_VC985AA-ABD p6145de_YC_0Pavi_QCZH942_E93CEv6PrA1_49_IEureka3_SPEGATRON CORPORATION_V1.02_B5.07_T090706_WUH1_L407_M4095_J1000_7Intel_8Core2 Quad Q9300_92.5_#100205_N10EC8168_Z_G10DE0A20.MRK [2011.04.11 23:04:13 | 000,001,781 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_CPC_VC985AA-ABD p6145de_YC_0Pavi_QCZH942_E93CEv6PrA1_49_IEureka3_SPEGATRON CORPORATION_V1.02_B5.07_T090706_WUH1_L407_M4095_J1000_7Intel_8Core2 Quad Q9300_92.5_#100205_N10EC8168_Z_G10DE0A20.MRK [2011.04.11 23:01:37 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWow64\ezsvc7x.dll [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.07 19:12:01 | 000,000,065 | ---- | C] () -- C:\Users\denniiii\Desktop\Willkommen bei Heart of Death =H.o-D= --.url [2011.05.07 16:26:08 | 000,000,084 | ---- | C] () -- C:\Users\denniiii\Desktop\YouTube - Our Underground City is Not Safe (Minecraft).url [2011.05.07 15:33:24 | 000,012,846 | ---- | C] () -- C:\Users\denniiii\Desktop\3805753_big.jpg [2011.05.07 01:51:23 | 000,000,120 | ---- | C] () -- C:\Users\denniiii\Desktop\Rechner spielt Komischen Sound ungewollt ab - Trojaner-Board.url [2011.05.07 00:44:41 | 000,000,068 | ---- | C] () -- C:\Users\denniiii\Desktop\YouTube - The Sneezing Baby Panda.URL [2011.05.05 17:42:49 | 000,001,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk [2011.05.04 13:06:27 | 000,095,044 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.04.28 20:15:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011.04.26 10:10:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011.04.26 10:10:08 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011.04.26 09:46:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf [2011.04.26 09:28:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2011.04.26 09:28:43 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2011.04.26 09:28:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2011.04.26 09:28:43 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2011.04.26 09:28:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2011.04.26 09:28:43 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2011.04.20 08:35:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.04.19 21:16:38 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll [2011.04.19 21:16:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2011.04.19 21:16:30 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2011.04.19 21:16:16 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf [2011.04.19 21:16:15 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf [2011.04.19 21:16:13 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2011.04.19 21:16:13 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin [2011.04.19 21:16:11 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf [2011.04.19 21:15:56 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF [2011.04.19 21:15:55 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs [2011.04.19 21:15:55 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs [2011.04.19 21:15:51 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2011.04.19 21:15:34 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man [2011.04.19 21:15:34 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man [2011.04.19 21:15:26 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml [2011.04.19 21:15:26 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml [2011.04.17 14:37:39 | 000,005,632 | ---- | C] () -- C:\Users\denniiii\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.17 10:53:15 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011.04.16 13:25:24 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.04.15 14:32:00 | 000,001,746 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2011.04.15 14:32:00 | 000,001,739 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2011.04.15 14:32:00 | 000,001,725 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2011.04.15 11:08:36 | 001,570,086 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.14 10:41:09 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011.04.12 11:50:05 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GomezPEER.lnk [2011.04.12 07:23:25 | 3488,800,768 | -HS- | C] () -- C:\hiberfil.sys [2011.04.12 07:03:13 | 000,001,132 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3416985773-2704160811-3591425436-1000UA.job [2011.04.12 07:03:12 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3416985773-2704160811-3591425436-1000Core.job [2011.04.12 06:29:52 | 000,000,324 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2011.04.12 05:36:56 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2011.04.11 23:15:55 | 000,000,951 | ---- | C] () -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.04.11 23:09:51 | 000,000,941 | ---- | C] () -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.04.11 23:09:48 | 000,000,936 | ---- | C] () -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2011.04.11 23:09:37 | 000,000,917 | ---- | C] () -- C:\Users\denniiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2011.04.11 23:06:47 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk [2011.04.11 23:05:53 | 000,000,680 | ---- | C] () -- C:\Users\denniiii\AppData\Local\d3d9caps.dat [2011.04.11 23:04:06 | 000,001,781 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_CPC_VC985AA-ABD p6145de_YC_0Pavi_QCZH942_E93CEv6PrA1_49_IEureka3_SPEGATRON CORPORATION_V1.02_B5.07_T090706_WUH1_L407_M4095_J1000_7Intel_8Core2 Quad Q9300_92.5_#100205_N10EC8168_Z_G10DE0A20.MRK [2011.04.11 23:04:06 | 000,001,781 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_CPC_VC985AA-ABD p6145de_YC_0Pavi_QCZH942_E93CEv6PrA1_49_IEureka3_SPEGATRON CORPORATION_V1.02_B5.07_T090706_WUH1_L407_M4095_J1000_7Intel_8Core2 Quad Q9300_92.5_#100205_N10EC8168_Z_G10DE0A20.MRK [2011.04.11 23:03:33 | 000,002,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk [2011.04.11 23:03:07 | 000,000,732 | ---- | C] () -- C:\Users\denniiii\AppData\Local\d3d9caps64.dat [2010.02.05 20:16:27 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010.02.05 13:03:34 | 000,009,636 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin ========== LOP Check ========== [2011.05.03 14:29:39 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\.minecraft [2011.04.12 15:26:09 