Soweit ich das beurteilen kann ist das eine Komponente von Windows 7. Korrekterweise in %SYSTEMROOT%\System32 vorhanden, außerdem eine versteckte Datei. Die Dateigröße sollte 93184 Bytes betragen. Prozessname MCTadmin.Zitat von GregorSamsa
Kann außer als Lokaler Dienst auch als Netzwerkdienst gestartet werden.
greetz
c
Ergebnis 21 bis 30 von 32
Thema: Infiziert [Hilfe]
-
02.11.2010, 22:36 #21
-
02.11.2010, 22:37 #22Anfänger
- Registriert seit
- 18.07.2008
- Beiträge
- 22
@GregorSamsa
datei zum hochladen nicht vorhanden... ist auch nicht hidden, mir grad auchn rätsel
@shoei
habe ich vorhin nochmal online scannen lassen
@clode
werde ich nachher ma schaun, war ja glaube netstat-a oder?
werde ma die kiste rebooten und ma schaun was ovp so für protokolle ausspuckt
-
02.11.2010, 22:48 #23Stanley Jobson
- Registriert seit
- 23.08.2008
- Beiträge
- 729
1. Sind das Empfehlungen von HijackThis, daher bitte ich doch um genauere Untersuchung der Dateien.
2. Clode, du redest immernoch quatsch, tut mir leid. Fehlerhafte Tastaturhooks zeugen nicht von können, genausowenig kann man groß was anfangen mit einer IP die per netstat -b herausgefunden wird.
Schon Userland Rootkits können ohne Probleme die Verbindungen verstecken.
3. Ist formatieren keine Alternative. Bisher hab ich sämtliche Malware, und das war einiges, ohne formatieren entfernen können.
-
02.11.2010, 22:55 #24
-
02.11.2010, 22:59 #25Anfänger
- Registriert seit
- 18.07.2008
- Beiträge
- 22
hm dreht sich mir jetzt schon der magen um, aber wenn niemanden was bei den logs auffällt siehts wohl ganz danach aus Zitat von shoei
ganz ehrlich? setz deinen pc neu auf safe is safe
-
02.11.2010, 23:00 #26Anfänger
- Registriert seit
- 18.07.2008
- Beiträge
- 22
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 71.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 76.33 Gb Total Space | 12.95 Gb Free Space | 16.97% Space Free | Partition Type: NTFS
Drive D: | 201.01 Gb Total Space | 127.88 Gb Free Space | 63.62% Space Free | Partition Type: NTFS
Drive E: | 1196.25 Gb Total Space | 393.57 Gb Free Space | 32.90% Space Free | Partition Type: NTFS
Drive G: | 265.75 Gb Total Space | 72.73 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive H: | 100.00 Gb Total Space | 77.71 Gb Free Space | 77.71% Space Free | Partition Type: NTFS
Computer Name: Ü | User Name: Ü | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/02 22:44:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2010/10/29 04:26:15 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/29 04:26:15 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/24 15:59:50 | 000,864,624 | ---- | M] (Lavasoft) -- D:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/10/24 15:59:47 | 001,357,464 | ---- | M] (Lavasoft) -- D:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/04/01 12:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/02 10:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009/11/13 14:03:08 | 000,205,976 | ---- | M] (BinarySense Ltd.) -- D:\Program Files (x86)\Common Files\BinarySense\disksvc.exe
PRC - [2009/09/24 14:41:58 | 000,434,176 | ---- | M] (Sony Ericsson Mobile Communications AB) -- D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2009/08/22 19:25:00 | 002,781,184 | ---- | M] () -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe
PRC - [2009/07/01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2009/06/05 17:42:04 | 001,310,720 | ---- | M] (Analog Devices, Inc.) -- D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2009/06/04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- D:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009/06/04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- D:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009/05/26 23:31:29 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/05/18 13:29:16 | 003,866,624 | ---- | M] (Analog Devices, Inc.) -- D:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () -- D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/03/20 02:03:00 | 001,904,640 | ---- | M] (AVM Berlin) -- D:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2009/03/20 02:03:00 | 000,368,640 | ---- | M] (AVM Berlin) -- D:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- D:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/03 23:57:00 | 001,034,240 | ---- | M] () -- D:\Program Files (x86)\CPU-Control\CPU_Control.exe
PRC - [2008/10/23 17:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) -- D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
PRC - [2007/11/26 14:51:00 | 001,085,440 | ---- | M] (T-Systems Enterprise Services GmbH) -- D:\Program Files (x86)\DSL-Manager\DslMgr.exe
========== Modules (SafeList) ==========
MOD - [2010/11/02 22:44:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- D:\Windows\SysNative\srvany.exe -- (KMService)
