Testthread - zum testen, posten, zwischenspeichern - nicht zur Unterhaltung

Home » Computer Probleme, Hilfe & Technik Forum » Testthread - zum testen, posten, zwischenspeichern - nicht zur Unterhaltung » Themenansicht

Seite(n): Erste Seite 3 4 5 6 7

Antworten

Testthread - zum testen, posten, zwischenspeichern - nicht zur Unterhaltung

02.02.2010, 21:14 Swisstreasure Moderator Beiträge: 5694	#76 [color=blue]Rootkit mit AVZ Antiviral-Toolkit entfernen[/color] AVZ Antiviral Toolkit ist ein russisches Projekt, welches auch in englisch verfügbar ist. Das Programm prüft auf Viren, Adware, Spyware, Dialer, verdächtige Software (Risktools), Hacktools und Rootkits. [color=green]AVZ ist ein sehr mächtiges Tool, bitte nichts "auf eigene Faust" machen.[/color] Bitte lade [url=http://z-oleg.com/avz4.zip]AVZ4[/url] herunter und entpacke es auf den Desktop. Dort sollte sich nun der Ordner avz4 befinden. • Öffne den Ordner avz4 und starte die avz.exe durch Doppelklick. • Aktualisiere die Signaturen: Im Menü => File => Database Update => Start-Button drücken => OK • Im Menü => AVPM • Dort aud "Install extended monitoring driver" drücken • AVZ wird nun einen Neustart verlangen, also neustarten. • Setze Häkchen vor die Laufwerke, die gescannt werden sollen. • Setze ein Häkchen rechts vor "Perform healing:" • Setze ein Häkchen vor "Copy suspicious files to Quarantine". [color=white].[/color] [color=white].[/color] • Drücke auf den Button "Start", um den Suchlauf zu starten. • Geduld, der Suchlauf kann eine Weile dauern. • Wenn der Suchlauf beendet ist (Scanning finished), drücke rechts auf auf das Diskettensymbol, um das Logfile als Text-Datei zu speichern. • Poste das Logfile hier in den Thread. Eine ausführliche und bebilderte Anleitung findest Du bei [url=http://virus-protect.org/artikel/tools/avz.html]virus-protect.org[/url].

25.02.2010, 02:52 Argus Ehrenmitglied Beiträge: 6028	#77 Test Test 2 Test 3 Test 4 Test 5 __________ MfG Argus

25.03.2010, 15:47 Swisstreasure Moderator Beiträge: 5694	#78 Schritt2 Habe ich Gmer schon mal ausgeführt? Ich bin unseren Thread nochmal durchgegangen und habe nichts davon gefunden. Na ja, ich habe das so gemacht, wie Du es gesagt hast, also mit den "Only Non MS Files". [Code] GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-03-25 10:22:45 Windows 6.0.6002 Service Pack 2 Running: khv64f7i.exe; Driver: C:\Users\ALEXAN~1\AppData\Local\Temp\fgldrpog.sys ---- Modules - GMER 1.0.15 ---- Module \SystemRoot\system32\DRIVERS\videX32.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) 8077B000-80783000 (32768 bytes) Module \SystemRoot\system32\DRIVERS\xfilt.sys (ATA/ATAPI devices hot-plug monitor/VIA Technologies,Inc) 80600000-80609000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\nvlddmkm.sys (NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 169.06 /NVIDIA Corporation) 8E407000-8EBE1000 (8232960 bytes) Module \SystemRoot\System32\Drivers\AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.) 82FD3000-82FE9000 (90112 bytes) Module \SystemRoot\system32\drivers\pfc.sys (Padus(R) ASPI Shell/Padus, Inc.) 8EBED000-8EBF0000 (12288 bytes) Module \SystemRoot\System32\Drivers\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) 8EBF0000-8EBF6000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\fetnd5.sys (NDIS 5.0 miniport driver/VIA Technologies, Inc. ) 8EC5C000-8EC68000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\Ph3xIB32.sys (Ph3xIBxx/Philips Semiconductors GmbH) 8EE02000-8EF17000 (1134592 bytes) Module \SystemRoot\System32\Drivers\x10hid.sys (X10 HID Control Interface/X10 Wireless Technology, Inc.) 8EF9E000-8EFA0000 (8192 bytes) Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 8EDCE000-8EDD8000 (40960 bytes) Module \SystemRoot\system32\drivers\RTKVHDA.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) 8F252000-8F3E5000 (1650688 bytes) Module \SystemRoot\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) 8F4BD000-8F4C5000 (32768 bytes) Module \SystemRoot\System32\Drivers\ElbyCDIO.sys (ElbyCD Windows NT/2000/XP I/O driver/Elaborate Bytes AG) 8F40A000-8F40C000 (8192 bytes) Module \SystemRoot\System32\Drivers\x10ufx2.sys (X10 USB Control Interface/X10 Wireless Technology, Inc.) 8FE54000-8FE5E000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\netr73.sys (Ralink 802.11 Wireless Adapter Driver/Ralink Technology Corp.) 8FE96000-8FEEC000 (352256 bytes) Module \SystemRoot\System32\TSDDD.dll (Framebuffer Display Driver/Microsoft Corporation) 98020000-98029000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) 9D0E0000-9D0F9000 (102400 bytes) Module \SystemRoot\system32\DRIVERS\atksgt.sys A5C5D000-A5CA0000 (274432 bytes) Module \SystemRoot\system32\DRIVERS\lirsgt.sys A5CA0000-A5CA5000 (20480 bytes) Module \SystemRoot\System32\Drivers\secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) A5D83000-A5D8D000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) A5DD8000-A5DFA000 (139264 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) 9D1C6000-9D1DB000 (86016 bytes) Module \??\C:\Users\ALEXAN~1\AppData\Local\Temp\fgldrpog.sys (GMER) 9D1DB000-9D1F2000 (94208 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\Windows\system32\taskeng.exe (Aufgabenplanungsmodul/Microsoft Corporation) 372 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x027D0000 Library C:\Windows\system32\pautoenr.dll (DLL für automatische Registrierung/Microsoft Corporation) 0x6AA80000 Process C:\Users\Alexander\Desktop\khv64f7i.exe 476 Library C:\Users\Alexander\Desktop\khv64f7i.exe 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\ehome\ehRecvr.exe (Windws Media Center-Empfängerdienst/Microsoft Corporation) 480 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Windows\system32\Ph3xIB32MV.dll (KS Proxy Plugin/Philips Semiconductors GmbH) 0x68E40000 Library C:\Windows\System32\tvratings.dll (TestRat Rating Test Module/Microsoft) 0x6A700000 Library C:\Program Files\ACD Systems\ACDSee\9.0\mcesmpeg.ax (MPEG Encoder and Muxer/MainConcept AG) 0x01D60000 Library C:\Program Files\ACD Systems\ACDSee\9.0\mpgaout.dll (MPEG Audio Encoder/MainConcept AG) 0x24000000 Library C:\Program Files\ACD Systems\ACDSee\9.0\mpgvout.dll (MPEG Video Wrapper/MainConcept AG) 0x01D90000 Library C:\Program Files\ACD Systems\ACDSee\9.0\mpgmux.dll (MPEG Multiplexer/MainConcept AG) 0x02E60000 Library C:\Program Files\ACD Systems\ACDSee\9.0\mpgvout.004 (MPEG Video Encoder/MainConcept AG) 0x03F80000 Process C:\Windows\system32\csrss.exe (Client-Server-Laufzeitprozess/Microsoft Corporation) 488 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) 548 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von Anforderungsprozessen/Generatoren/Microsoft Corporation) 0x6FEE0000 Process C:\Windows\system32\csrss.exe (Client-Server-Laufzeitprozess/Microsoft Corporation) 556 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\system32\wininit.exe (Windows-Startanwendung/Microsoft Corporation) 564 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\services.exe (Anwendung für Dienste und Controller/Microsoft Corporation) 600 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 612 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\lsm.exe (Lokaler Sitzungs-Manager-Dienst/Microsoft Corporation) 620 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (TV Broadcast Service/ODSoft multimedia) 740 Library C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (TV Broadcast Service/ODSoft multimedia) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 764 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 824 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 860 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\winlogon.exe (Windows-Anmeldeanwendung/Microsoft Corporation) 908 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 948 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\RtHDVCpl.exe (HD Audio Control Panel/Realtek Semiconductor) 964 Library C:\Windows\RtHDVCpl.exe (HD Audio Control Panel/Realtek Semiconductor) 0x00400000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 976 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library c:\windows\system32\tabsvc.dll (Microsoft Tablet PC-Eingabedienst/Microsoft Corporation) 0x74EE0000 Library c:\windows\system32\l2gpstore.dll (Policy Storage dll/Microsoft Corporation) 0x732D0000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\System32\ACTIVEDS.dll (ADs Router-Ebene-DLL/Microsoft Corporation) 0x700C0000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 992 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\system32\ACTIVEDS.dll (ADs Router-Ebene-DLL/Microsoft Corporation) 0x700C0000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von Anforderungsprozessen/Generatoren/Microsoft Corporation) 0x6FEE0000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x6A740000 Process C:\Windows\system32\AUDIODG.EXE (Windows Graphisolierung für Audiogeräte /Microsoft Corporation) 1080 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RtkAPO.dll (Realtek(r) LFX/GFX DSP component/Realtek Semiconductor Corp.) 0x73070000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 1100 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\system32\SLsvc.exe (Microsoft-Softwarelizenzierungsdienst/Microsoft Corporation) 1116 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 1168 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library c:\windows\system32\webclnt.dll (Web DAV-Dienst-DLL/Microsoft Corporation) 0x70430000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6DC00000 Library c:\windows\system32\upnphost.dll (UPnP-Gerätehost/Microsoft Corporation) 0x665A0000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 1264 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library c:\windows\system32\vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von Anforderungsprozessen/Generatoren/Microsoft Corporation) 0x6FEE0000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library c:\windows\system32\ACTIVEDS.dll (ADs Router-Ebene-DLL/Microsoft Corporation) 0x700C0000 Library C:\Windows\system32\ndptsp.tsp (NDIS-Proxy-TAPI-Dienstanbieter/Microsoft Corporation) 0x6C2C0000 Process C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (VPN Agent Service/Cisco Systems, Inc.) 1300 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (VPN Agent Service/Cisco Systems, Inc.) 0x00C00000 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\SSLEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x10000000 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x0FB00000 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnapi.dll (AnyConnect VPN Client API/Cisco Systems, Inc.) 0x74660000 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpncommon.dll (Common/Cisco Systems, Inc.) 0x745E0000 Library C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpncommoncrypt.dll (CommonCrypt/Cisco Systems, Inc.) 0x73FD0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\vVX3000.exe (Microsoft LifeCam Device Application/Microsoft Corporation) 1444 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Home Cinema\TV Enhance\TVEService.exe (CyberLink PowerCinema Resident Program/CyberLink Corp.) 1556 Library C:\Program Files\Home Cinema\TV Enhance\TVEService.exe (CyberLink PowerCinema Resident Program/CyberLink Corp.) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\Common\CLRCEngine3.dll (CyberLink Remote Control Module for PowerCinema/CyberLink Corp.) 0x10000000 Library C:\PROGRA~1\COMMON~1\X10\Common\x10net.dll (X10net Module/X10 Wireless Technology, Inc.) 0x13000000 Library C:\Windows\system32\MSIMG32.DLL (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x016F0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapX.dll (CLCapX/Cyberlink) 0x03340000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLAuMixer.dll (CLAuMixer/CyberLink Corp.) 0x03380000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLSchMgr.dll 0x035B0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapSvcps.dll 0x03390000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapEngine.dll 0x035E0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRRec4.dll (CLRec4.1/CyberLink Corp.) 0x04BE0000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLTinyDB.dll 0x036B0000 Process C:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 1588 Library C:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\System32\spoolsv.exe (Spoolersubsystem-Anwendung/Microsoft Corporation) 1728 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\system32\AdobePDF.dll (Acrobat ® PDF Port/Adobe Systems Incorporated.) 0x50400000 Library C:\Program Files\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU 0x10000000 Library C:\Windows\System32\cpwmon2k.dll 0x00DD0000 Library C:\Windows\System32\KML10001.DLL (KM GDI language monitor/KYOCERA MITA Corporation) 0x00E40000 Library C:\Windows\System32\KML15001.dll (KML15001 DLL/KYOCERA MITA Corporation) 0x00E60000 Library C:\Windows\System32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x009D0000 Library C:\Windows\System32\usbmon.dll (Standard-DLL für dynamischen Druckanschlussmonitor/Microsoft Corporation) 0x723F0000 Library C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x01B50000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 1764 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6DC00000 Process C:\Windows\system32\taskeng.exe (Aufgabenplanungsmodul/Microsoft Corporation) 1872 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\pautoenr.dll (DLL für automatische Registrierung/Microsoft Corporation) 0x6AA80000 Process C:\Windows\system32\Dwm.exe (Desktopfenster-Manager/Microsoft Corporation) 1936 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\nvd3dum.dll (NVIDIA Compatible Vista WDDM D3D Driver, Version 169.06 /NVIDIA Corporation) 0x10000000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x01DE0000 Process C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks Scheduler/RealNetworks, Inc.) 1972 Library C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks Scheduler/RealNetworks, Inc.) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 1996 Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00D70000 Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AVGuard Messages (Deutsch)/Avira GmbH) 0x00CC0000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x6A790000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00CF0000 Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x69DF0000 Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x00EE0000 Library C:\Windows\system32\FLTLIB.DLL (Filterbibliothek/Microsoft Corporation) 0x6AB10000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01410000 Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00D60000 Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00F40000 Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00F10000 Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02000000 Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00F70000 Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012B0000 Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01560000 Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016C0000 Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01600000 Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x017C0000 Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x025C0000 Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01F10000 Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02100000 Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02160000 Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01430000 Process C:\Windows\Explorer.EXE (Windows-Explorer/Microsoft Corporation) 2008 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Common Files\Ahead\Lib\NeroSearchBar.dll (Nero File Dialog/Nero AG) 0x10000000 Library C:\Program Files\Common Files\Ahead\Lib\BCGCBPRO800u.dll (BCGControlBar Professional DLL/BCGSoft Ltd) 0x04010000 Library C:\Windows\system32\msimg32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x043F0000 Library C:\Program Files\CyberLink\Shared Files\clm1splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x1C400000 Library C:\Program Files\CyberLink\Shared Files\clm2splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x03950000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRM2Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x06690000 Library C:\Program Files\Home Cinema\PowerDirector\PDM1Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x066C0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMBM1Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x06E50000 Library C:\Program Files\Home Cinema\PowerDirector\PDM2Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x07150000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMBM2Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x07220000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\VideoProcessor\MDTLM2Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x074D0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\VideoProcessor\MDTLM1Splter.ax (CyberLink MPEG Splitter/CyberLink Corp.) 0x07660000 Library C:\Windows\system32\RLOgg.ax (RLOgg/RadLight) 0x0A220000 Library C:\Program Files\Home Cinema\PowerDVD\NavFilter\CLDemuxer.ax (MPEG-2 Dempltiplexer/CyberLink Corp.) 0x06600000 Library C:\Program Files\Sceneo\Bonavista\Services\ODSBC\tsfeed.ax (TS Feed Filter/ODSoft Multimedia) 0x04390000 Library C:\Program Files\Sceneo\Bonavista\Services\ODSBC\mpgwriter.ax (MPG File Writer Filter/ODSoft Multimedia) 0x06C10000 Library C:\Program Files\Common Files\Ahead\DSFilter\NeMP4Splitter.ax (MP4 Splitter Filter/Nero AG) 0x06D30000 Library C:\Windows\system32\DiracSplitter.ax (Dirac Splitter/Gabest) 0x07250000 Library c:\program files\common files\ahead\dsfilter\nevideo.ax (MPEG-1/2/4 & AVC video decoder w/ DxVA/Nero AG) 0x07690000 Library C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll (AdvrCntr Module/Nero AG) 0x07EE0000 Library C:\Program Files\Home Cinema\PowerDVD\NavFilter\clm4splt.ax (CyberLink MPEG-4 Splitter/CyberLink Corp.) 0x03CC0000 Library C:\Program Files\Common Files\Ahead\DSFilter\NeSplitter.ax (Splitter Filter/Nero AG) 0x06E90000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\Movie\CLDemuxer.ax (MPEG-2 Dempltiplexer/CyberLink Corp.) 0x06ED0000 Library C:\Program Files\Common Files\Ahead\DSFilter\NeOggSplitter.ax (Ogg Splitter Filter/Nero AG) 0x06F70000 Library C:\Program Files\Common Files\Ahead\DSFilter\NeSubpicture.ax (Nero Subpicture Decoder/Nero AG) 0x06FD0000 Library C:\Program Files\Common Files\Ahead\DSFilter\NeResize.ax (Resizing Filter/Nero AG) 0x07030000 Library C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x045E0000 Library C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll (Nero BackItUp/Nero AG) 0x04600000 Library C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Shell Extension DLL/WinZip Computing, Inc.) 0x16200000 Library C:\Program Files\WinRAR\rarext.dll 0x06F90000 Library C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll (Adobe Acrobat Context Menu/Adobe Systems Inc.) 0x08AA0000 Library C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.deu (Adobe Acrobat Context Menu/Adobe Systems Inc.) 0x089F0000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6DC00000 Library C:\Windows\system32\wscntfy.dll (Windows-Sicherheitscenter-Benachrichtigungsanwendung/Microsoft Corporation) 0x69EB0000 Library C:\Program Files\Avira\AntiVir Desktop\shlext.dll (AntiVirus context menu/Avira GmbH) 0x035C0000 Process C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe (PowerDVD RC Service/Cyberlink Corp.) 2060 Library C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe (PowerDVD RC Service/Cyberlink Corp.) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Home Cinema\PowerDVD\CLRCEngine3.dll (Cyberlink Remote Control Module for PCM/CyberLink Corp.) 0x10000000 Library C:\PROGRA~1\COMMON~1\X10\Common\x10net.dll (X10net Module/X10 Wireless Technology, Inc.) 0x13000000 Library C:\Windows\system32\MSIMG32.DLL (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x01D20000 Process C:\Program Files\QuickTime\QTTask.exe (QuickTime Task/Apple Inc.) 2068 Library C:\Program Files\QuickTime\QTTask.exe (QuickTime Task/Apple Inc.) 0x00020000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\System32\rundll32.exe (Windows-Hostprozess (Rundll32)/Microsoft Corporation) 2088 Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x73C10000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\NvMcTray.dll (NVIDIA Media Center Library/NVIDIA Corporation) 0x10000000 Library C:\Windows\System32\nvapi.dll (NVIDIA NVAPI Library, Version 169.06 /NVIDIA Corporation) 0x00130000 Process C:\Program Files\Microsoft IntelliType Pro\itype.exe (IType.exe/Microsoft Corporation) 2128 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\iTunes\iTunesHelper.exe (iTunesHelper/Apple Inc.) 2136 Library C:\Program Files\iTunes\iTunesHelper.exe (iTunesHelper/Apple Inc.) 0x00F60000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\iTunes\iTunesHelper.dll (iTunesHelper DLL/Apple Inc.) 0x71A50000 Library C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll (CoreFoundation/Apple Inc.) 0x71740000 Library C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll (POSIX Threads for Windows32 Library/Open Source Software community project) 0x73C80000 Library C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll (Objective-C Runtime Library/Apple Inc.) 0x73C60000 Library C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll (IBM ICU I18N DLL/IBM Corporation and others) 0x6FA40000 Library C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll (IBM ICU Common DLL/IBM Corporation and others) 0x6F950000 Library C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll (ICU Data DLL/IBM Corporation and others) 0x6EBF0000 Library C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll (Apple System Log/Apple, Inc.) 0x73C00000 Library C:\Program Files\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL (iTunesHelper Ressourcebibliothek/Apple Inc.) 0x73B80000 Library C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL (iTunesHelper Resource Library/Apple Inc.) 0x73B70000 Library C:\Program Files\QuickTime\QTSystem\QuickTime.qts (QuickTime/Apple Inc.) 0x6D050000 Library C:\Program Files\QuickTime\QTSystem\QTCF.dll (QuickTime CoreFoundation/Apple Inc.) 0x703C0000 Library C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL (CFNetwork/Apple, Inc.) 0x70240000 Library C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll (SQLite3 Dynamic Link Library/Apple Inc.) 0x70350000 Library C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 0x70900000 Library C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll (iTunesMobileDevice/Apple Inc.) 0x10000000 Process C:\Program Files\Microsoft IntelliPoint\ipoint.exe (IPoint.exe/Microsoft Corporation) 2144 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Process C:\Program Files\Common Files\ACD Systems\DE\DevDetect.exe (Device Detector/ACD Systems, Ltd.) 2152 Library C:\Program Files\Common Files\ACD Systems\DE\DevDetect.exe (Device Detector/ACD Systems, Ltd.) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x10000000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (AcroTray/Adobe Systems Inc.) 2192 Library C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (AcroTray/Adobe Systems Inc.) 0x00400000 Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x73C10000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.deu 0x10000000 Library C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.FRA 0x003D0000 Process C:\Windows\ehome\ehtray.exe (Media Center Tray Applet/Microsoft Corporation) 2204 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\System32\rundll32.exe (Windows-Hostprozess (Rundll32)/Microsoft Corporation) 2212 Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x73C10000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\System32\NVSVC.DLL (NVIDIA Driver Helper Service, Version 169.06/NVIDIA Corporation) 0x10000000 Library C:\Windows\System32\nvapi.dll (NVIDIA NVAPI Library, Version 169.06 /NVIDIA Corporation) 0x00A00000 Process C:\Windows\ehome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 2292 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 2492 Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von Anforderungsprozessen/Generatoren/Microsoft Corporation) 0x6FEE0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000 Process C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Antivirus Control Center/Avira GmbH) 2672 Library C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Antivirus Control Center/Avira GmbH) 0x00400000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Program Files\Avira\AntiVir Desktop\cctpc.dll (Control Center TaskPanelCtrl/Avira GmbH) 0x10000000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x68E80000 Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x6A790000 Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x003E0000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x02B70000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00CA0000 Library c:\program files\avira\antivir desktop\ccprofil.dll (Control Center Scanner Plugin/Avira GmbH) 0x01A90000 Library c:\program files\avira\antivir desktop\ccscanrc.dll (Control Center Scanner Plugin Resources/Avira GmbH) 0x01A00000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x01D40000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x01A40000 Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x6A430000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01DD0000 Library c:\program files\avira\antivir desktop\ccquamgr.dll (Control Center Quarantine Manager Plugin/Avira GmbH) 0x01E00000 Library c:\program files\avira\antivir desktop\ccquarc.dll (Control Center Quarantine Manager Plugin Resources/Avira GmbH) 0x01EC0000 Library c:\program files\avira\antivir desktop\ccsched.dll (Control Center Scheduler Plugin/Avira GmbH) 0x01EE0000 Library c:\program files\avira\antivir desktop\ccscherc.dll (Control Center Scheduler Plugin Resources/Avira GmbH) 0x01F70000 Library c:\program files\avira\antivir desktop\ccreport.dll (Control Center Report Plugin/Avira GmbH) 0x01F90000 Library c:\program files\avira\antivir desktop\ccreporc.dll (Control Center Report Plugin Resources/Avira GmbH) 0x02020000 Library c:\program files\avira\antivir desktop\ccev.dll (Control Center Event Plugin/Avira GmbH) 0x02040000 Library c:\program files\avira\antivir desktop\ccevrc.dll (Control Center Event Plugin Resources/Avira GmbH) 0x020D0000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x03B10000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x02300000 Library c:\program files\avira\antivir desktop\ccupdw.dll (Control Center Updater Worker Plugin/Avira GmbH) 0x6A890000 Library c:\program files\avira\antivir desktop\ccschedw.dll (Control Center Scheduler Worker Plugin/Avira GmbH) 0x6A870000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x03B60000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x03B90000 Library c:\program files\avira\antivir desktop\cclicw.dll (Control Center License Worker Plugin/Avira GmbH) 0x6AB30000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x02990000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library c:\program files\avira\antivir desktop\ccevw.dll (Control Center Event Worker Plugin/Avira GmbH) 0x6A830000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x05010000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x05F50000 Library c:\program files\avira\antivir desktop\updaterc.dll (product updater resource library/Avira GmbH) 0x05180000 Library c:\program files\avira\antivir desktop\guardmsg.dll (AVGuard Messages (Deutsch)/Avira GmbH) 0x05A60000 Library c:\program files\avira\antivir desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x05DB0000 Library c:\program files\avira\antivir desktop\avscan.dll (Workstation On-Demand Scanner/Avira GmbH) 0x05E60000 Process \\?\C:\Windows\system32\wbem\WMIADAP.EXE (WMI Reverse Performance Adapter Maintenance Utility/Microsoft Corporation) 3016 Library C:\Windows\system32\loadperf.dll (Lade- und Entlademodul für Leistungsindikatoren/Microsoft Corporation) 0x69060000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\ProgramData\U3\U3Launcher\LaunchU3.exe 3036 Library C:\ProgramData\U3\U3Launcher\LaunchU3.exe 0x00400000 Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x73C10000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x10000000