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.12 12:49:11 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Gomez [2011.05.06 11:39:03 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\ICQ [2011.04.12 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\LolClient [2011.05.01 11:57:37 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Panda Security [2011.05.01 11:57:33 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\SurfSecret Privacy Suite [2011.04.23 03:45:00 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\TS3Client [2011.05.03 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\TuneUp Software [2011.04.29 18:06:40 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Tunngle [2011.05.07 01:55:33 | 000,024,660 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.05.03 14:29:39 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\.minecraft [2011.04.12 05:40:26 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Adobe [2011.04.12 15:26:09 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.12 12:49:11 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Gomez [2011.04.12 06:11:26 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Hewlett-Packard [2011.04.11 23:05:31 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\HP TCS [2011.05.06 11:39:03 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\ICQ [2011.04.11 23:09:40 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Identities [2011.04.12 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\LolClient [2011.04.12 05:40:31 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Macromedia [2011.04.14 10:48:28 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Malwarebytes [2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Media Center Programs [2011.04.15 08:27:34 | 000,000,000 | --SD | M] -- C:\Users\denniiii\AppData\Roaming\Microsoft [2011.04.16 13:25:23 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Mozilla [2011.05.01 11:57:37 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Panda Security [2011.05.01 11:57:33 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\SurfSecret Privacy Suite [2011.04.23 03:45:00 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\TS3Client [2011.05.03 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\TuneUp Software [2011.04.29 18:06:40 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\Tunngle [2011.05.03 09:44:20 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\vlc [2011.04.12 09:29:09 | 000,000,000 | ---D | M] -- C:\Users\denniiii\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2011.04.14 09:37:00 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\denniiii\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys < MD5 for: ATAPI.SYS > [2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys [2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll [2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys [2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys < MD5 for: NETLOGON.DLL > [2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll [2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll < MD5 for: NVSTOR.SYS > [2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys [2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll [2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll [2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll [2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll [2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll [2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll [2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll [2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe [2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe [2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe [2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > Extras file OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.05.2011 19:35:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\denniiii\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,69 Gb Total Space | 735,30 Gb Free Space | 80,21% Space Free | Partition Type: NTFS
Drive D: | 14,82 Gb Total Space | 2,09 Gb Free Space | 14,07% Space Free | Partition Type: NTFS
Computer Name: DENNIIII-PC | User Name: denniiii | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = A6 93 63 4B 2A FF CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3416985773-2704160811-3591425436-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2953BC47-0B38-4E56-B3D2-8F8386413350}" = lport=6977 | protocol=17 | dir=in | name=league of legends launcher |
"{44BBB91D-F9BE-4CCD-94C2-AA1DD36CF148}" = lport=6977 | protocol=6 | dir=in | name=league of legends launcher |
"{49091903-39AF-448C-989D-B13F4F36AB76}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{602C8B9A-C29E-4850-82E9-A029604D8EE1}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{627E3ED6-1016-4D9B-88CD-054E928AAD8D}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{6B60AF70-C5DF-4B62-A88B-D7A8A7A93C59}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{7200C874-2E96-44AE-8B9A-DBC4E1C319B6}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{73091B4D-E7DF-412A-A547-5F85337B5952}" = lport=6897 | protocol=6 | dir=in | name=league of legends launcher |
"{A6DEC7E2-B1B6-4846-A8E3-12CFB2702609}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher |
"{CBC64F5B-108C-4CCD-9DB3-464CB64FB09D}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{D2F81EB1-61B8-44B3-8E35-7E5FDF789E4A}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{D959A5BC-FD0C-463D-964E-A8DA0397531E}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{DAE00435-9ED9-49D9-AB93-173F9C7785FD}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher |
"{DFC77361-7B5E-4A0D-855E-EFB0A9D2BDBD}" = lport=6897 | protocol=17 | dir=in | name=league of legends launcher |