SRV:64bit: - [2009/11/24 12:59:53 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- D:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.e xe -- (Netzmanager Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/05 17:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- D:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2009/05/06 10:41:52 | 000,062,464 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- D:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV - [2010/10/24 15:59:47 | 001,357,464 | ---- | M] (Lavasoft) [Auto | Running] -- D:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/04/01 12:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/18 13:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/12/16 13:36:12 | 000,403,064 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- D:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaDeviceMgmt.exe -- (EmmaDevMgmtSvc)
SRV - [2009/12/16 13:36:12 | 000,193,656 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- D:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaUpdateMgmt.exe -- (EmmaUpdMgmtSvc)
SRV - [2009/11/13 14:03:08 | 000,205,976 | ---- | M] (BinarySense Ltd.) [Auto | Running] -- D:\Program Files (x86)\Common Files\BinarySense\disksvc.exe -- (HDD & SSD access service)
SRV - [2009/11/09 05:46:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009/11/07 18:22:10 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/10/07 06:04:28 | 000,044,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\Microsoft.NET\Framework64\v4.0.21006\as pnet_state.exe -- (aspnet_state)
SRV - [2009/10/07 03:44:38 | 001,007,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\Microsoft.NET\Framework64\v4.0.21006\WP F\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2009/10/07 03:44:38 | 000,138,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\Microsoft.NET\Framework64\v4.0.21006\ms corsvw.exe -- (clr_optimization_v4.0.21006_64)
SRV - [2009/10/07 02:44:58 | 000,129,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\Microsoft.NET\Framework\v4.0.21006\msco rsvw.exe -- (clr_optimization_v4.0.21006_32)
SRV - [2009/07/27 11:13:28 | 000,061,440 | ---- | M] () [Disabled | Stopped] -- D:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009/07/26 05:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- G:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/03/20 02:03:00 | 000,368,640 | ---- | M] (AVM Berlin) [Auto | Running] -- D:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- D:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009/01/09 12:46:26 | 000,548,704 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- D:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
SRV - [2008/10/23 17:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Running] -- D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- D:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- D:\Windows\SysWOW64\srvany.exe -- (KMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\nvflash.sys -- (NVFLASH)
DRV:64bit: - [2010/09/30 22:25:10 | 000,040,104 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/09/23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- D:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/09/14 14:16:15 | 000,125,888 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010/03/02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/16 13:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/12/06 22:08:17 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/12/06 22:08:17 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/12/06 19:50:11 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/07 19:16:17 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- D:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 17:42:04 | 000,475,136 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009/06/04 02:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009/06/04 02:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009/06/04 02:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009/06/04 02:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009/06/04 02:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009/06/04 02:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009/06/04 02:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009/06/04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009/06/04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009/06/04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009/06/04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009/06/04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009/06/04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/05/23 00:08:37 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/05/14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/04/08 13:26:16 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2009/04/06 09:13:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2009/04/06 09:13:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2009/03/26 15:44:13 | 000,044,560 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\a4djavs_x64.sys -- (a4djavs_x64)
DRV:64bit: - [2009/03/26 15:44:10 | 000,249,872 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\a4djusb_x64.sys -- (a4djusb_x64)
DRV:64bit: - [2009/03/20 02:03:00 | 000,552,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2009/03/20 02:03:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009/02/17 18:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009/02/17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2008/10/21 10:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV:64bit: - [2008/10/21 10:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex)