25.03.2010, 15:47 Swisstreasure Moderator Beiträge: 5694	#79 Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 3476 Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x01200000 Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x66E50000 Library C:\Program Files\Mozilla Firefox\sqlite3.dll (SQLite Database Library/sqlite.org) 0x699F0000 Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x69940000 Library C:\Program Files\Mozilla Firefox\js3250.dll 0x69840000 Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x10000000 Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00050000 Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x00070000 Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x00160000 Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x00020000 Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x00110000 Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x00180000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x6A750000 Library C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll (Mozilla Foundation) 0x6A6C0000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll (Mozilla Foundation) 0x69810000 Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x02160000 Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x02310000 Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x02510000 Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x02560000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Windows\system32\Macromed\Flash\NPSWF32.dll 0x669B0000 Process C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 4188 Library C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 0x001B0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Microsoft LifeCam\MSCamS32.exe (MsCamSvc.exe/Microsoft Corporation) 4264 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 4332 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Program Files\CyberLink\Shared Files\RichVideo.exe 4420 Library C:\Program Files\CyberLink\Shared Files\RichVideo.exe 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft SeaPort Search Enhancement Broker/Microsoft Corporation) 4480 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe (Sceneo PVR-Service/Buhl Data Service GmbH) 4536 Library C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe (Sceneo PVR-Service/Buhl Data Service GmbH) 0x00400000 Library C:\Program Files\Sceneo\Bonavista\Services\PVR\tvtvRemote.dll 0x10000000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\msjetoledb40.dll 0x6DD70000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\system32\midas.dll 0x4DAE0000 Process C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe 4592 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe 0x00400000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll 0x10000000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapEngine.dll 0x003C0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRRec4.dll (CLRec4.1/CyberLink Corp.) 0x02C00000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapSvcps.dll 0x01BC0000 Library C:\Windows\system32\Ph3xIB32MV.dll (KS Proxy Plugin/Philips Semiconductors GmbH) 0x68E40000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRResample.ax (CyberLink Video Regulator/CyberLink) 0x02150000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRSQLDB.dll (CLSQLDB Dynamic Link Library/CyberLink) 0x02190000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRdemuxer.ax (MPEG-2 Dempltiplexer/CyberLink Corp.) 0x03CD0000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\PCMRTSInfo.ax (CLTSInfo/Cyberlink) 0x04240000 Library C:\Windows\System32\tvratings.dll (TestRat Rating Test Module/Microsoft) 0x6A700000 Process C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) 4636 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Process C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search-Indexerstellung/Microsoft Corporation) 4760 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von Anforderungsprozessen/Generatoren/Microsoft Corporation) 0x6FEE0000 Process C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10 Module/X10) 4788 Library C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10 Module/X10) 0x00400000 Library C:\PROGRA~1\COMMON~1\X10\Common\x10net.DLL (X10net Module/X10 Wireless Technology, Inc.) 0x13000000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\MSIMG32.DLL (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Process C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (AutoUpater Service Module/Yahoo! Inc.) 4872 Library C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (AutoUpater Service Module/Yahoo! Inc.) 0x00400000 Library C:\Windows\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x73C10000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x73290000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 4944 Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x007C0000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x6A790000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00830000 Process C:\Windows\system32\WUDFHost.exe (Windows Driver Foundation - Benutzermodus-Treiberframework-Hostprozess/Microsoft Corporation) 5132 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe 5164 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe 0x00400000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLCapSvcps.dll 0x10000000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLSchMgr.dll 0x00380000 Library C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\CLTinyDB.dll 0x008E0000 Process C:\Windows\ehome\ehsched.exe (Windows Media Center-Planerdienst/Microsoft Corporation) 5244 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) 5280 Library C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) 0x00220000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.DLL (iPodService Resource Library (32 Bit)/Apple Inc.) 0x6AF40000 Library C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL (iPodService Resource Library (32-bit)/Apple Inc.) 0x6B390000 Process C:\Windows\System32\mobsync.exe (Microsoft Sync Center/Microsoft Corporation) 5304 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Windows\system32\wbem\wmiprvse.exe (WMI Provider Host/Microsoft Corporation) 5356 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 5664 Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74550000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77830000 Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x68E80000 Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x6A790000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x10000000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x003D0000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x01690000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x01700000 Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x6A430000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x02270000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x024B0000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x02520000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x02540000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x02590000 Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x025B0000 Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x02620000 Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x02940000 Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x02E20000 Library C:\Users\ALEXAN~1\AppData\Local\Temp\23631764.nls 0x02F20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75770000 ---- Services - GMER 1.0.15 ---- Service C:\Windows\system32\DRIVERS\3xHybrid.sys (3xHybrid/Philips Semiconductors GmbH) [MANUAL] 3xHybrid Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (System Level Service Utility/Adobe Systems) [MANUAL] Adobe LM Service Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service C:\Windows\System32\Drivers\AnyDVD.sys (AnyDVD Filter Driver/SlySoft, Inc.) [MANUAL] AnyDVD Service C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device Service C:\??\C:\Windows\System32\DRIVERS\ASPI32.sys [MANUAL] ASPI Service C:\Windows\system32\DRIVERS\atksgt.sys [AUTO] atksgt Service C:\Windows\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\Windows\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb Service C:\Windows\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser Service C:\Windows\system32\drivers\brfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo Service C:\Windows\system32\drivers\brfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp Service C:\Windows\system32\drivers\brusbser.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer Service BTHPORT Service C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) [MANUAL] E1G60 Service C:\Windows\System32\Drivers\ElbyCDIO.sys (ElbyCD Windows NT/2000/XP I/O driver/Elaborate Bytes AG) [SYSTEM] ElbyCDIO Service C:\Windows\system32\DRIVERS\fetnd5.sys (NDIS 5.0 miniport driver/VIA Technologies, Inc. ) [MANUAL] FETNDIS Service C:\Windows\System32\Drivers\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM Service C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc.) [AUTO] gupdate1c9c75d7a01c9c7 Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [AUTO] gusvc Service C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT Service C:\Windows\system32\drivers\RTKVHDA.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService Service system32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [MANUAL] iPod Service Service C:\Windows\system32\DRIVERS\lirsgt.sys [AUTO] lirsgt Service C:\??\C:\Windows\system32\drivers\LVPrcMon.sys [MANUAL] LVPrcMon Service system32\drivers\LVUSBSta.sys [MANUAL] LVUSBSta Service MSDTC Bridge 3.0.0.0 Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios Service C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [MANUAL] NBService Service C:\Windows\system32\DRIVERS\netr73.sys (Ralink 802.11 Wireless Adapter Driver/Ralink Technology Corp.) [MANUAL] netr73 Service C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero Home/Nero AG) [MANUAL] NMIndexingService Service C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 169.06 /NVIDIA Corporation) [MANUAL] nvlddmkm Service system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service Outlook Service C:\Windows\system32\drivers\pfc.sys (Padus(R) ASPI Shell/Padus, Inc.) [MANUAL] pfc Service C:\Windows\system32\DRIVERS\Ph3xIB32.sys (Ph3xIBxx/Philips Semiconductors GmbH) [MANUAL] Ph3xIB32 Service system32\DRIVERS\LV561AV.SYS [MANUAL] PID_0928 Service C:\Windows\system32\DRIVERS\atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.) [MANUAL] R300 Service C:\Windows\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD Service C:\Program Files\CyberLink\Shared Files\RichVideo.exe [AUTO] RichVideo Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\Windows\system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd Service SMSvcHost 3.0.0.0 Service C:\Windows\system32\DRIVERS\Spyder2.sys [MANUAL] Spyder2 Service C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe (Sceneo PVR-Service/Buhl Data Service GmbH) [AUTO] srvcPVR Service C:\Windows\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [MANUAL] ssmdrv Service C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [AUTO] TVECapSvc Service C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [AUTO] TVESched Service C:\Windows\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL Service C:\Windows\system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga Service C:\Windows\system32\DRIVERS\videX32.