Ordner/Dateien nach Entfernung von HDD Defragmenter nicht zu finden Hallo liebe Forenmitglieder,
gestern abend habe ich mir die Rogue Malware HDD Defragmenter eingefangen, worauf bereits hier in anderen Threads beschriebene Fehlermeldungen kamen.
Darauf habe ich wie von AdminBot bzw DaGuru beschrieben, mittels rkill.com, und Malwarebytes die infizierten Dateien löschen können.
Fehlermeldungen waren weg, sowohl bei Malwarebytes als auch Avira werden keine Bedrohungen mehr gefunden.
Mein Problem ist jedoch, dass viele Desktop Verknüpfungen verschwunden sind und auch sämtliche Ordner wie zb "Eigenene Dateien" leer sind. Allerdings werden zb Bilder, die nicht angezeigt werden, bei Avira gescannt, das sehe ich, sie können demnach nicht gelöscht sein. Auch wenn ich nach Bildern im Explorer suche, findet er diese, allerdings kommt nach doppelklick folgende Meldung :
"file:///C:Users/Chef/Pictures/Eigene%2520Bilder/blubb.JPG konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang."
Ich kann also nicht darauf zugreifen.
Ist diese miese Malware noch aktiv oder hat sie bereits Teile meines Systems zerstört?
hier das OTL logfileOTL Logfile: Code:
OTL logfile created on: 23.03.2011 13:40:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Chef\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,00 Gb Total Space | 23,49 Gb Free Space | 15,66% Space Free | Partition Type: NTFS
Computer Name: CHEF-PC | User Name: Chef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Chef\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Modules (SafeList) ==========
MOD - C:\Users\Chef\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (RServer3) -- C:\Windows\SysWOW64\rserver30\RServer3.exe (Famatech Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (LVUVC64) Logitech HD Webcam C310(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (mirrorv3) -- C:\Windows\SysNative\drivers\rminiv3.sys (Famatech International Corp.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (raddrvv3) -- C:\Windows\SysWOW64\rserver30\raddrvv3.sys (Famatech Corp.)
DRV - (PDNMp50) -- C:\Windows\SysWOW64\drivers\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\Windows\SysWOW64\drivers\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F D9 E6 0B 85 7A CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.t-online.de"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.12 00:29:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.07 17:38:41 | 000,000,000 | ---D | M]
[2010.01.20 12:51:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Extensions
[2010.01.20 12:51:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.03.23 01:26:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ydzllwpx.default\extensions
[2010.12.25 18:37:03 | 000,000,000 | -H-D | M] (Google Toolbar for Firefox) -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ydzllwpx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.03.24 15:13:02 | 000,000,917 | -H-- | M] () -- C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\ydzllwpx.default\searchplugins\conduit.xml
[2010.02.07 11:14:28 | 000,002,055 | -H-- | M] () -- C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\ydzllwpx.default\searchplugins\daemon-search.xml
[2011.03.23 01:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.21 23:47:23 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.11.03 03:14:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.11.03 03:14:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2009.11.03 03:14:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.11.03 03:14:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.11.03 03:14:39 | 000,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Duden Korrektor SysTray] c:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
O4 - HKCU..\Run: [Gainward] C:\Program Files\EXPERTool ATI\TBPanel.exe (Gainward Co.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Logitech Vid HD] C:\Program Files (x86)\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk = C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis)
O4 - Startup: C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chef\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chef\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~3\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~3\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~3\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~3\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.01 00:49:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c5ef656b-13d1-11df-8b05-00241d77e4a0}\Shell - "" = AutoRun