DRV:64bit: - [2008/10/21 10:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV:64bit: - [2008/10/21 10:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm)
DRV:64bit: - [2008/10/21 10:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008/10/21 10:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV:64bit: - [2008/10/21 10:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV:64bit: - [2008/01/09 11:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2007/10/03 22:51:00 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2007/10/03 22:50:52 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2007/10/03 22:50:26 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
DRV:64bit: - [2007/08/01 14:49:02 | 000,019,008 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\dslmnlwf.sys -- (DslMNLwf)
DRV:64bit: - [2007/04/24 08:33:30 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s125obex.sys -- (s125obex)
DRV:64bit: - [2007/04/24 08:33:14 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV:64bit: - [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006/12/28 01:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2010/11/01 22:51:43 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2010/09/23 08:46:10 | 000,016,928 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2010/09/14 14:16:15 | 000,125,888 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/04/08 15:49:30 | 000,003,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\SysWOW64\drivers\nvflash.sys -- (NVFLASH)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 4fuckr.com - everything else is for pussies - DER FHRER HAT SPASSS [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freewar.de - Browsergames, Onlinegame
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2C BD 8F AB A4 60 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: jl@leimbach-it.de:2.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 04:26:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 04:26:15 | 000,000,000 | ---D | M]
[2010/10/08 16:59:59 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2010/10/08 16:59:59 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\mozilla\Extensions \home2@tomtom.com
[2010/11/02 15:35:58 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions
[2010/03/07 18:07:33 | 000,000,000 | ---D | M] (Linkification) -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/07/18 20:40:08 | 000,000,000 | ---D | M] (ReloadEvery) -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/10/14 20:50:48 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/20 05:33:38 | 000,000,000 | ---D | M] (Adblock Plus) -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/09 13:35:58 | 000,000,000 | ---D | M] (DownThemAll!) -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/03/25 23:10:48 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Pr ofiles\eluxhlz3.default\extensions\jl@leimbach-it.de
[2010/03/13 10:43:38 | 000,000,687 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Pr ofiles\eluxhlz3.default\searchplugins\icq-search.xml
[2010/04/09 04:24:01 | 000,000,950 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Pr ofiles\eluxhlz3.default\searchplugins\icqplugin-1.xml
[2010/06/24 04:14:10 | 000,000,950 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Pr ofiles\eluxhlz3.default\searchplugins\icqplugin-2.xml
[2010/06/28 04:34:20 | 000,000,950 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Pr ofiles\eluxhlz3.default\searchplugins\icqplugin-3.xml
[2010/03/23 20:50:29 | 000,000,950 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Pr ofiles\eluxhlz3.default\searchplugins\icqplugin.xm l
[2010/11/02 15:35:58 | 000,000,000 | ---D | M] -- D:\Program Files (x86)\mozilla firefox\extensions
[2010/08/10 21:39:24 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/10 21:39:24 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/08/10 21:39:24 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/10 21:39:24 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - D:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Toolbar fuer eBay) - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - D:\Users\Stefan\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Toolbar fuer eBay) - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - D:\Users\Stefan\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll ()
O4:64bit: - HKLM..\Run: [RivaTuner] D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [SoundMAX] D:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Ai Nap] D:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] D:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [CloneCDTray] D:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Cpu Level Up] D:\Program Files (x86)\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe (ASUSTek)