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [BOOT] videX32 Service C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (VPN Agent Service/Cisco Systems, Inc.) [AUTO] vpnagent Service C:\Windows\system32\DRIVERS\vpnva.sys (Cisco AnyConnect VPN Client Virtual Miniport Adapter for Windows/Cisco Systems, Inc.) [MANUAL] vpnva Service Windows Workflow Foundation 3.0.0.0 Service WSearchIdxPi Service C:\Windows\System32\Drivers\x10hid.sys (X10 HID Control Interface/X10 Wireless Technology, Inc.) [MANUAL] X10Hid Service C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10 Module/X10) [AUTO] x10nets Service C:\Windows\system32\DRIVERS\xfilt.sys (ATA/ATAPI devices hot-plug monitor/VIA Technologies,Inc) [BOOT] xfilt Service C:\Windows\System32\Drivers\x10ufx2.sys (X10 USB Control Interface/X10 Wireless Technology, Inc.) [MANUAL] XUIF Service C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (AutoUpater Service Module/Yahoo! Inc.) [AUTO] YahooAUService ---- EOF - GMER 1.0.15 ---- [/Code]

25.03.2010, 16:01 Swisstreasure Moderator Beiträge: 5694	#80 Schritt 4 Code OTL logfile created on: 25.03.2010 10:28:10 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Alexander\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 \| Country: Deutschland \| Language: DEU \| Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 60,00% Memory free 6,00 Gb Paging File \| 5,00 Gb Available in Paging File \| 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 271,72 Gb Total Space \| 39,97 Gb Free Space \| 14,71% Space Free \| Partition Type: NTFS Drive D: \| 26,34 Gb Total Space \| 18,12 Gb Free Space \| 68,80% Space Free \| Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 298,09 Gb Total Space \| 158,08 Gb Free Space \| 53,03% Space Free \| Partition Type: NTFS Computer Name: ALEX Current User Name: Alexander Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Alexander\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Alexander\Desktop\khv64f7i.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft\Office Live\OfficeLiveSignIn.exe (Microsoft Corp.) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe () PRC - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe () PRC - C:\Programme\Home Cinema\TV Enhance\TVEService.exe (CyberLink Corp.) PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) PRC - C:\Windows\vVX3000.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Common Files\ACD Systems\DE\DevDetect.exe (ACD Systems, Ltd.) PRC - C:\ProgramData\U3\U3Launcher\LaunchU3.exe () PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\Alexander\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.) DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH) DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (Spyder2) -- C:\Windows\System32\drivers\Spyder2.sys () DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH) DRV - (VX3000) -- C:\Windows\System32\drivers\VX3000.sys (Microsoft Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (xfilt) -- C:\Windows\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc) DRV - (videX32) -- C:\Windows\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) DRV - (LVPrcMon) -- C:\Windows\System32\drivers\LVPrcMon.sys () DRV - (ASPI) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mirostart.com/?cfg=2-73-0-cFDH IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.spiegel.de" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8 FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5 FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.74 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.24 07:38:45 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.24 07:38:45 \| 000,000,000 \| ---D \| M] [2008.06.17 19:29:26 \| 000,000,000 \| ---D \| M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Extensions [2010.03.25 09:06:46 \| 000,000,000 \| ---D \| M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions [2007.10.19 17:48:28 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991} [2009.07.22 16:36:12 \| 000,000,000 \| ---D \| M] (Microsoft .NET Framework Assistant) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.10.28 18:29:05 \| 000,000,000 \| ---D \| M] (Yahoo! Toolbar) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.02.11 19:35:41 \| 000,000,000 \| ---D \| M] (Speed Dial) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{64161300-e22b-11db-8314-0800200c9a66} [2010.02.03 08:49:58 \| 000,000,000 \| ---D \| M] (Firefox Showcase) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda} [2010.02.11 19:35:38 \| 000,000,000 \| ---D \| M] (Live HTTP Headers) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2010.02.03 08:49:53 \| 000,000,000 \| ---D \| M] (Noia 2.0 (eXtreme)) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2010.02.03 08:49:57 \| 000,000,000 \| ---D \| M] (DownloadHelper) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.02.03 08:49:58 \| 000,000,000 \| ---D \| M] (Fast Video Download (with SearchMenu)) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2009.11.03 20:04:14 \| 000,000,000 \| ---D \| M] (SearchPreview) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2009.04.14 19:52:27 \| 000,000,000 \| ---D \| M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\firefox@tvunetworks(63).com [2009.10.24 16:24:48 \| 000,000,000 \| ---D \| M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\moveplayer@movenetworks.com [2007.10.19 17:48:28 \| 000,000,000 \| ---D \| M] -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\kwezadbm.default\extensions\piraton@enchufados.net [2010.01.27 17:05:36 \| 000,001,743 \| ---- \| M] () -- C:\Users\Alexander\AppData\Roaming\Mozilla\FireFox\Profiles\kwezadbm.default\searchplugins\ask.uk.xml [2010.03.21 23:39:46 \| 000,000,950 \| ---- \| M] () -- C:\Users\Alexander\AppData\Roaming\Mozilla\FireFox\Profiles\kwezadbm.default\searchplugins\icqplugin-1.xml [2008.02.19 17:16:46 \| 000,000,951 \| ---- \| M] () -- C:\Users\Alexander\AppData\Roaming\Mozilla\FireFox\Profiles\kwezadbm.default\searchplugins\icqplugin.xml [2010.03.17 23:49:53 \| 000,000,000 \| ---D \| M] -- C:\Programme\Mozilla Firefox\extensions [2007.08.02 21:01:17 \| 000,000,000 \| ---D \| M] (Amazon-Startcenter) -- C:\Programme\Mozilla Firefox\extensions\{144D1513-0819-4538-AD26-D515AF443AE7} [2007.08.02 21:01:18 \| 000,000,000 \| ---D \| M] (Home Extension) -- C:\Programme\Mozilla Firefox\extensions\{2E6861CA-9A88-4B7B-B935-F810DE84D259} [2007.08.02 21:01:18 \| 000,000,000 \| ---D \| M] (eBay Statusbar Button) -- C:\Programme\Mozilla Firefox\extensions\{B1FC0AB8-EEDC-451A-9185-A0D5E308BBDD} [2007.08.02 21:01:17 \| 000,000,000 \| ---D \| M] (Amazon Kontextmenü) -- C:\Programme\Mozilla Firefox\extensions\{EC1B67CA-A2CD-4931-915A-63D5341D1285} [2010.01.16 02:15:29 \| 000,001,392 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.16 02:15:29 \| 000,002,344 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.16 02:15:29 \| 000,006,805 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.16 02:15:29 \| 000,001,178 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.16 02:15:29 \| 000,001,105 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.03.21 13:54:40 \| 000,000,027 \| ---- \| M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Device Detector] File not found O4 - HKLM..\Run: [InstantOn] C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe () O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) O4 - HKLM..\Run: [TVEService] C:\Program Files\Home Cinema\TV Enhance\TVEService.exe (CyberLink Corp.) O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Helper] C:\Users\Alexander\AppData\Roaming\Helper\bin\liveu.exe () O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\Users\Alexander\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.) O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://sslvpn.uni-potsdam.de/CACHE/stc/1/binaries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\bw+0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw+0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw-0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw00 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw00s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw-0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw10 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw10s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw20 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw20s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw30 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw30s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw40 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw40s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw50 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw50s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw60 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw60s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw70 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw70s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw80 