O33 - MountPoints2\{c5ef656b-13d1-11df-8b05-00241d77e4a0}\Shell\AutoRun\command - "" = G:\autorun.exe Launch.hta
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.03.23 13:39:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Chef\Desktop\OTL.exe
[2011.03.23 13:10:32 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Chef\Desktop\OTH.scr
[2011.03.23 02:31:04 | 000,000,000 | ---D | C] -- C:\Users\Chef\AppData\Roaming\Malwarebytes
[2011.03.23 02:30:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.03.23 02:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.23 02:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.23 02:30:47 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.03.23 02:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.03.23 02:03:57 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\Avira
[2011.03.23 02:03:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.03.23 02:02:56 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.03.23 02:02:56 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.03.23 02:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.03.23 02:02:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.03.23 01:54:41 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.03.19 02:32:46 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Local\Apple Computer
[2011.03.19 02:32:28 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\Apple Computer
[2011.03.19 00:48:19 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\MPEG Streamclip
[2011.03.11 03:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2011.03.10 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.03.10 16:10:34 | 000,000,000 | -H-D | C] -- C:\Users\Chef\Documents\SightSpeed Recordings
[2011.03.10 16:10:34 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Local\LogiShrd
[2011.03.10 16:08:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\logishrd
[2011.03.10 16:08:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\logishrd
[2011.03.10 16:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011.03.10 16:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011.03.10 16:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LWS
[2011.03.10 16:08:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.03.10 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011.03.10 16:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011.03.09 00:48:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 00:48:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 00:48:39 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 00:48:39 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 00:48:39 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 00:48:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 00:48:39 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 00:48:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.03.09 00:48:34 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.03.09 00:48:34 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.03.09 00:48:34 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.03.09 00:48:34 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.03.07 17:38:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.03.07 17:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.03.07 17:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.03.07 17:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.03.07 17:38:00 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Local\Apple
[2011.03.07 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.03.07 17:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.28 15:52:29 | 000,000,000 | -H-D | C] -- C:\Users\Chef\Desktop\WOhnung
[2011.02.21 23:47:57 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\skypePM
[2011.02.21 23:47:11 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.02.21 23:47:11 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\Skype
[2011.02.21 23:47:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.02.21 23:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.02.21 23:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.02.21 16:41:20 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Roaming\ScreeNet iSaver
[2011.02.21 16:41:20 | 000,000,000 | -H-D | C] -- C:\Users\Chef\AppData\Local\ScreeNet iSaver
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.23 13:39:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Chef\Desktop\OTL.exe