"{FE632BA6-5166-45F9-A9B4-5B2C34D53430}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EC79F4-DED4-478D-88AC-B8509B2386CC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{192B6493-4148-442F-9DA2-14007554159F}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1ACAC007-7811-4594-9C91-BD5A7E13D532}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{21E65D84-D6CC-4EEF-93B5-5A8B4F6843A5}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{2B73022E-EBFB-40EC-8537-A5C80BE2A8FA}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{34C0637B-4083-4451-B3DB-E2DCCECEF034}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{42F91923-458F-4F08-97C1-C5EDCCB9B406}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{4E987726-3186-408C-87EF-B99BEB3F6F70}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5AF254F9-8B7C-4D94-B487-8B02987D514B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{729B0123-1FE2-4EAB-BF55-8A989D7A31CC}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{769E33D4-4720-4F0C-9B76-ED130148FAA6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{811D6A86-F1D4-455C-8B5F-8333A211B8F6}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{87AF569D-229A-48FA-8388-DB2566FB9620}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{87EE61FE-47F5-4127-8F11-073600473082}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{8B8944C6-D3B3-4986-99AF-F0201C745626}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{93A17658-116A-4539-B6CC-3F9A67A37215}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{B4E0F069-1812-4C5C-8035-94A5ECEF0072}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{BE8A6493-9207-49C8-B4AC-2C0500D333F4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{CAB66D12-9A50-4AEF-AF5D-DBF286997DB5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{D43E095D-06A8-434C-9AC4-868AD37C78F9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{D7263636-7372-4B57-8BDE-C9A2DC366C51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\awpboy_yoshi\counter-strike source\hl2.exe |
"{DA3DB91F-9444-4A2C-894C-DCF1859234B1}" = protocol=17 | dir=in | app=c:\program files (x86)\riot\league of legends eu\lol.launcher.exe |
"{F6542451-3066-461D-BA76-31C2D444F02D}" = protocol=6 | dir=in | app=c:\program files (x86)\riot\league of legends eu\lol.launcher.exe |
"{F9842702-033B-4A22-86A6-ED126C2B075B}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{FD1C1245-5A5C-4BC2-AFFE-0A04CA10999A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\awpboy_yoshi\counter-strike source\hl2.exe |
"TCP Query User{08F95AC2-2BA3-45C4-A745-0F62F9BD4413}C:\program files (x86)\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe |
"TCP Query User{0A763445-EE3F-4C41-A2DF-0EF5B4B77ECB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8D981280-B7F8-439E-8660-751810E97AE2}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe |
"TCP Query User{A602BECD-4FA8-4AAB-B23C-5CFB4B0D0E4E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{20E0B8BA-BEB9-4C20-BB63-721560A8A9AB}C:\program files (x86)\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe |
"UDP Query User{69A50237-A79B-4637-9CF8-02EB00DB7D6D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{B4381E18-6461-4015-8A2D-3C9D519F0429}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{F96DFDE8-42E2-482D-A1B7-4124B779E55D}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ExpressBurn" = Express Burn Disc Burning Software
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"GomezPEER" = GomezPEER
"ICQToolbar" = ICQ Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 240" = Counter-Strike: Source
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01.05.2011 12:50:41 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.05.2011 13:01:54 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2011 05:01:33 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2011 06:23:17 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2011 13:32:10 | Computer Name = denniiii-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 03.05.2011 02:53:20 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.05.2011 05:53:48 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.05.2011 12:56:09 | Computer Name = denniiii-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.05.2011 15:25:57 | Computer Name = denniiii-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hl2.exe, Version 0.0.0.0, Zeitstempel 0x4da54080,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x000125d5, Prozess-ID 0xf0c, Anwendungsstartzeit 01cc09c7e9478667.
Error - 03.05.2011 15:26:02 | Computer Name = denniiii-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hl2.exe, Version 0.0.0.0, Zeitstempel 0x4da54080,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x7504a57d, Prozess-ID 0xf0c, Anwendungsstartzeit 01cc09c7e9478667.
[ System Events ]
Error - 22.04.2011 11:48:27 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 12:02:00 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 12:52:41 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 13:44:30 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 14:07:46 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2011 08:56:30 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 23.04.2011 08:56:30 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.04.2011 18:27:59 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 24.04.2011 12:29:45 | Computer Name = denniiii-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.35 für die Netzwerkkarte mit der Netzwerkadresse
701A043B8DA1 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 24.04.2011 12:31:19 | Computer Name = denniiii-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
|
|
07.05.2011, 19:26
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner spielt Komischen Sound ungewollt ab Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Rechner spielt Komischen Sound ungewollt ab |
|
07.05.2011, 19:45
| #7 |