O4 - HKLM..\Run: [CTxfiHlp] D:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [QFan Help] D:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] D:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [CPU_Control] D:\Program Files (x86)\CPU-Control\CPU_Control.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] D:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: D:\Users\Stefan\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\DSL-Manager.lnk = D:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: add to &BOM - D:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: add to &BOM - D:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/soft...5109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (AnyDiscHelp.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - D:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - D:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/06 11:40:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0d015aa1-0fb2-11df-ae60-00040ec2d49e}\Shell - "" = AutoRun
O33 - MountPoints2\{0d015aa1-0fb2-11df-ae60-00040ec2d49e}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
O33 - MountPoints2\{579798c2-cbb7-11de-922a-001e8c717125}\Shell - "" = AutoRun
O33 - MountPoints2\{579798c2-cbb7-11de-922a-001e8c717125}\Shell\AutoRun\command - "" = K:\Setup.exe -- File not found
O33 - MountPoints2\{a96da4f5-f081-11de-9024-00040ec2d49e}\Shell - "" = AutoRun
O33 - MountPoints2\{a96da4f5-f081-11de-9024-00040ec2d49e}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: diskvaws - (D:\Windows\system32\icartend.dll) - D:\Windows\SysWow64\icartend.dll File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/11/02 15:36:46 | 000,000,000 | ---D | C] -- D:\MalwarebytesPortable
[2010/10/27 14:58:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/10/23 17:36:04 | 000,051,992 | ---- | C] (AVIRA GmbH) -- D:\Windows\SysWow64\drivers\avgntdd.sys
[2010/10/23 17:36:04 | 000,017,016 | ---- | C] (AVIRA GmbH) -- D:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.11.02 15:55:27 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.02 15:13:17 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ESET
[2010.11.01 15:29:35 | 000,000,000 | -H-D | C] -- D:\Users\Public\Documents\Server
[2010.10.31 22:19:49 | 000,067,176 | ---- | C] (Khronos Group) -- D:\Windows\SysNative\OpenCL.dll
[2010.10.31 22:19:49 | 000,057,960 | ---- | C] (Khronos Group) -- D:\Windows\SysWow64\OpenCL.dll
[2010.10.30 18:33:37 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Local\FalloutNV
[2010.10.27 14:58:39 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Roaming\Malwarebytes
[2010.10.27 14:58:28 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysNative\drivers\mbam.sys
[2010.10.27 14:58:28 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.27 14:58:28 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2010.10.24 16:00:29 | 000,069,152 | ---- | C] (Lavasoft AB) -- D:\Windows\SysNative\drivers\Lbd.sys
[2010.10.24 14:00:14 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Local\Sunbelt Software
[2010.10.24 13:59:40 | 000,000,000 | -H-D | C] -- D:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2010.10.24 13:59:36 | 000,000,000 | ---D | C] -- D:\ProgramData\Lavasoft
[2010.10.24 13:59:36 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Lavasoft
[2010.10.23 20:13:59 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Trend Micro
[2010.10.23 20:12:26 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Roaming\vlc
[2010.10.23 17:47:50 | 000,000,000 | ---D | C] -- D:\ProgramData\Spybot - Search & Destroy
[2010.10.23 17:46:19 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Roaming\Avira
[2010.10.23 17:36:04 | 000,116,568 | ---- | C] (Avira GmbH) -- D:\Windows\SysNative\drivers\avipbb.sys
[2010.10.23 17:36:04 | 000,081,072 | ---- | C] (Avira GmbH) -- D:\Windows\SysNative\drivers\avgntflt.sys
[2010.10.23 17:36:03 | 000,000,000 | ---D | C] -- D:\ProgramData\Avira
[2010.10.23 17:36:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Avira
[2010.10.23 17:09:32 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Local\DBControl
[2010.10.20 21:57:49 | 000,000,000 | ---D | C] -- D:\Users\Stefan\Documents\ArcaniA - Gothic 4
[2010.10.10 20:17:50 | 000,000,000 | ---D | C] -- D:\Users\Stefan\Documents\AnyDVDHD
[2010.10.08 17:21:16 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\GPSBabel
[2010.10.08 17:10:41 | 000,000,000 | ---D | C] -- D:\Program Files\7-Zip
[2010.10.08 17:00:11 | 000,000,000 | ---D | C] -- D:\Users\Stefan\Documents\TomTom
[2010.10.08 17:00:08 | 000,000,000 | ---D | C] -- D:\ProgramData\TomTom
[2010.10.08 16:59:59 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Roaming\TomTom
[2010.10.08 16:59:59 | 000,000,000 | ---D | C] -- D:\Users\Stefan\AppData\Local\TomTom
[2010.10.08 16:59:54 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TomTom International B.V
[2010.10.08 16:59:45 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TomTom HOME 2
[2010.01.11 21:24:29 | 000,148,736 | ---- | C] (Avanquest Software) -- D:\ProgramData\hpe671B.dll
[2010.01.01 16:08:48 | 000,148,736 | ---- | C] (Avanquest Software) -- D:\ProgramData\hpe363D.dll
[2009/06/04 00:57:38 | 000,060,928 | ---- | C] ( ) -- D:\Windows\SysWow64\a3d.dll
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.02 22:46:57 | 000,014,224 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.02 22:46:57 | 000,014,224 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.02 22:44:36 | 001,619,748 | ---- | M] () -- D:\Windows\SysNative\PerfStringBackup.INI
[2010.11.02 22:44:36 | 000,697,474 | ---- | M] () -- D:\Windows\SysNative\perfh007.dat