[2011.03.23 13:26:14 | 000,016,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.23 13:26:14 | 000,016,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.23 13:12:23 | 001,509,600 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.23 13:12:23 | 000,657,606 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.23 13:12:23 | 000,618,664 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.23 13:12:23 | 000,131,962 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.23 13:12:23 | 000,108,240 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.23 13:10:33 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Chef\Desktop\OTH.scr
[2011.03.23 13:08:08 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.03.23 13:08:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.23 13:08:03 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.23 02:30:50 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.23 02:20:09 | 000,000,128 | ---- | M] () -- C:\ProgramData\~46194440r
[2011.03.23 02:20:09 | 000,000,096 | ---- | M] () -- C:\ProgramData\~46194440
[2011.03.23 02:03:04 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.03.23 01:59:00 | 000,000,392 | ---- | M] () -- C:\ProgramData\46194440
[2011.03.23 01:54:41 | 000,000,631 | -H-- | M] () -- C:\Users\Chef\Desktop\Windows Recovery.lnk
[2011.03.20 21:43:32 | 000,000,000 | -H-- | M] () -- C:\Users\Chef\Desktop\P1010241.JPG
[2011.03.20 21:37:46 | 000,382,391 | -H-- | M] () -- C:\Users\Chef\Desktop\Video call snapshot 2.png
[2011.03.20 13:35:10 | 000,097,775 | -H-- | M] () -- C:\Users\Chef\Desktop\studbesch_123676.pdf
[2011.03.19 00:54:32 | 046,484,790 | -H-- | M] () -- C:\Users\Chef\Desktop\new.mp4
[2011.03.16 23:56:50 | 000,078,242 | -H-- | M] () -- C:\Users\Chef\Desktop\bennyjessisepia.jpg
[2011.03.16 23:56:49 | 000,078,760 | -H-- | M] () -- C:\Users\Chef\Desktop\bennyujessi.jpg
[2011.03.16 23:55:43 | 000,077,002 | -H-- | M] () -- C:\Users\Chef\Desktop\bennyjessischwarz.jpg
[2011.03.14 23:51:08 | 000,093,180 | -H-- | M] () -- C:\Users\Chef\Desktop\urlaubserinnerung.jpg
[2011.03.14 23:51:04 | 000,070,614 | -H-- | M] () -- C:\Users\Chef\Desktop\page3.jpg
[2011.03.14 23:51:01 | 000,071,203 | -H-- | M] () -- C:\Users\Chef\Desktop\page2.jpg
[2011.03.14 23:50:20 | 000,057,458 | -H-- | M] () -- C:\Users\Chef\Desktop\page1.jpg
[2011.03.14 23:49:54 | 000,058,024 | -H-- | M] () -- C:\Users\Chef\Desktop\page.jpg
[2011.03.14 23:49:00 | 000,053,532 | -H-- | M] () -- C:\Users\Chef\Desktop\page4.jpg
[2011.03.14 23:47:56 | 000,074,937 | -H-- | M] () -- C:\Users\Chef\Desktop\paris.jpg
[2011.03.10 16:09:20 | 000,001,108 | -H-- | M] () -- C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011.03.10 16:08:21 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011.03.09 15:19:12 | 000,713,337 | -H-- | M] () -- C:\Users\Chef\Desktop\090320112514.jpg
[2011.03.09 15:18:56 | 000,876,458 | -H-- | M] () -- C:\Users\Chef\Desktop\090320112513.jpg
[2011.03.04 14:36:34 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.03.04 14:36:34 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.28 14:16:02 | 000,364,119 | -H-- | M] () -- C:\Users\Chef\Desktop\Semesterticket_NRW_VRR.pdf
[2011.02.21 23:47:57 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.21 23:47:11 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.23 02:30:50 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.23 02:03:04 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.03.23 01:54:42 | 000,000,128 | ---- | C] () -- C:\ProgramData\~46194440r
[2011.03.23 01:54:42 | 000,000,096 | ---- | C] () -- C:\ProgramData\~46194440
[2011.03.23 01:54:41 | 000,000,631 | -H-- | C] () -- C:\Users\Chef\Desktop\Windows Recovery.lnk
[2011.03.23 01:54:40 | 000,000,392 | ---- | C] () -- C:\ProgramData\46194440
[2011.03.20 21:43:32 | 000,000,000 | -H-- | C] () -- C:\Users\Chef\Desktop\P1010241.JPG
[2011.03.20 21:37:46 | 000,382,391 | -H-- | C] () -- C:\Users\Chef\Desktop\Video call snapshot 2.png
[2011.03.20 13:35:09 | 000,097,775 | -H-- | C] () -- C:\Users\Chef\Desktop\studbesch_123676.pdf
[2011.03.19 00:54:31 | 046,484,790 | -H-- | C] () -- C:\Users\Chef\Desktop\new.mp4
[2011.03.16 23:56:43 | 000,078,242 | -H-- | C] () -- C:\Users\Chef\Desktop\bennyjessisepia.jpg
[2011.03.16 23:56:39 | 000,078,760 | -H-- | C] () -- C:\Users\Chef\Desktop\bennyujessi.jpg
[2011.03.16 23:55:33 | 000,077,002 | -H-- | C] () -- C:\Users\Chef\Desktop\bennyjessischwarz.jpg
[2011.03.14 23:51:02 | 000,093,180 | -H-- | C] () -- C:\Users\Chef\Desktop\urlaubserinnerung.jpg
[2011.03.14 23:50:58 | 000,070,614 | -H-- | C] () -- C:\Users\Chef\Desktop\page3.jpg
[2011.03.14 23:50:51 | 000,071,203 | -H-- | C] () -- C:\Users\Chef\Desktop\page2.jpg