| | Rechner spielt Komischen Sound ungewollt ab Ich habe es durchgeführt und es wurde mir kein log angezeigt aber nachdem ich auf die partition c ging war dort das logfile ich poste es 2011/05/07 20:48:01.0589 4092 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16 2011/05/07 20:48:01.0729 4092 ================================================================================ 2011/05/07 20:48:01.0729 4092 SystemInfo: 2011/05/07 20:48:01.0729 4092 2011/05/07 20:48:01.0729 4092 OS Version: 6.0.6002 ServicePack: 2.0 2011/05/07 20:48:01.0729 4092 Product type: Workstation 2011/05/07 20:48:01.0729 4092 ComputerName: DENNIIII-PC 2011/05/07 20:48:01.0729 4092 UserName: denniiii 2011/05/07 20:48:01.0729 4092 Windows directory: C:\Windows 2011/05/07 20:48:01.0729 4092 System windows directory: C:\Windows 2011/05/07 20:48:01.0729 4092 Running under WOW64 2011/05/07 20:48:01.0729 4092 Processor architecture: Intel x64 2011/05/07 20:48:01.0729 4092 Number of processors: 4 2011/05/07 20:48:01.0729 4092 Page size: 0x1000 2011/05/07 20:48:01.0729 4092 Boot type: Normal boot 2011/05/07 20:48:01.0729 4092 ================================================================================ 2011/05/07 20:48:02.0057 4092 Initialize success 2011/05/07 20:48:05.0255 3536 ================================================================================ 2011/05/07 20:48:05.0255 3536 Scan started 2011/05/07 20:48:05.0255 3536 Mode: Manual; 2011/05/07 20:48:05.0255 3536 ================================================================================ 2011/05/07 20:48:06.0612 3536 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 2011/05/07 20:48:06.0674 3536 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 2011/05/07 20:48:06.0690 3536 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 2011/05/07 20:48:06.0721 3536 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 2011/05/07 20:48:06.0737 3536 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 2011/05/07 20:48:07.0158 3536 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys 2011/05/07 20:48:07.0189 3536 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 2011/05/07 20:48:07.0205 3536 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 2011/05/07 20:48:07.0236 3536 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 2011/05/07 20:48:07.0252 3536 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 2011/05/07 20:48:07.0283 3536 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 2011/05/07 20:48:07.0298 3536 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 2011/05/07 20:48:07.0314 3536 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 2011/05/07 20:48:07.0361 3536 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/05/07 20:48:07.0423 3536 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 2011/05/07 20:48:07.0470 3536 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 2011/05/07 20:48:07.0532 3536 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 2011/05/07 20:48:07.0548 3536 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 2011/05/07 20:48:07.0564 3536 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 2011/05/07 20:48:07.0595 3536 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 2011/05/07 20:48:07.0626 3536 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 2011/05/07 20:48:07.0657 3536 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 2011/05/07 20:48:07.0673 3536 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 2011/05/07 20:48:07.0688 3536 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 2011/05/07 20:48:07.0704 3536 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 2011/05/07 20:48:07.0751 3536 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 2011/05/07 20:48:07.0813 3536 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 2011/05/07 20:48:07.0860 3536 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 2011/05/07 20:48:07.0938 3536 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 2011/05/07 20:48:07.0954 3536 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 2011/05/07 20:48:07.0985 3536 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 2011/05/07 20:48:08.0063 3536 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys 2011/05/07 20:48:08.0110 3536 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 2011/05/07 20:48:08.0141 3536 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 2011/05/07 20:48:08.0203 3536 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 2011/05/07 20:48:08.0234 3536 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 2011/05/07 20:48:08.0266 3536 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 2011/05/07 20:48:08.0312 3536 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 2011/05/07 20:48:08.0375 3536 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 2011/05/07 20:48:08.0453 3536 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 2011/05/07 20:48:08.0515 3536 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 2011/05/07 20:48:08.0546 3536 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 2011/05/07 20:48:08.0562 3536 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 2011/05/07 20:48:08.0578 3536 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 2011/05/07 20:48:08.0609 3536 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/05/07 20:48:08.0671 3536 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 2011/05/07 20:48:08.0687 3536 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 2011/05/07 20:48:08.0702 3536 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 2011/05/07 20:48:08.0734 3536 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 2011/05/07 20:48:09.0077 3536 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/05/07 20:48:09.0124 3536 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 2011/05/07 20:48:09.0139 3536 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 2011/05/07 20:48:09.0186 3536 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 2011/05/07 20:48:09.0202 3536 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 2011/05/07 20:48:09.0326 3536 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 2011/05/07 20:48:09.0389 3536 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 2011/05/07 20:48:09.0404 3536 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/05/07 20:48:09.0436 3536 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 2011/05/07 20:48:09.0467 3536 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 2011/05/07 20:48:09.0514 3536 IntcAzAudAddService (1edab7f9b9de4424beccdef950ce2ff0) C:\Windows\system32\drivers\RTKVHD64.sys 2011/05/07 20:48:09.0545 3536 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\DRIVERS\intelide.sys 2011/05/07 20:48:09.0560 3536 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 2011/05/07 20:48:09.0607 3536 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/05/07 20:48:09.0638 3536 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 2011/05/07 20:48:09.0701 3536 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 2011/05/07 20:48:09.0716 3536 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 