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw80s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw90 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw90s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwa0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwa0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwb0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwb0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwc0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwc0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwd0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwd0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwe0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwe0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwf0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwf0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwg0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwg0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwh0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwh0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwi0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwi0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwj0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwj0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwk0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwk0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwl0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwl0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwm0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwm0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwn0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwn0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwo0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwo0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwp0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwp0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwq0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwq0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwr0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwr0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bws0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bws0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwt0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwt0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwu0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwu0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwv0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwv0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bww0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bww0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwx0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwx0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwy0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwy0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwz0 {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwz0s {57b1fdc6-7a41-49eb-a6ca-f092f1098e60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\offline-8876480 {57B1FDC6-7A41-49EB-A6CA-F092F1098E60} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Alexander\Bilder\Bilder 2009\2009.05.31 Karneval der Kulturen\DSC_9987b2desktop.jpg O24 - Desktop BackupWallPaper: C:\Users\Alexander\Bilder\Bilder 2009\2009.05.31 Karneval der Kulturen\DSC_9987b2desktop.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 \| 000,000,024 \| ---- \| M] () - C:\autoexec.bat -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010.03.25 10:27:00 \| 000,555,520 \| ---- \| C] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2010.03.25 10:25:46 \| 000,188,673 \| ---- \| C] (Avira GmbH) -- C:\Users\Alexander\Desktop\avirarkd.exe [2010.03.25 10:18:24 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Roaming\Avira [2010.03.25 10:17:11 \| 000,124,784 \| ---- \| C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.03.25 10:17:11 \| 000,060,936 \| ---- \| C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.03.25 10:17:11 \| 000,051,992 \| ---- \| C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.03.25 10:17:11 \| 000,017,016 \| ---- \| C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.03.25 10:17:11 \| 000,000,000 \| ---D \| C] -- C:\Programme\Avira [2010.03.25 10:17:11 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Avira [2010.03.25 09:33:43 \| 000,000,000 \| ---D \| C] -- C:\Avenger [2010.03.24 16:27:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Roaming\Helper [2010.03.23 10:15:57 \| 000,000,000 \| ---D \| C] -- C:\Programme\Lavalys [2010.03.23 10:15:42 \| 004,179,293 \| ---- \| C] (Lavalys, Inc. ) -- C:\Users\Alexander\Desktop\everesthome220.exe [2010.03.22 14:33:41 \| 000,000,000 \| ---D \| C] -- C:\Programme\Lavasoft [2010.03.22 14:24:34 \| 000,000,000 \| ---D \| C] -- C:\Windows\Sun [2010.03.22 13:23:05 \| 001,469,440 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.03.22 13:23:05 \| 000,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.03.22 13:23:05 \| 000,387,584 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.03.22 13:23:05 \| 000,184,320 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.03.22 13:23:05 \| 000,164,352 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.03.22 13:23:05 \| 000,133,632 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.03.22 13:23:04 \| 001,638,912 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.03.22 13:23:04 \| 000,173,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.03.22 13:23:04 \| 000,109,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.03.22 13:23:04 \| 000,071,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.03.22 13:23:04 \| 000,055,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.03.22 13:23:04 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.03.22 13:23:04 \| 000,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.03.22 13:23:04 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.03.22 13:23:02 \| 000,726,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.03.22 13:03:59 \| 000,000,000 \| ---D \| C] -- C:\Programme\Windows Portable Devices [2010.03.22 13:00:48 \| 000,348,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.03.22 13:00:48 \| 000,216,064 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.03.22 13:00:48 \| 000,156,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.03.22 13:00:48 \| 000,125,952 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.03.22 13:00:48 \| 000,072,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.03.22 13:00:48 \| 000,048,128 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.03.22 13:00:48 \| 000,034,816 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.03.22 13:00:48 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2010.03.22 13:00:47 \| 000,229,376 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.03.22 13:00:47 \| 000,193,536 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.03.22 13:00:47 \| 000,094,720 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.03.22 13:00:47 \| 000,043,008 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.03.22 13:00:46 \| 000,611,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.03.22 13:00:46 \| 000,445,952 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.03.22 13:00:46 \| 000,420,352 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.03.22 13:00:46 \| 000,208,384 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2010.03.22 13:00:46 \| 000,163,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.03.22 13:00:46 \| 000,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.03.22 13:00:46 \| 000,046,592 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.03.22 13:00:45 \| 000,385,024 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.03.22 13:00:45 \| 000,169,472 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.03.22 13:00:45 \| 000,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.03.22 13:00:44 \| 003,698,584 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010.03.22 13:00:44 \| 000,109,568 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2010.03.22 13:00:44 \| 000,107,520 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.03.22 13:00:44 \| 000,107,008 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.03.22 13:00:44 \| 000,103,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010.03.22 13:00:28 \| 000,092,672 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2010.03.22 13:00:27 \| 003,023,360 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2010.03.22 13:00:27 \| 001,164,800 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2010.03.22 13:00:05 \| 000,369,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.03.22 13:00:05 \| 000,037,888 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.03.22 13:00:04 \| 000,829,440 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.03.22 13:00:04 \| 000,828,928 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.03.22 13:00:04 \| 000,280,064 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.03.22 13:00:04 \| 000,189,440 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.03.22 13:00:04 \| 000,135,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.03.22 13:00:04 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.03.22 13:00:03 \| 001,554,432 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.03.22 13:00:03 \| 001,064,448 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.03.22 13:00:03 \| 001,030,144 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.03.22 13:00:03 \| 000,974,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.03.22 13:00:03 \| 000,847,360 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.03.22 13:00:03 \| 000,793,088 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.03.22 