[2011.03.14 23:50:12 | 000,057,458 | -H-- | C] () -- C:\Users\Chef\Desktop\page1.jpg
[2011.03.14 23:49:46 | 000,058,024 | -H-- | C] () -- C:\Users\Chef\Desktop\page.jpg
[2011.03.14 23:48:50 | 000,053,532 | -H-- | C] () -- C:\Users\Chef\Desktop\page4.jpg
[2011.03.14 23:47:47 | 000,074,937 | -H-- | C] () -- C:\Users\Chef\Desktop\paris.jpg
[2011.03.10 16:09:20 | 000,001,108 | -H-- | C] () -- C:\Users\Chef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2011.03.10 16:08:21 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011.03.09 16:21:08 | 000,876,458 | -H-- | C] () -- C:\Users\Chef\Desktop\090320112513.jpg
[2011.03.09 16:21:08 | 000,713,337 | -H-- | C] () -- C:\Users\Chef\Desktop\090320112514.jpg
[2011.03.07 17:37:58 | 000,002,519 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.28 15:57:46 | 076,989,425 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010059.mp4
[2011.02.28 15:57:05 | 035,997,916 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010058.mp4
[2011.02.28 15:56:39 | 022,199,140 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010057.mp4
[2011.02.28 15:56:16 | 018,570,442 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010056.mp4
[2011.02.28 15:55:42 | 030,705,767 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010055.mp4
[2011.02.28 15:55:14 | 023,429,794 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010054.mp4
[2011.02.28 15:54:43 | 025,831,527 | -H-- | C] () -- C:\Users\Chef\Desktop\24072010053.mp4
[2011.02.28 14:16:01 | 000,364,119 | -H-- | C] () -- C:\Users\Chef\Desktop\Semesterticket_NRW_VRR.pdf
[2011.02.21 23:47:57 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.21 23:47:11 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.26 14:36:57 | 000,055,168 | ---- | C] () -- C:\ProgramData\dudenbib.wav
[2010.11.10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.11.10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.11.10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.03.31 02:28:10 | 000,000,092 | -H-- | C] () -- C:\Users\Chef\AppData\Local\fusioncache.dat
[2010.03.31 01:15:34 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.03.31 01:15:31 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.03.31 01:15:31 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.03.29 12:12:02 | 001,535,330 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.20 13:40:44 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.01.26 17:40:42 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.26 17:40:42 | 000,000,008 | RHS- | C] () -- C:\ProgramData\F2197D7F39.sys
[2010.01.03 23:29:14 | 000,000,021 | ---- | C] () -- C:\Windows\progman.ini
[2010.01.02 17:47:31 | 000,003,584 | -H-- | C] () -- C:\Users\Chef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.23 17:15:51 | 000,001,024 | ---- | C] () -- C:\Windows\ppengine.ini
[2009.12.14 11:32:50 | 000,471,040 | ---- | C] () -- C:\Windows\ssndii.exe
[2009.12.12 21:43:50 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.12.11 18:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.11 17:55:00 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009.12.11 17:34:12 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.12.11 17:12:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.06.21 07:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2005.05.08 17:56:44 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E3A28B4F
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 23.03.2011 13:40:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Chef\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,00 Gb Total Space | 23,49 Gb Free Space | 15,66% Space Free | Partition Type: NTFS
Computer Name: CHEF-PC | User Name: Chef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~3\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~3\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"G:\ISO\FlashFXP\FlashFXP.exe" = G:\ISO\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"G:\ISO\FlashFXP\FlashFXP.exe" = G:\ISO\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"G:\ISO\FlashFXP\FlashFXP.exe" = G:\ISO\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"M:\ISO\BulletProof FTP Server v2.3\bpftpserver.exe" = M:\ISO\BulletProof FTP Server v2.3\bpftpserver.exe:*:Enabled:BulletProof FTP Server (hxxp://www.bpftpserver.com)
"C:\Program Files (x86)\BulletProof FTP Server v2.3\bpftpserver.exe" = C:\Program Files (x86)\BulletProof FTP Server v2.3\bpftpserver.exe:*:Enabled:BulletProof FTP Server (hxxp://www.bpftpserver.com) -- (DigitalCandle, Inc.)