[2010.11.02 22:44:36 | 000,654,354 | ---- | M] () -- D:\Windows\SysNative\perfh009.dat
[2010.11.02 22:44:36 | 000,148,104 | ---- | M] () -- D:\Windows\SysNative\perfc007.dat
[2010.11.02 22:44:36 | 000,121,224 | ---- | M] () -- D:\Windows\SysNative\perfc009.dat
[2010.11.02 22:40:21 | 000,000,394 | ---- | M] () -- D:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.11.02 22:39:33 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010.11.02 22:39:32 | 535,732,223 | -HS- | M] () -- D:\hiberfil.sys
[2010.11.02 22:38:30 | 000,063,460 | ---- | M] () -- D:\Windows\SysNative\BMXStateBkp-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010.11.02 22:38:30 | 000,063,460 | ---- | M] () -- D:\Windows\SysNative\BMXState-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010.11.02 22:38:30 | 000,001,080 | ---- | M] () -- D:\Windows\SysNative\settingsbkup.sfm
[2010.11.02 22:38:30 | 000,001,080 | ---- | M] () -- D:\Windows\SysNative\settings.sfm
[2010.11.02 22:38:30 | 000,000,788 | ---- | M] () -- D:\Windows\SysNative\DVCState-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010.11.02 22:38:09 | 000,000,982 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\DSL-Manager.lnk
[2010.10.30 13:10:28 | 002,967,345 | ---- | M] () -- D:\Users\Stefan\Documents\2010-10-30-12-10-MyMDb_Backup.xlg
[2010.10.24 13:59:39 | 000,001,174 | ---- | M] () -- D:\Users\Stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010.10.24 13:59:39 | 000,001,150 | ---- | M] () -- D:\Users\Public\Desktop\Ad-Aware.lnk
[2010.10.24 13:09:32 | 028,541,623 | ---- | M] () -- D:\Program Files (x86)\Spybot - Search & Destroy.rar
[2010.10.23 20:13:59 | 000,002,981 | ---- | M] () -- D:\Users\Stefan\Desktop\HiJackThis.lnk
[2010.10.23 18:11:56 | 000,000,103 | ---- | M] () -- D:\Windows\wininit.ini
[2010.10.23 18:02:35 | 000,001,066 | ---- | M] () -- D:\Users\Public\Desktop\VLC media player.lnk
[2010.10.23 18:01:13 | 019,657,194 | ---- | M] () -- D:\Users\Stefan\Documents\vlc-1.1.4-win32.exe
[2010.10.23 17:36:13 | 000,002,066 | ---- | M] () -- D:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.10.23 17:09:24 | 000,000,179 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\42693.bat
[2010.10.23 17:09:06 | 000,000,016 | ---- | M] () -- D:\Users\Stefan\AppData\Roaming\dxqkew.dat
[2010.10.22 07:23:18 | 000,067,176 | ---- | M] (Khronos Group) -- D:\Windows\SysNative\OpenCL.dll
[2010.10.22 07:23:18 | 000,057,960 | ---- | M] (Khronos Group) -- D:\Windows\SysWow64\OpenCL.dll
[2010.10.22 07:23:15 | 000,007,877 | ---- | M] () -- D:\Windows\SysNative\nvinfo.pb
[2010.10.20 21:48:37 | 000,000,690 | ---- | M] () -- D:\Users\Public\Desktop\ArcaniA - Gothic 4 starten.lnk
[2010.10.14 13:25:02 | 000,418,392 | ---- | M] () -- D:\Windows\SysNative\FNTCACHE.DAT
[2010.10.12 13:44:28 | 000,000,083 | -HS- | M] () -- D:\ProgramData\.zreglib
[2010.10.10 20:17:30 | 000,001,199 | ---- | M] () -- D:\Users\Public\Desktop\CloneDVD2.lnk
[2010.10.10 20:17:10 | 000,001,101 | ---- | M] () -- D:\Users\Public\Desktop\AnyDVD.lnk
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.01 05:20:42 | 000,000,394 | ---- | C] () -- D:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.10.30 13:10:22 | 002,967,345 | ---- | C] () -- D:\Users\Stefan\Documents\2010-10-30-12-10-MyMDb_Backup.xlg
[2010.10.24 15:57:20 | 000,015,880 | ---- | C] () -- D:\Windows\SysNative\lsdelete.exe
[2010.10.24 13:59:39 | 000,001,174 | ---- | C] () -- D:\Users\Stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010.10.24 13:59:39 | 000,001,150 | ---- | C] () -- D:\Users\Public\Desktop\Ad-Aware.lnk
[2010.10.24 13:09:19 | 028,541,623 | ---- | C] () -- D:\Program Files (x86)\Spybot - Search & Destroy.rar
[2010.10.23 20:13:59 | 000,002,981 | ---- | C] () -- D:\Users\Stefan\Desktop\HiJackThis.lnk
[2010.10.23 18:11:56 | 000,000,103 | ---- | C] () -- D:\Windows\wininit.ini
[2010.10.23 18:02:35 | 000,001,066 | ---- | C] () -- D:\Users\Public\Desktop\VLC media player.lnk
[2010.10.23 17:57:08 | 019,657,194 | ---- | C] () -- D:\Users\Stefan\Documents\vlc-1.1.4-win32.exe
[2010.10.23 17:36:13 | 000,002,066 | ---- | C] () -- D:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.10.23 17:09:32 | 000,000,000 | ---- | C] () -- D:\Users\Stefan\AppData\Local\googleupdate.log
[2010.10.23 17:09:24 | 000,000,179 | ---- | C] () -- D:\Users\Stefan\AppData\Roaming\42693.bat
[2010.10.23 17:09:06 | 000,000,016 | ---- | C] () -- D:\Users\Stefan\AppData\Roaming\dxqkew.dat
[2010.10.20 21:48:37 | 000,000,690 | ---- | C] () -- D:\Users\Public\Desktop\ArcaniA - Gothic 4 starten.lnk
[2010.10.10 20:17:30 | 000,001,199 | ---- | C] () -- D:\Users\Public\Desktop\CloneDVD2.lnk
[2010.10.10 20:17:10 | 000,001,101 | ---- | C] () -- D:\Users\Public\Desktop\AnyDVD.lnk
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- D:\Windows\SysWow64\xlive.dll.cat
[2010.02.07 13:21:18 | 000,000,193 | ---- | C] () -- D:\Windows\WORDPAD.INI
[2010.01.23 13:13:08 | 053,992,860 | ---- | C] () -- D:\Program Files (x86)\MyMDb.rar
[2009/11/28 14:39:19 | 000,015,873 | ---- | C] () -- D:\Windows\SysWow64\Inetde.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\asrussian.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\askorean.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\asjapan.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\asgerman.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\asfrench.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\aseng.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\ASCHT.dll