2011/05/07 20:48:09.0732 3536 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 2011/05/07 20:48:09.0794 3536 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/05/07 20:48:09.0810 3536 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 2011/05/07 20:48:09.0826 3536 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 2011/05/07 20:48:09.0857 3536 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/05/07 20:48:09.0872 3536 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/05/07 20:48:09.0919 3536 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 2011/05/07 20:48:09.0950 3536 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 2011/05/07 20:48:09.0982 3536 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 2011/05/07 20:48:10.0013 3536 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 2011/05/07 20:48:10.0028 3536 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 2011/05/07 20:48:10.0060 3536 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 2011/05/07 20:48:10.0075 3536 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 2011/05/07 20:48:10.0106 3536 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 2011/05/07 20:48:10.0122 3536 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 2011/05/07 20:48:10.0138 3536 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 2011/05/07 20:48:10.0184 3536 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 2011/05/07 20:48:10.0200 3536 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 2011/05/07 20:48:10.0231 3536 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 2011/05/07 20:48:10.0247 3536 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 2011/05/07 20:48:10.0262 3536 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 2011/05/07 20:48:10.0294 3536 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 2011/05/07 20:48:10.0309 3536 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 2011/05/07 20:48:10.0372 3536 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 2011/05/07 20:48:10.0418 3536 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/05/07 20:48:10.0418 3536 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/05/07 20:48:10.0434 3536 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/05/07 20:48:10.0481 3536 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 2011/05/07 20:48:10.0496 3536 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 2011/05/07 20:48:10.0543 3536 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 2011/05/07 20:48:10.0543 3536 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 2011/05/07 20:48:10.0574 3536 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 2011/05/07 20:48:10.0590 3536 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/05/07 20:48:10.0606 3536 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 2011/05/07 20:48:10.0668 3536 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 2011/05/07 20:48:10.0684 3536 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/05/07 20:48:10.0699 3536 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 2011/05/07 20:48:10.0715 3536 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 2011/05/07 20:48:10.0793 3536 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 2011/05/07 20:48:10.0918 3536 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 2011/05/07 20:48:10.0949 3536 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/05/07 20:48:10.0964 3536 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/05/07 20:48:11.0027 3536 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/05/07 20:48:11.0027 3536 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 2011/05/07 20:48:11.0042 3536 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 2011/05/07 20:48:11.0120 3536 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 2011/05/07 20:48:11.0167 3536 netr28x (653a267797a4de4a69014ed61945067a) C:\Windows\system32\DRIVERS\netr28x.sys 2011/05/07 20:48:11.0230 3536 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 2011/05/07 20:48:11.0276 3536 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 2011/05/07 20:48:11.0323 3536 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 2011/05/07 20:48:11.0386 3536 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 2011/05/07 20:48:11.0417 3536 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 2011/05/07 20:48:11.0432 3536 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys 2011/05/07 20:48:11.0635 3536 nvlddmkm (f12c5f17d48d9f5c70e4408b3ccb5443) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/05/07 20:48:11.0791 3536 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 2011/05/07 20:48:11.0807 3536 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 2011/05/07 20:48:11.0822 3536 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 2011/05/07 20:48:11.0869 3536 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys 2011/05/07 20:48:11.0916 3536 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 2011/05/07 20:48:11.0963 3536 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 2011/05/07 20:48:12.0010 3536 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 2011/05/07 20:48:12.0025 3536 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys 2011/05/07 20:48:12.0056 3536 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 2011/05/07 20:48:12.0072 3536 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 2011/05/07 20:48:12.0181 3536 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 2011/05/07 20:48:12.0212 3536 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 2011/05/07 20:48:12.0275 3536 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 2011/05/07 20:48:12.0322 3536 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 2011/05/07 20:48:12.0353 3536 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 2011/05/07 20:48:12.0368 3536 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 2011/05/07 20:48:12.0384 3536 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 2011/05/07 20:48:12.0415 3536 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/05/07 20:48:12.0478 3536 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/05/07 20:48:12.0509 3536 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 2011/05/07 20:48:12.0556 3536 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 