"G:\ISO\FlashFXP\FlashFXP.exe" = G:\ISO\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"M:\ISO\BulletProof FTP Server v2.3\bpftpserver.exe" = M:\ISO\BulletProof FTP Server v2.3\bpftpserver.exe:*:Enabled:BulletProof FTP Server (hxxp://www.bpftpserver.com)
"C:\Program Files (x86)\BulletProof FTP Server v2.3\bpftpserver.exe" = C:\Program Files (x86)\BulletProof FTP Server v2.3\bpftpserver.exe:*:Enabled:BulletProof FTP Server (hxxp://www.bpftpserver.com) -- (DigitalCandle, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{14521528-A593-F497-1517-F2AEA8DC9D3F}" = ccc-utility64
"{23170F69-40C1-2702-0457-000001000000}" = 7-Zip 4.57 (x64 edition)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{D7B00C49-6437-B38C-D926-6B50ED6C46F3}" = ATI Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{0CAADB53-AB10-B153-088A-B23EE2312DFB}" = Catalyst Control Center Localization German
"{0F9306FD-E246-7427-44B6-081342F411C9}" = Catalyst Control Center Core Implementation
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}" = CorelDRAW Graphics Suite X4 - Lang BR
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}" = Duden Korrektor PLUS
"{3892F602-F5D6-4B99-8F08-12EE6B01F66B}" = Shredder 12
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3A8C4C87-D460-488A-A0AA-8993F6D355B1}" = Radmin Server 3.4
"{3C9226AE-C79E-B71D-2536-57695DA2F0DB}" = Catalyst Control Center HydraVision Full
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028703}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028704}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028705}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028706}" = Grand Theft Auto: Episodes from Liberty City
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5E35BD20-7C55-52D7-A462-BB98289E2D98}" = Catalyst Control Center InstallProxy
"{631D1741-E5F6-433B-A0BF-5216DC1D846D}" = Shredder 12
"{657201DD-30C8-4E50-88AD-164B3812E8F5}" = Framebuffer Crysis WARHEAD Benchmark Tool
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{866F72F0-1363-2420-45E8-058EB36062C8}" = Catalyst Control Center Graphics Full New
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FDD65E7-ABDB-C777-1EED-0B086440CF10}" = Catalyst Control Center Graphics Light
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00D1-0407-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (German)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91E48417-8632-4DCD-B64E-708E3B20CBD9}_is1" = Shredder Classic 3
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D306690-3173-42CD-94C6-9EF9318AF24B}" = CorelDRAW Graphics Suite X4 - Lang FR
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A29549FD-65F3-440C-A552-6B8114CF319D}" = Skype Toolbars
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6C27FFF-75EF-4B5B-A64E-F9E128994908}" = CorelDRAW Graphics Suite X4 - Lang NL
"{AC2533A0-0EEC-E37C-1359-B332527F0EEB}" = ccc-core-static
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{B1B70A3A-0B76-4188-B9E0-5F166680D41D}" = Rybka 3 Dynamic
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6F9AF38-1A0F-EFED-559D-2AF94C695BCC}" = Catalyst Control Center Graphics Full Existing
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C82185E8-C27B-4EF4-2010-3333BC2C2B6D}" = Microsoft AutoRoute 2010
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE75C837-4BA9-4CF8-B912-C3ED5BD0EAAC}" = You Don't Know Jack®
"{CE7A4C6F-0368-5023-3C23-6D55B91401D6}" = CCC Help English
"{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}" = CorelDRAW Graphics Suite X4 - Lang IT
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2827848-7D2A-4547-9AD1-C965FB3E6344}" = CorelDRAW Graphics Suite X4 - Lang ES
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D4027264-CC6C-D2E4-0206-95C7BB09DF01}" = Skins
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF374CD1-FD16-DED4-4A13-AD0CA536E956}" = CCC Help German
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6CCD38C-8298-4F7B-91C5-C8DED0B24E5A}" = Fritz 12
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FA646036-17A0-6E9B-371F-703011AD2EE0}" = Catalyst Control Center Graphics Previews Vista
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Alice" = Alice-Installationsdateien entfernen
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BulletProof FTP Server_is1" = BulletProof FTP Server (remove only)
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Das Geheimnis des Berghotels_is1" = Das Geheimnis des Berghotels
"DB Reise-Service 2010" = DB Reise-Service 2010
"DeskPins" = DeskPins (remove only)
"DirectWave" = DirectWave
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DX10" = DX10
"Edison" = Edison