[2009/11/09 19:47:16 | 000,053,248 | ---- | C] () -- D:\Windows\SysWow64\aschs.dll
[2009/11/07 19:04:33 | 000,003,040 | ---- | C] () -- D:\Windows\SysWow64\drivers\nvflash.sys
[2009/11/07 18:39:06 | 000,024,576 | R--- | C] () -- D:\Windows\SysWow64\AsIO.dll
[2009/11/07 18:39:06 | 000,013,368 | R--- | C] () -- D:\Windows\SysWow64\drivers\AsIO.sys
[2009/11/07 18:21:22 | 000,148,480 | ---- | C] () -- D:\Windows\SysWow64\APOMngr.DLL
[2009/11/07 18:21:22 | 000,073,728 | ---- | C] () -- D:\Windows\SysWow64\CmdRtr.DLL
[2009/11/07 18:20:49 | 000,003,072 | ---- | C] () -- D:\Windows\SysWow64\CTXFIGER.DLL
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/06/04 01:37:08 | 000,021,093 | ---- | C] () -- D:\Windows\SysWow64\instwdm.ini
[2009/06/04 01:37:06 | 000,000,054 | ---- | C] () -- D:\Windows\SysWow64\ctzapxx.ini
[2009/06/04 00:55:20 | 000,002,560 | ---- | C] () -- D:\Windows\SysWow64\CtxfiRes.dll
[2009/05/27 09:49:00 | 000,000,285 | ---- | C] () -- D:\Windows\SysWow64\kill.ini
[2009.12.31 15:31:52 | 000,000,083 | -HS- | C] () -- D:\ProgramData\.zreglib
[2009.12.19 15:50:42 | 000,000,034 | ---- | C] () -- D:\Windows\cdplayer.ini
[2009.12.03 19:33:24 | 000,000,156 | ---- | C] () -- D:\Users\Stefan\AppData\Roaming\default.rss
[2009.12.03 19:33:07 | 000,000,069 | ---- | C] () -- D:\Windows\NeroDigital.ini
[2009.11.09 19:47:15 | 000,761,856 | ---- | C] () -- D:\Windows\SysWow64\xvidcore.dll
[2009.11.09 19:47:15 | 000,180,224 | ---- | C] () -- D:\Windows\SysWow64\xvidvfw.dll
[2009.11.09 15:39:36 | 000,000,038 | ---- | C] () -- D:\Windows\AviSplitter.INI
[2009.11.07 18:38:45 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
[2009.11.07 18:35:19 | 001,594,390 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2009.12.11 17:02:25 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Any DVD Converter Professional
[2010.09.16 16:45:11 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\AquaSoft
[2010.05.29 21:21:23 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\bizarre creations
[2009.11.07 18:16:23 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Blitware
[2010.05.30 19:05:25 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\BOM
[2010.04.25 14:00:51 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\CPUControl
[2010.05.29 21:18:11 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\DAEMON Tools Lite
[2010.10.24 15:57:20 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Desktopicon
[2010.11.02 15:26:38 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\ICQ
[2010.02.04 22:18:43 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\MixVibes
[2010.09.10 22:44:26 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Movie Label
[2010.09.16 17:07:03 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\PixelPlanet
[2009.12.25 09:26:01 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Propellerhead Software
[2010.09.26 18:46:29 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Smart Recorder
[2009.12.06 21:10:57 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Thinstall
[2010.10.08 16:59:59 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\TomTom
[2009.12.19 15:48:41 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Toolbars
[2010.01.24 14:45:49 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\TS3Client
[2010.09.08 17:00:17 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\TuneUp Software
[2009.11.09 15:39:36 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\Win7codecs
[2009.11.08 16:27:12 | 000,000,000 | ---D | M] -- D:\Users\Stefan\AppData\Roaming\XRay Engine
[2010.11.02 22:40:21 | 000,000,394 | ---- | M] () -- D:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010.01.10 15:33:08 | 000,000,468 | ---- | M] () -- D:\Windows\Tasks\Driver Robot.job
[2010.08.31 14:34:38 | 000,032,620 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
[/quote]Geändert von Apex (03.11.2010 um 23:39 Uhr)
-
02.11.2010, 23:01 #27Anfänger
- Registriert seit
- 18.07.2008
- Beiträge
- 22
OTL Extras logfile created on: 11/2/2010 10:45:22 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 71.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 76.33 Gb Total Space | 12.95 Gb Free Space | 16.97% Space Free | Partition Type: NTFS
Drive D: | 201.01 Gb Total Space | 127.88 Gb Free Space | 63.62% Space Free | Partition Type: NTFS
Drive E: | 1196.25 Gb Total Space | 393.57 Gb Free Space | 32.90% Space Free | Partition Type: NTFS
Drive G: | 265.75 Gb Total Space | 72.73 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive H: | 100.00 Gb Total Space | 77.71 Gb Free Space | 77.71% Space Free | Partition Type: NTFS
Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- D:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- D:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "D:\Windows\System32\rundll32.exe" "D:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0F2D7186-EF54-37FA-AA61-ED6F88E771CE}" = Microsoft .NET Framework 4 Extended Beta 2
"{23170F69-40C1-2702-0915-000001000000}" = 7-Zip 9.15 (x64 edition)
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller Driver