2011/05/07 20:48:12.0571 3536 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/05/07 20:48:12.0587 3536 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 2011/05/07 20:48:12.0602 3536 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 2011/05/07 20:48:12.0649 3536 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 2011/05/07 20:48:12.0727 3536 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 2011/05/07 20:48:12.0758 3536 RTL8169 (d53c84ec99ab4d78a90001e5ce5386ec) C:\Windows\system32\DRIVERS\Rtlh64.sys 2011/05/07 20:48:12.0790 3536 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 2011/05/07 20:48:12.0821 3536 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/05/07 20:48:12.0852 3536 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys 2011/05/07 20:48:12.0868 3536 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys 2011/05/07 20:48:12.0883 3536 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 2011/05/07 20:48:12.0914 3536 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 2011/05/07 20:48:12.0946 3536 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 2011/05/07 20:48:12.0961 3536 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 2011/05/07 20:48:12.0977 3536 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 2011/05/07 20:48:12.0992 3536 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 2011/05/07 20:48:13.0024 3536 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 2011/05/07 20:48:13.0070 3536 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 2011/05/07 20:48:13.0117 3536 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 2011/05/07 20:48:13.0226 3536 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 2011/05/07 20:48:13.0304 3536 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys 2011/05/07 20:48:13.0320 3536 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys 2011/05/07 20:48:13.0351 3536 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 2011/05/07 20:48:13.0382 3536 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 2011/05/07 20:48:13.0414 3536 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 2011/05/07 20:48:13.0445 3536 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 2011/05/07 20:48:13.0492 3536 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys 2011/05/07 20:48:13.0570 3536 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys 2011/05/07 20:48:13.0601 3536 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys 2011/05/07 20:48:13.0648 3536 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 2011/05/07 20:48:13.0663 3536 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 2011/05/07 20:48:13.0694 3536 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 2011/05/07 20:48:13.0757 3536 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 2011/05/07 20:48:13.0819 3536 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 2011/05/07 20:48:13.0866 3536 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/05/07 20:48:13.0882 3536 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 2011/05/07 20:48:13.0882 3536 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys 2011/05/07 20:48:13.0928 3536 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 2011/05/07 20:48:13.0975 3536 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 2011/05/07 20:48:14.0006 3536 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 2011/05/07 20:48:14.0053 3536 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 2011/05/07 20:48:14.0100 3536 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 2011/05/07 20:48:14.0116 3536 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 2011/05/07 20:48:14.0131 3536 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 2011/05/07 20:48:14.0194 3536 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/05/07 20:48:14.0225 3536 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 2011/05/07 20:48:14.0272 3536 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 2011/05/07 20:48:14.0303 3536 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 2011/05/07 20:48:14.0334 3536 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 2011/05/07 20:48:14.0350 3536 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys 2011/05/07 20:48:14.0396 3536 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/05/07 20:48:14.0412 3536 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/05/07 20:48:14.0443 3536 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/05/07 20:48:14.0459 3536 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 2011/05/07 20:48:14.0490 3536 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 2011/05/07 20:48:14.0537 3536 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 2011/05/07 20:48:14.0599 3536 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 2011/05/07 20:48:14.0630 3536 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 2011/05/07 20:48:14.0662 3536 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 2011/05/07 20:48:14.0693 3536 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 2011/05/07 20:48:14.0755 3536 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/07 20:48:14.0755 3536 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 2011/05/07 20:48:14.0786 3536 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 2011/05/07 20:48:14.0818 3536 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 2011/05/07 20:48:14.0896 3536 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys 2011/05/07 20:48:14.0942 3536 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 2011/05/07 20:48:14.0989 3536 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/05/07 20:48:15.0176 3536 ================================================================================ 2011/05/07 20:48:15.0176 3536 Scan finished 2011/05/07 20:48:15.0176 3536 ================================================================================ 2011/05/07 20:49:46.0234 2944 Deinitialize success Geändert von denniiii1990 (07.05.2011 um 19:53 Uhr) |
|
07.05.2011, 20:00
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner spielt Komischen Sound ungewollt ab Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 20:44
| #9 |
| | Rechner spielt Komischen Sound ungewollt ab Das Logfile war zu groß zum posten ich habe es dem post angehangen. Da das file auch zu groß für den Anhang war habe ich es gezipt. |