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"EXPERTool ATI_is1" = EXPERTool ATI 4.1
"ffdshow_is1" = ffdshow [rev 497] [2006-11-04]
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"FTPRush_is1" = FTPRush v1 Unicode
"Hardcore" = Hardcore
"IL Autogun" = IL Autogun
"IL Download Manager" = IL Download Manager
"IL DrumSynth Live" = IL DrumSynth Live
"IL Gross Beat" = IL Gross Beat
"IL Juice Pack" = IL Juice Pack
"IL Ogun" = IL Ogun
"IL Slicex" = IL Slicex
"IL Vocodex" = IL Vocodex
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"IsoBuster_is1" = IsoBuster 2.5
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maximus" = Maximus
"Miranda IM" = Miranda IM 0.8.10
"mIRC" = mIRC
"Morphine" = Morphine
"Mozilla Firefox (3.5.17)" = Mozilla Firefox (3.5.17)
"Nero8Lite_is1" = Nero 8 Micro 8.1.1.4
"nfsNewYearCountdown2 New Free Screensaver_is1" = NewFreeScreensaver nfsNewYearCountdown2
"OpenAL" = OpenAL
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"Sakura" = Sakura
"Samsung ML-2510 Series" = Samsung ML-2510 Series
"Samsung ML-2510 Series SmartPanel" = Samsung ML-2510 Series SmartPanel
"Sawer" = Sawer
"SimSynth" = SimSynth
"Sytrus" = Sytrus
"TeamViewer 5" = TeamViewer 5
"Toxic Biohazard" = Toxic Biohazard
"TrueCrypt" = TrueCrypt
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.03.2011 20:03:16 | Computer Name = Chef-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 10.03.2011 21:54:30 | Computer Name = Chef-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 11.03.2011 13:38:19 | Computer Name = Chef-PC | Source = RasClient | ID = 20227
Description =
Error - 11.03.2011 15:37:14 | Computer Name = Chef-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.1.0.112, Zeitstempel:
0x4d4037c2 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
0x4cc7ab86 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000cea27 ID des fehlerhaften Prozesses:
0x13e8 Startzeit der fehlerhaften Anwendung: 0x01cbe012badc2a80 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: f6c8ff49-4c16-11e0-b6f7-a49a87e67089
Error - 11.03.2011 16:58:56 | Computer Name = Chef-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.1.0.112, Zeitstempel:
0x4d4037c2 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
0x4cc7ab86 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000cea27 ID des fehlerhaften Prozesses:
0xf9c Startzeit der fehlerhaften Anwendung: 0x01cbe02814bc86fa Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 60a77a7b-4c22-11e0-b6f7-a49a87e67089
Error - 11.03.2011 17:12:29 | Computer Name = Chef-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.1.0.112, Zeitstempel:
0x4d4037c2 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
0x4cc7ab86 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000cea27 ID des fehlerhaften Prozesses:
0xdc8 Startzeit der fehlerhaften Anwendung: 0x01cbe02f293a3d6d Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 4523436a-4c24-11e0-b6f7-a49a87e67089
Error - 11.03.2011 21:58:44 | Computer Name = Chef-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 12.03.2011 11:16:35 | Computer Name = Chef-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Shredder.exe, Version: 0.0.0.0, Zeitstempel:
0x4721c767 Name des fehlerhaften Moduls: Shredder.exe, Version: 0.0.0.0, Zeitstempel:
0x4721c767 Ausnahmecode: 0xc0000094 Fehleroffset: 0x00083bab ID des fehlerhaften Prozesses:
0x5c0 Startzeit der fehlerhaften Anwendung: 0x01cbe0c6c5616813 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\ShredderChess\Shredder Classic 3\Shredder.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\ShredderChess\Shredder Classic
3\Shredder.exe Berichtskennung: b7911fda-4cbb-11e0-b6f7-a49a87e67089
Error - 13.03.2011 20:37:59 | Computer Name = Chef-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 15.03.2011 20:18:44 | Computer Name = Chef-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
[ System Events ]
Error - 16.10.2010 03:20:43 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 16.10.2010 03:20:43 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 16.10.2010 03:20:43 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 17.10.2010 03:21:42 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 17.10.2010 03:21:42 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.10.2010 03:22:52 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.10.2010 03:22:52 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.10.2010 03:22:52 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.10.2010 03:22:52 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.10.2010 03:08:16 | Computer Name = Chef-PC | Source = ipnathlp | ID = 31004
Description =
< End of report > --- --- ---
Vielen Dank im Voraus für eure Hilfe!
Mfg |