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0012-0000-1000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0000-1000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0000-1000-0000000FF1CE}" = Microsoft Office Outlook 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-008B-0000-1000-0000000FF1CE}" = Microsoft Office Small Business Basics 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{A35001F0-F1E4-11DD-A38B-005056C00008}" = Paragon Partition Manager™ 10.0 Professional
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{E856E900-52DE-3F06-B493-B39442A717F6}" = Microsoft .NET Framework 4 Client Profile Beta 2
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Microsoft .NET Framework 4 Client Profile Beta 2" = Microsoft .NET Framework 4 Client Profile Beta 2
"Microsoft .NET Framework 4 Extended Beta 2" = Microsoft .NET Framework 4 Extended Beta 2
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.OUTLOOK" = Microsoft Outlook 2010
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.SMALLBUSBASICS" = Microsoft Office Small Business Basics 2010
"Office14.STANDARD" = Microsoft Office Standard 2010
"Office14.WORD" = Microsoft Word 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Win7x64 Components_is1" = Win7x64 Components v1.2.1
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1" = GPSBabel 1.4.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34BDF3BF-AA61-42E7-8818-C16A304910FC}" = Emma Core
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028703}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{775DC704-AAE3-4A79-981F-EA1CBAF96EB7}" = Gothic III - Götterdämmerung
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{93A10228-4F64-4A31-B7B9-BC6AA7753BB8}" = Scratch LIVE 1.8.2 (18221)
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.14
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A3A61264-B075-46BE-9C97-376EA4CEEEF5}" = PdfGrabber 6.0
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8777FFC-165B-4DDE-B60B-AD5533D9EAD3}" = AquaSoft PhotoKalender 3
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{d0894778-7254-401e-8a82-f9c05ae100bb}" = Nero 9
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{ED3D71CC-9F3B-4AC5-9E55-AB915EBC0BEB}" = HDD Temperature v.4
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALchemy" = Creative ALchemy
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.5.8
"AnyDVD" = AnyDVD
"AoA Video Joiner_is1" = AoA Video Joiner
"AquaSoft PhotoKalender 3" = AquaSoft PhotoKalender 3
"ArcaniA" = ArcaniA - Gothic 4
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.30
"ASIO4ALL" = ASIO4ALL
"AudioCS" = Creative Audio-Systemsteuerung
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Avi2Dvd" = Avi2Dvd 0.4.5 beta
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"AVMWLANCLI" = AVM FRITZ!WLAN
"Biet-O-Matic v2.12.0" = Biet-O-Matic v2.12.0
"ca_movielabel_is1" = Movie Label 2011 v6.1
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Console Launcher" = Creative Konsole Starter
"CPU-Control_is1" = CPU-Control
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1" = EFCL SecuLauncher Error Fix v1.1 by TokZic 1.1
"EFLC Errors Fix v1.3 TokZic 4 myGully" = EFLC Errors Fix v1.3 TokZic 4 myGully
"ESET Online Scanner" = ESET Online Scanner v3
"Fallout New Vegas_is1" = Fallout New Vegas
"Festo Fluidsim_is1" = Festo FluidSim 3.6
"FormatFactory" = FormatFactory 2.20
"Future Wars" = Future Wars
"G3QP231012008_is1" = Questpaket 4 Update 1 Deinstallation
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 1.1.0.12
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"LOGO!Soft Comfort V6.0" = LOGO!Soft Comfort V6.0
"Mafia II Update 1_is1" = Mafia II Update 1
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Manhunt 2" = Manhunt 2
"MKV To AVI With Subtitle_is1" = MKV To AVI With Subtitle version 2.0
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MyMDb_0" = MyMDb 3.5.3
"MyMDb_1" = MyMDb 3.6
"MyMDb_2" = MyMDb 3.6
"MyMDb_3" = MyMDb 3.6
"MyMDb_4" = MyMDb 3.6
"MyMDb_5" = MyMDb 3.6
"Native Instruments Audio 4 DJ Driver" = Native Instruments Audio 4 DJ Driver
"Native Instruments Finale GPO" = Native Instruments Finale GPO
"Native Instruments Maschine Controller Driver" = Native Instruments Maschine Controller Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"Native Instruments Traktor" = Native Instruments Traktor
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Netzmanager" = Netzmanager
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Reason4_is1" = Reason 4.0
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SEMC OMSI Module" = SEMC OMSI Module
"SFBM" = SoundFont-Bank-Manager
"Smart Recorder" = Creative Smart Recorder
"TBSB03968.TBSB03968Toolbar" = Toolbar fuer eBay
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"xvid" = XviD MPEG-4 Video Codec
"YouTubeGet_is1" = YouTubeGet 5.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Freewar Karten Editor" = Freewar Karten Editor
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.09.2010 13:04:04 | Computer Name = Stefan-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 23.09.2010 16:06:06 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xd88 Startzeit der fehlerhaften Anwendung: 0x01cb5b51b099ff00 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