|
07.05.2011, 21:10
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner spielt Komischen Sound ungewollt ab Bitte nun Logs mit GMER und mbrcheck erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg Anleitung zu mbrcheck: Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 21:42
| #11 |
| | Rechner spielt Komischen Sound ungewollt ab Mit GMER wurde nix gefunden (wurde mir in english angezeigt nach dem scan) und wurde auch irgendwie kein log erstellt zumindest wenn weiß ich nicht wo (habe auch auf meiner partition c manuell geguckt). Mit MBRCheck hatte ich mehr Erfolg habe das Fenster auch direkt offen gelassen. hier das log MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 64-bit Base Board Manufacturer: PEGATRON CORPORATION BIOS Manufacturer: American Megatrends Inc. System Manufacturer: HP-Pavilion System Product Name: VC985AA-ABD p6145de Logical Drives Mask: 0x000001fc Kernel Drivers (total 133): 0x01A17000 \SystemRoot\system32\ntoskrnl.exe 0x01F2F000 \SystemRoot\system32\hal.dll 0x0060A000 \SystemRoot\system32\kdcom.dll 0x00614000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x0064F000 \SystemRoot\system32\PSHED.dll 0x00663000 \SystemRoot\system32\CLFS.SYS 0x006C0000 \SystemRoot\system32\CI.dll 0x00803000 \SystemRoot\system32\drivers\Wdf01000.sys 0x008DD000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x008EB000 \SystemRoot\system32\drivers\acpi.sys 0x00941000 \SystemRoot\system32\drivers\WMILIB.SYS 0x0094A000 \SystemRoot\system32\drivers\msisadrv.sys 0x00954000 \SystemRoot\system32\drivers\pci.sys 0x00984000 \SystemRoot\System32\drivers\partmgr.sys 0x00999000 \SystemRoot\system32\drivers\volmgr.sys 0x00772000 \SystemRoot\System32\drivers\volmgrx.sys 0x009AD000 \SystemRoot\system32\DRIVERS\intelide.sys 0x009B5000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x009C5000 \SystemRoot\System32\drivers\mountmgr.sys 0x009D8000 \SystemRoot\system32\drivers\pciide.sys 0x009DF000 \SystemRoot\system32\drivers\atapi.sys 0x007D8000 \SystemRoot\system32\drivers\ataport.SYS 0x00A0A000 \SystemRoot\system32\drivers\fltmgr.sys 0x00A51000 \SystemRoot\system32\drivers\fileinfo.sys 0x00A65000 \SystemRoot\System32\Drivers\ksecdd.sys 0x00C0F000 \SystemRoot\system32\drivers\ndis.sys 0x00AEC000 \SystemRoot\system32\drivers\msrpc.sys 0x00B3C000 \SystemRoot\system32\drivers\NETIO.SYS 0x00E04000 \SystemRoot\System32\drivers\tcpip.sys 0x00F7A000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01009000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01189000 \SystemRoot\system32\drivers\volsnap.sys 0x011CD000 \SystemRoot\System32\Drivers\spldr.sys 0x011D5000 \SystemRoot\System32\Drivers\mup.sys 0x00FA6000 \SystemRoot\System32\drivers\ecache.sys 0x011E7000 \SystemRoot\system32\drivers\disk.sys 0x00FD2000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x00DD2000 \SystemRoot\system32\drivers\crcdisk.sys 0x00C00000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x00DF6000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x00B95000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x0260C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x03267000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x03269000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0334C000 \SystemRoot\System32\drivers\watchdog.sys 0x02409000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x024F6000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x02502000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x02548000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x02559000 \SystemRoot\system32\DRIVERS\Rtlh64.sys 0x0258C000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x025A8000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x0335C000 \SystemRoot\system32\DRIVERS\storport.sys 0x025E1000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x033B9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x025EE000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x00BA8000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x033DC000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x00BD9000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x009E7000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x033EC000 \SystemRoot\system32\DRIVERS\tap0901t.sys 0x03406000 \SystemRoot\system32\DRIVERS\termdd.sys 0x03419000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x03427000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x03433000 \SystemRoot\system32\DRIVERS\swenum.sys 0x03435000 \SystemRoot\system32\DRIVERS\ks.sys 0x03469000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x03474000 \SystemRoot\system32\DRIVERS\umbus.sys 0x03484000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x034CC000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x034E0000 \SystemRoot\system32\drivers\nvhda64v.sys 0x03509000 \SystemRoot\system32\drivers\portcls.sys 0x03544000 \SystemRoot\system32\drivers\drmk.sys 0x03567000 \SystemRoot\system32\drivers\ksthunk.sys 0x03604000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x037A4000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x037AE000 \SystemRoot\System32\Drivers\Null.SYS 0x037C2000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x037CA000 \SystemRoot\System32\drivers\vga.sys 0x037D8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x037B7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x0356D000 \SystemRoot\system32\drivers\rdpencdd.sys 0x03576000 \SystemRoot\System32\Drivers\Msfs.SYS 0x03581000 \SystemRoot\System32\Drivers\Npfs.SYS 0x03592000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x0359B000 \SystemRoot\system32\DRIVERS\tdx.sys 0x035B8000 \SystemRoot\system32\DRIVERS\smb.sys 0x03807000 \SystemRoot\system32\drivers\afd.sys 0x03872000 \SystemRoot\System32\DRIVERS\netbt.sys 0x038B6000 \SystemRoot\system32\DRIVERS\pacer.sys 0x038D4000 \SystemRoot\system32\DRIVERS\netbios.sys 0x038E3000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x038FE000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x0394B000 \SystemRoot\system32\drivers\nsiproxy.sys 0x03957000 \SystemRoot\System32\Drivers\dfsc.sys 0x03974000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03982000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x0398E000 \SystemRoot\System32\Drivers\dump_atapi.sys 0x03996000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x039AE000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x039B0000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x00090000 \SystemRoot\System32\win32k.sys 0x039CC000 \SystemRoot\System32\drivers\Dxapi.sys 0x039D8000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x039E1000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x039F3000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x035D3000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x035DE000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00470000 \SystemRoot\System32\TSDDD.dll 0x006E0000 \SystemRoot\System32\cdd.dll 0x06C09000 \SystemRoot\system32\drivers\luafv.sys 0x06C2B000 \SystemRoot\system32\drivers\spsys.sys 0x06CC5000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x06CD9000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x06D0D000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x06D18000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x06D30000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x06D59000 \SystemRoot\system32\DRIVERS\bowser.sys 0x06D77000 \SystemRoot\System32\drivers\mpsdrv.sys 0x06D91000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x0740F000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x07458000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x07477000 \SystemRoot\System32\DRIVERS\srv2.sys 0x074A9000 \SystemRoot\System32\DRIVERS\srv.sys 0x0753C000 \SystemRoot\system32\drivers\HTTP.sys 0x07807000 \SystemRoot\system32\drivers\peauth.sys 0x078BD000 \SystemRoot\System32\Drivers\secdrv.SYS 0x078C8000 \SystemRoot\System32\drivers\tcpipreg.sys 0x078D8000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x078F8000 \SystemRoot\system32\DRIVERS\WUDFPf.sys 0x07916000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x07950000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS 0x77470000 \Windows\System32\ntdll.dll Processes (total 45): 0 System Idle Process 4 System 452 C:\Windows\System32\smss.exe 520 csrss.exe 572 C:\Windows\System32\wininit.exe 592 csrss.exe 628 C:\Windows\System32\services.exe 640 C:\Windows\System32\lsass.exe 648 C:\Windows\System32\lsm.exe 760 C:\Windows\System32\winlogon.exe 848 C:\Windows\System32\svchost.exe 892 C:\Windows\System32\nvvsvc.exe 924 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 196 C:\Windows\System32\svchost.exe 272 C:\Windows\System32\svchost.exe 280 C:\Windows\System32\svchost.exe 484 C:\Windows\System32\audiodg.exe 508 C:\Windows\System32\svchost.exe 444 C:\Windows\System32\SLsvc.exe 296 C:\Windows\System32\svchost.exe 1116 C:\Windows\System32\svchost.exe 1276 C:\Windows\System32\svchost.exe 1792 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 1848 C:\Windows\System32\svchost.exe 1916 C:\Program Files (x86)\Tunngle\TnglCtrl.exe 2004 C:\Windows\System32\svchost.exe 2024 C:\Windows\System32\SearchIndexer.exe 1528 WUDFHost.exe 2196 C:\Windows\System32\taskeng.exe 2324 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 2336 C:\Windows\System32\nvvsvc.exe 2676 C:\Windows\System32\dwm.exe 2700 C:\Windows\System32\taskeng.exe 2748 C:\Windows\explorer.exe 3048 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe 704 C:\Program Files\Windows Media Player\wmpnscfg.exe 2260 C:\Program Files\Windows Media Player\wmpnetwk.exe 3712 C:\Windows\System32\svchost.exe 3476 C:\Windows\System32\conime.exe 4324 C:\Users\denniiii\AppData\Local\Google\Chrome\Application\chrome.exe 4400 C:\Users\denniiii\AppData\Local\Google\Chrome\Application\chrome.exe 4264 C:\Windows\System32\SearchProtocolHost.exe 2544 C:\Windows\System32\SearchFilterHost.exe 4464 C:\Users\denniiii\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x000000e5`2c09e400 (NTFS) PhysicalDrive0 Model Number: WDCWD10EADS-65M2B0, Rev: 01.00A01 Size Device Name MBR Status -------------------------------------------- 931 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: CEFD837A02A1F4445A136688B10013AE4399C2CF Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit. Enter your choice: |
|
07.05.2011, 21:50
| #13 |
| | Rechner spielt Komischen Sound ungewollt ab Was soll mit OSAM sein? Hast du mich aufgefordert ein logfile mit OSAM zu erstellen? Wenn ja habe ich das überlesen ? Soll ich es nachhohlen ? das Fenster was am Ende des logs bei MBRCheck steht ist immernoch offen was soll ich damit machen ? (screen habe ich angehangen) Geändert von denniiii1990 (07.05.2011 um 22:23 Uhr) |
|
07.05.2011, 22:29
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner spielt Komischen Sound ungewollt ab Oh entschuldige bitte, natürlich sollst du kein Log mit OSAM erstellen, das geht bei dir auch garnicht, weil du ein 64-Bit-Windows hast.  Zitat:
Hast Du noch andere Betriebssysteme außer Vista installiert? Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 64-Bit - Dr. Windows Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten). Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der dieser DVD booten. Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 22:39
| #15 |
| | Rechner spielt Komischen Sound ungewollt ab Nein habe nur Vista 64 bit drauf es war auch schon vorinstalliert wo ich mir den pc zugelegt habe. Anfangs die Recovery CD zu erstellen habe ich vergessen bzw. damals wusste ich noch nicht soviel bescheid über System usw. daher werde ich mir das brennen müssen bin dabei die Daten runter zu laden dauert aber nicht lange hab ne 16k Leitung. habe mir deine angaben aufn zettel notiert melde mich anschließend hier im Thread wieder. Die Partition D ist bei mir Partition zum Recovern der Festplatte. Eine Frage vorher wie boote ich? Wird er fragen ob er booten soll wenn die cd im Laufwerk ist oder wie läuft das ab ? Entschuldigung wenn ich etwas unbeholfen rüber komme in der hin Sicht aber ich habe leider wirklich keine Ahnung davon. Geändert von denniiii1990 (07.05.2011 um 23:09 Uhr) |
|
| Themen zu Rechner spielt Komischen Sound ungewollt ab |
| anti-malware, dateien, explorer, folge, geräusch, google, komische, langsamer, log, malware, malwarebytes, natürlich, nichts, problem, rechner, scan, service, software, sound, trojaner, ungewollt, version, virus, virus trojaner, youtube |
Textbox.
.
Linear-Darstellung