ff4465b0-c74d-11df-82a3-028037060300
Error - 23.09.2010 17:05:32 | Computer Name = Stefan-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 23.09.2010 17:37:45 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xbf8 Startzeit der fehlerhaften Anwendung: 0x01cb5b5e350c3120 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
cceb8780-c75a-11df-82a3-028037060300
Error - 24.09.2010 04:52:17 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xd40 Startzeit der fehlerhaften Anwendung: 0x01cb5bc3e90471a0 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
0826bd70-c7b9-11df-aab3-001f3f028e95
Error - 28.09.2010 00:36:52 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xe84 Startzeit der fehlerhaften Anwendung: 0x01cb5ec647019260 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
036f0720-caba-11df-acd3-028037060300
Error - 28.09.2010 09:33:32 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xea8 Startzeit der fehlerhaften Anwendung: 0x01cb5f1186a86a10 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
fc288590-cb04-11df-8664-028037060300
Error - 30.09.2010 00:39:53 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: IPHLPAPI.DLL, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bda1b Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000d9e6 ID des fehlerhaften
Prozesses: 0xe30 Startzeit der fehlerhaften Anwendung: 0x01cb60591cea8b00 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Windows\system32\IPHLPAPI.DLL Berichtskennung: c45ed3f0-cc4c-11df-82e8-028037060300
Error - 30.09.2010 12:49:50 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xc98 Startzeit der fehlerhaften Anwendung: 0x01cb60a5a3c5aaf0 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
bd684340-ccb2-11df-8b29-001f3f028e95
Error - 01.10.2010 01:04:17 | Computer Name = Stefan-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1,
Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften
Prozesses: 0xe0c Startzeit der fehlerhaften Anwendung: 0x01cb612226419670 Pfad der
fehlerhaften Anwendung: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Pfad des
fehlerhaften Moduls: D:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe Berichtskennung:
57005400-cd19-11df-8db2-028037060300
[ System Events ]
Error - 29.10.2010 16:29:40 | Computer Name = Stefan-PC | Source = DCOM | ID = 10010
Description =
Error - 29.10.2010 22:24:45 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 2
Mal passiert.
Error - 30.10.2010 07:19:24 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 30.10.2010 09:07:01 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 2
Mal passiert.
Error - 30.10.2010 13:37:15 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 31.10.2010 09:57:11 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 31.10.2010 17:19:29 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 2
Mal passiert.
Error - 31.10.2010 17:48:52 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 3
Mal passiert.
Error - 02.11.2010 10:23:48 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 02.11.2010 17:38:09 | Computer Name = Stefan-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
< End of report >Geändert von Apex (03.11.2010 um 23:38 Uhr)
-
02.11.2010, 23:23 #28
Wieso so kompliziert???
Autoruns - Download - CHIP Online
zeigt sogar den pfad an ...
-
02.11.2010, 23:25 #29The Chosen One oder so
- Registriert seit
- 16.09.2007
- Beiträge
- 1.469
Bitte das nächste mal in unseren NoPast-Service reinstecken, das boomt den Inhalt komplett.
Und wenn ich hier noch einmal lesen muss, dass der User einfach formatieren soll, der kriegt nen Lebensban, versprochen!"Die Menschheit wird eines Tages zu Grunde gehen. Vermutlich aus dem gleichen Grund wie die Dinosaurier - zu viel Panzer und zu wenig Hirn."
Zitat von DvDRom & Suicide
DvDRom:
//edit: Natürlich kann Spam in diesem Bereich auch zu einer Verwarnung/Ban führen.
Suicide:
gdffhdsdhsdfgsdfgdfg
-
03.11.2010, 22:05 #30Anfänger
- Registriert seit
- 18.07.2008
- Beiträge
- 22
thema für mich beendet, habe die kiste um paar tage zurückgestellt und läuft.
bedanke mich für die hilfe, auch wenns mit dem normalen entfernen nicht geklapt hat.
mfg
Zitieren
Gehe zu:
Erkennung & Hilfe
Nach oben
Ähnliche Themen
-
Bin infiziert ;D (bitte um Hilfe)
Von CriMe! im Forum Erkennung & HilfeAntworten: 15Letzter Beitrag: 12.05.2010, 21:07 -
Hilfe infiziert
Von treibius im Forum Erkennung & HilfeAntworten: 4Letzter Beitrag: 08.05.2010, 11:01 -
PC Infiziert
Von Jack Daniels #2 im Forum Erkennung & HilfeAntworten: 2Letzter Beitrag: 18.12.2008, 23:42 -
100 % Infiziert !!! Hilfe
Von GetCrunk im Forum SicherheitAntworten: 3Letzter Beitrag: 30.01.2008, 12:25 -
HILFE!!!! STITCH HAT MICH INFIZIERT!!!!
Von Xau im Forum Erkennung & HilfeAntworten: 9Letzter Beitrag: 30.09.2007, 14:00
Stichworte
Berechtigungen
- Neue Themen erstellen: Nein
- Themen beantworten: Nein
- Anhänge hochladen: Nein
- Beiträge bearbeiten: Nein
Alle Zeitangaben in WEZ +1. Es ist jetzt 01:13 Uhr.
Powered by vBulletin® (Deutsch)
Copyright ©2024 Adduco Digital e.K. und vBulletin Solutions, Inc. Alle Rechte vorbehalten.
Copyright ©2024 Adduco Digital e.K. und vBulletin Solutions, Inc. Alle Rechte vorbehalten.
Image resizer by SevenSkins