13:00:03 \| 000,667,648 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.03.22 13:00:03 \| 000,519,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.03.22 13:00:03 \| 000,486,912 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.03.22 13:00:03 \| 000,481,792 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.03.22 13:00:03 \| 000,351,232 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.03.22 13:00:03 \| 000,321,024 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.03.22 13:00:03 \| 000,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.03.22 13:00:03 \| 000,218,112 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.03.22 13:00:03 \| 000,195,584 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.03.22 13:00:03 \| 000,190,464 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.03.22 13:00:03 \| 000,161,280 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.03.22 12:59:35 \| 000,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2010.03.22 12:59:35 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2010.03.22 12:59:34 \| 000,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2010.03.22 12:59:33 \| 000,061,952 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll [2010.03.22 12:59:33 \| 000,033,280 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll [2010.03.22 12:59:32 \| 000,546,816 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2010.03.22 12:59:32 \| 000,350,208 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2010.03.22 12:59:32 \| 000,334,848 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.03.22 12:59:32 \| 000,226,816 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll [2010.03.22 12:59:32 \| 000,196,608 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2010.03.22 12:59:32 \| 000,160,256 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.03.22 12:59:32 \| 000,100,864 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.03.22 12:58:51 \| 000,555,520 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2010.03.22 12:58:51 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2010.03.22 12:56:14 \| 000,310,784 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2010.03.22 12:56:13 \| 008,147,456 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.03.22 12:55:59 \| 000,714,240 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2010.03.22 12:55:43 \| 000,526,336 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010.03.22 12:55:43 \| 000,518,144 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010.03.22 12:55:43 \| 000,471,552 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010.03.22 12:55:43 \| 000,471,552 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010.03.22 12:55:43 \| 000,347,136 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010.03.22 12:55:43 \| 000,346,624 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010.03.22 12:55:42 \| 000,332,288 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2010.03.22 12:55:42 \| 000,152,576 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010.03.22 12:55:42 \| 000,152,064 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010.03.22 12:55:41 \| 001,696,256 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.03.22 12:55:40 \| 004,240,384 \| ---- \| C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.03.22 12:55:40 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.03.22 12:45:24 \| 000,000,000 \| ---D \| C] -- C:\Programme\[url="http://www.ccleaner.de"]CCleaner[/url] [2010.03.22 12:44:53 \| 003,396,856 \| ---- \| C] (Piriform Ltd) -- C:\Users\Alexander\Desktop\ccsetup229.exe [2010.03.21 17:50:25 \| 000,000,000 \| ---D \| C] -- C:\Windows\BDOSCAN8 [2010.03.21 14:06:41 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Local\temp [2010.03.21 13:54:44 \| 000,000,000 \| ---D \| C] -- C:\$RECYCLE.BIN [2010.03.21 13:43:38 \| 000,000,000 \| ---D \| C] -- C:\Windows\ERDNT [2010.03.18 19:06:08 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\F-Secure [2010.03.18 11:53:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\DoctorWeb [2010.03.18 11:44:32 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\Desktop\Neuer Download [2010.03.18 11:05:42 \| 000,472,064 \| ---- \| C] ( ) -- C:\Users\Alexander\Desktop\RootRepeal.exe [2010.03.17 23:16:09 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Sun [2010.03.17 23:16:05 \| 000,000,000 \| ---D \| C] -- C:\Programme\Common Files\Java [2010.03.17 23:15:30 \| 000,153,376 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.03.17 23:15:30 \| 000,145,184 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.03.17 23:15:30 \| 000,145,184 \| ---- \| C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.03.17 20:26:23 \| 000,000,000 \| ---D \| C] -- C:\Programme\XXXX [2010.03.17 18:50:39 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Roaming\Malwarebytes [2010.03.17 18:50:35 \| 000,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.03.17 18:50:33 \| 000,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.03.17 18:50:33 \| 000,000,000 \| ---D \| C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.03.17 18:50:33 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2010.03.15 13:59:15 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Local\Cisco [2010.03.15 13:58:28 \| 000,000,000 \| ---D \| C] -- C:\Programme\Cisco [2010.03.10 11:30:00 \| 000,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2010.03.10 11:29:59 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2010.03.02 21:40:02 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\LightScribe [2010.03.02 21:40:01 \| 000,000,000 \| ---D \| C] -- C:\Users\Alexander\AppData\Roaming\Nero [2010.03.02 21:04:41 \| 000,000,000 \| ---D \| C] -- C:\Programme\Common Files\Nero [2010.02.24 10:55:51 \| 000,002,048 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010.03.25 10:27:45 \| 004,456,448 \| -HS- \| M] () -- C:\Users\Alexander\ntuser.dat [2010.03.25 10:27:00 \| 000,555,520 \| ---- \| M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2010.03.25 10:26:04 \| 000,000,162 \| -H-- \| M] () -- C:\Users\Alexander\Desktop\~$richt für Forum.doc [2010.03.25 10:25:22 \| 000,065,893 \| ---- \| M] () -- C:\Users\Alexander\Desktop\antivir_rootkit.zip [2010.03.25 10:20:41 \| 001,541,530 \| ---- \| M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.03.25 10:20:41 \| 000,664,044 \| ---- \| M] () -- C:\Windows\System32\perfh007.dat [2010.03.25 10:20:41 \| 000,625,384 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2010.03.25 10:20:41 \| 000,142,222 \| ---- \| M] () -- C:\Windows\System32\perfc007.dat [2010.03.25 10:20:41 \| 000,116,946 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2010.03.25 10:16:48 \| 000,001,052 \| ---- \| M] () -- C:\Windows\tasks\Google Software Updater.job [2010.03.25 10:13:55 \| 000,002,441 \| ---- \| M] () -- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchU3.exe.lnk [2010.03.25 10:13:50 \| 000,003,168 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.03.25 10:13:49 \| 000,003,168 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.03.25 10:13:48 \| 000,001,092 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.03.25 10:13:48 \| 000,000,386 \| ---- \| M] () -- C:\Windows\tasks\Registry Reviver-Alexander-Startup.job [2010.03.25 10:13:46 \| 000,000,006 \| -H-- \| M] () -- C:\Windows\tasks\SA.DAT [2010.03.25 10:13:42 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2010.03.25 10:12:28 \| 000,524,288 \| -HS- \| M] () -- C:\Users\Alexander\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2010.03.25 10:12:28 \| 000,065,536 \| -HS- \| M] () -- C:\Users\Alexander\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.03.25 10:12:26 \| 001,411,382 \| -H-- \| M] () -- C:\Users\Alexander\AppData\Local\IconCache.db [2010.03.25 10:05:43 \| 259,905,165 \| ---- \| M] () -- C:\Windows\MEMORY.DMP [2010.03.25 09:56:51 \| 000,293,376 \| ---- \| M] () -- C:\Users\Alexander\Desktop\khv64f7i.exe [2010.03.25 09:48:00 \| 000,001,096 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.03.25 09:37:42 \| 000,035,840 \| ---- \| M] () -- C:\Users\Alexander\Desktop\Bericht für Forum.doc [2010.03.25 09:13:39 \| 000,731,136 \| ---- \| M] () -- C:\Users\Alexander\Desktop\avengerxxx.exe [2010.03.25 09:06:54 \| 000,000,426 \| -H-- \| M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A3B30619-79C0-4B35-A35F-3B5B488D554F}.job [2010.03.25 09:04:57 \| 000,007,052 \| ---- \| M] () -- C:\Users\Alexander\AppData\Local\d3d9caps.dat [2010.03.24 17:36:50 \| 093,360,948 \| ---- \| M] () -- C:\Users\Alexander\Documents\5139GQdthas.flv [2010.03.24 17:03:04 \| 000,041,472 \| ---- \| M] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.03.24 07:39:47 \| 000,001,419 \| ---- \| M] () -- C:\Users\Alexander\Desktop\DrWeb.csv [2010.03.23 10:15:58 \| 000,000,911 \| ---- \| M] () -- C:\Users\Alexander\Desktop\EVEREST Home Edition.lnk [2010.03.23 10:15:43 \| 004,179,293 \| ---- \| M] (Lavalys, Inc. ) -- C:\Users\Alexander\Desktop\everesthome220.exe [2010.03.23 10:06:49 \| 034,939,216 \| ---- \| M] () -- C:\Users\Alexander\Desktop\68nnukjj.exe [2010.03.22 20:35:28 \| 009,528,521 \| ---- \| M] () -- C:\Users\Alexander\Documents\5739Cr4YuwB.flv [2010.03.22 14:33:42 \| 000,000,985 \| ---- \| M] () -- C:\Users\Public\Desktop\Ad-Aware SE Personal.lnk [2010.03.22 13:51:01 \| 000,102,400 \| ---- \| M] () -- C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT [2010.03.22 13:37:10 \| 000,006,646 \| ---- \| M] () -- C:\Users\Alexander\Desktop\cc_20100322_133701.reg [2010.03.22 13:07:18 \| 000,357,624 \| ---- \| M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.03.22 13:03:49 \| 000,000,000 \| -H-- \| M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2010.03.22 13:03:10 \| 000,000,000 \| -H-- \| M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.03.22 12:50:07 \| 000,436,058 \| ---- \| M] () -- C:\Users\Alexander\Desktop\cc_20100322_124931.reg [2010.03.22 12:45:25 \| 000,001,674 \| ---- \| M] () -- C:\Users\Alexander\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk [2010.03.22 12:44:56 \| 003,396,856 \| ---- \| M] (Piriform Ltd) -- C:\Users\Alexander\Desktop\ccsetup229.exe [2010.03.21 18:40:46 \| 000,019,106 \| ---- \| M] () -- C:\Users\Alexander\Desktop\Ergebnis BitDefender.html [2010.03.21 13:55:02 \| 000,000,248 \| ---- \| M] () -- C:\Windows\system.ini [2010.03.21 13:54:40 \| 000,000,027 \| ---- \| M] () -- C:\Windows\System32\drivers\etc\hosts [2010.03.18 19:17:29 \| 000,009,477 \| ---- \| M] () -- C:\Users\Alexander\Desktop\report_fsols_4_0.html [2010.03.18 11:06:12 \| 000,000,000 \| ---- \| M] () -- C:\Users\Alexander\Desktop\settings.dat [2010.03.17 23:15:10 \| 000,411,368 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll [2010.03.17 23:15:10 \| 000,153,376 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.03.17 23:15:10 \| 000,145,184 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.03.17 23:15:10 \| 000,145,184 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.03.17 20:27:30 \| 000,001,648 \| ---- \| M] () -- C:\Users\Alexander\Desktop\HijackThis.lnk [2010.03.17 18:50:38 \| 000,000,822 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.17 18:08:44 \| 000,001,728 \| ---- \| M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.03.16 16:16:32 \| 000,000,052 \| ---- \| M] () -- C:\Users\Alexander\AppData\Roaming\Default.PLS [2010.03.16 13:30:47 \| 011,821,736 \| ---- \| M] () -- C:\Users\Alexander\Documents\34073.wmv [2010.03.16 13:30:30 \| 011,733,730 \| ---- \| M] () -- C:\Users\Alexander\Documents\34074.wmv [2010.03.16 13:30:05 \| 011,797,736 \| ---- \| M] () -- C:\Users\Alexander\Documents\34075.wmv [2010.03.16 13:25:43 \| 002,045,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\3-18.wmv [2010.03.16 13:25:32 \| 002,045,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\3-17.wmv [2010.03.16 13:22:58 \| 003,912,271 \| ---- \| M] () -- C:\Users\Alexander\Documents\movie4-2.wmv [2010.03.16 13:21:10 \| 003,871,156 \| ---- \| M] () -- C:\Users\Alexander\Documents\movie3-4.wmv [2010.03.16 13:21:03 \| 003,871,156 \| ---- \| M] () -- C:\Users\Alexander\Documents\movie3-3.wmv [2010.03.16 13:20:19 \| 004,668,787 \| ---- \| M] () -- C:\Users\Alexander\Documents\movie2-3.wmv [2010.03.16 13:19:20 \| 003,920,494 \| ---- \| M] () -- C:\Users\Alexander\Documents\movie1-1.wmv [2010.03.16 13:17:41 \| 011,789,736 \| ---- \| M] () -- C:\Users\Alexander\Documents\34072.wmv [2010.03.15 14:40:42 \| 023,546,212 \| ---- \| M] () -- C:\Users\Alexander\Documents\5739GEMaSkm.flv [2010.03.15 14:29:50 \| 023,423,737 \| ---- \| M] () -- C:\Users\Alexander\Documents\5339GByg2Ze.flv [2010.03.12 18:02:38 \| 000,261,632 \| ---- \| M] () -- C:\Windows\PEV.exe [2010.03.10 11:33:13 \| 000,000,324 \| ---- \| M] () -- C:\Windows\win.ini [2010.03.04 12:40:53 \| 001,933,656 \| ---- \| M] () -- C:\Users\Alexander\Documents\3-16.wmv [2010.03.04 12:38:04 \| 001,925,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\3-15.wmv [2010.03.04 12:37:19 \| 005,320,704 \| ---- \| M] () -- C:\Users\Alexander\Documents\17703.mpg [2010.03.04 12:34:58 \| 001,449,314 \| ---- \| M] () -- C:\Users\Alexander\Documents\clip_53.wmv [2010.03.04 12:34:31 \| 001,428,389 \| ---- \| M] () -- C:\Users\Alexander\Documents\clip_46-2.wmv [2010.03.04 12:34:07 \| 001,428,389 \| ---- \| M] () -- C:\Users\Alexander\Documents\clip_26.wmv [2010.03.04 12:32:59 \| 000,577,009 \| ---- \| M] () -- C:\Users\Alexander\Documents\003.wmv [2010.03.04 12:30:30 \| 002,037,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\4-12.wmv [2010.03.04 12:30:08 \| 002,037,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\3-14.wmv [2010.03.04 12:29:44 \| 002,069,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\2-10.wmv [2010.03.04 12:29:21 \| 002,053,662 \| ---- \| M] () -- C:\Users\Alexander\Documents\1-7.wmv [2010.03.04 12:10:17 \| 007,375,962 \| ---- \| M] () -- C:\Users\Alexander\Documents\4391.flv [2010.03.04 12:05:29 \| 002,272,893 \| ---- \| M] () -- C:\Users\Alexander\Documents\4742.flv [2010.03.03 19:43:58 \| 052,149,572 \| ---- \| M] () -- C:\Users\Alexander\Documents\5839Glyj4yj.flv [2010.03.02 12:09:39 \| 027,350,763 \| ---- \| M] () -- C:\Users\Alexander\Documents\5438Gxq7Mdy.flv [2010.03.02 12:07:31 \| 028,388,687 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538CLwcfCO-1.flv [2010.03.02 12:05:28 \| 039,054,871 \| ---- \| M] () -- C:\Users\Alexander\Documents\5438G1F45Uu.flv [2010.03.02 12:02:57 \| 044,557,615 \| ---- \| M] () -- C:\Users\Alexander\Documents\5838GY1OKWj.flv [2010.03.02 11:59:52 \| 053,775,100 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538GJ52w9j.flv [2010.03.02 11:56:26 \| 042,048,465 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538GrUQxBW.flv [2010.03.02 11:52:11 \| 028,789,046 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538GTojJxU.flv [2010.03.02 11:49:41 \| 034,272,136 \| ---- \| M] () -- C:\Users\Alexander\Documents\5638G57lAxN-1.flv [2010.03.02 11:46:21 \| 032,159,136 \| ---- \| M] () -- C:\Users\Alexander\Documents\5438GwMt2Qn.flv [2010.03.02 11:36:10 \| 057,672,046 \| ---- \| M] () -- C:\Users\Alexander\Documents\5338GuPRekz.flv [2010.03.02 11:32:33 \| 040,771,145 \| ---- \| M] () -- C:\Users\Alexander\Documents\5838G9VTzMS.flv [2010.03.02 11:29:44 \| 066,769,895 \| ---- \| M] () -- C:\Users\Alexander\Documents\5438G55gfKE.flv [2010.03.02 11:25:26 \| 040,254,328 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538G25h4xK.flv [2010.03.02 10:31:14 \| 033,355,262 \| ---- \| M] () -- C:\Users\Alexander\Documents\5538GcBSB1j.flv [2010.03.01 16:13:14 \| 034,526,179 \| ---- \| M] () -- C:\Users\Alexander\Documents\5338GPkO4Rn.flv [2010.03.01 09:05:19 \| 000,124,784 \| ---- \| M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.02.25 12:05:19 \| 034,272,136 \| ---- \| M] () -- C:\Users\Alexander\Documents\5638G57lAxN.flv [2010.02.24 10:16:06 \| 000,181,632 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010.03.25 10:26:04 \| 000,000,162 \| -H-- \| C] () -- C:\Users\Alexander\Desktop\~$richt für Forum.doc [2010.03.25 10:25:22 \| 000,065,893 \| ---- \| C] () -- C:\Users\Alexander\Desktop\antivir_rootkit.zip [2010.03.25 10:05:43 \| 259,905,165 \| ---- \| C] () -- C:\Windows\MEMORY.DMP [2010.03.25 09:56:51 \| 000,293,376 \| ---- \| C] () -- C:\Users\Alexander\Desktop\khv64f7i.exe [2010.03.25 09:37:42 \| 000,035,840 \| ---- \| C] () -- C:\Users\Alexander\Desktop\Bericht für Forum.doc [2010.03.25 09:13:38 \| 000,731,136 \| ---- \| C] () -- C:\Users\Alexander\Desktop\avengerxxx.exe [2010.03.24 17:31:37 \| 093,360,948 \| ---- \| C] () -- C:\Users\Alexander\Documents\5139GQdthas.flv [2010.03.24 07:39:47 \| 000,001,419 \| ---- \| C] () -- C:\Users\Alexander\Desktop\DrWeb.csv [2010.03.23 10:15:58 \| 000,000,911 \| ---- \| C] () -- C:\Users\Alexander\Desktop\EVEREST Home Edition.lnk [2010.03.23 10:05:58 \| 034,939,216 \| ---- \| C] () -- C:\Users\Alexander\Desktop\68nnukjj.exe [2010.03.22 20:35:23 \| 009,528,521 \| ---- \| C] () -- C:\Users\Alexander\Documents\5739Cr4YuwB.flv [2010.03.22 14:33:42 \| 000,000,985 \| ---- \| C] () -- C:\Users\Public\Desktop\Ad-Aware SE Personal.lnk [2010.03.22 13:37:05 \| 000,006,646 \| ---- \| C] () -- C:\Users\Alexander\Desktop\cc_20100322_133701.reg [2010.03.22 13:23:04 \| 000,057,667 \| ---- \| C] () -- C:\Windows\System32\ieuinit.inf [2010.03.22 13:03:49 \| 000,000,000 \| -H-- \| C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [2010.03.22 13:03:10 \| 000,000,000 \| -H-- \| C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.03.22 12:49:45 \| 000,436,058 \| ---- \| C] () -- C:\Users\Alexander\Desktop\cc_20100322_124931.reg [2010.03.22 12:45:25 \| 000,001,674 \| ---- \| C] () -- C:\Users\Alexander\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk [2010.03.22 12:43:24 \| 000,000,386 \| ---- \| C] () -- C:\Windows\tasks\Registry Reviver-Alexander-Startup.job [2010.03.21 18:47:48 \| 000,019,106 \| ---- \| C] () -- C:\Users\Alexander\Desktop\Ergebnis BitDefender.html [2010.03.21 13:43:42 \| 000,261,632 \| ---- \| C] () -- C:\Windows\PEV.exe [2010.03.21 13:43:42 \| 000,077,312 \| ---- \| C] () -- C:\Windows\MBR.exe [2010.03.18 19:17:29 \| 000,009,477 \| ---- \| C] () -- C:\Users\Alexander\Desktop\report_fsols_4_0.html [2010.03.18 11:06:12 \| 000,000,000 \| ---- \| C] () -- C:\Users\Alexander\Desktop\settings.dat [2010.03.17 23:58:20 \| 000,002,437 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2010.03.17 23:58:20 \| 000,002,086 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2010.03.17 23:58:20 \| 000,001,015 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorVisionStartup.lnk [2010.03.17 20:23:27 \| 000,001,648 \| ---- \| C] () -- C:\Users\Alexander\Desktop\HijackThis.lnk [2010.03.17 18:50:38 \| 000,000,822 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.03.17 18:08:44 \| 000,001,728 \| ---- \| C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.03.16 13:30:45 \| 011,821,736 \| ---- \| C] () -- C:\Users\Alexander\Documents\34073.wmv [2010.03.16 13:30:27 \| 011,733,730 \| ---- \| C] () -- C:\Users\Alexander\Documents\34074.wmv [2010.03.16 13:30:02 \| 011,797,736 \| ---- \| C] () -- C:\Users\Alexander\Documents\34075.wmv [2010.03.16 13:25:41 \| 002,045,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\3-18.wmv [2010.03.16 13:25:24 \| 002,045,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\3-17.wmv [2010.03.16 13:22:56 \| 003,912,271 \| ---- \| C] () -- C:\Users\Alexander\Documents\movie4-2.wmv [2010.03.16 13:21:08 \| 003,871,156 \| ---- \| C] () -- C:\Users\Alexander\Documents\movie3-4.wmv [2010.03.16 13:21:00 \| 003,871,156 \| ---- \| C] () -- C:\Users\Alexander\Documents\movie3-3.wmv [2010.03.16 13:20:05 \| 004,668,787 \| ---- \| C] () -- C:\Users\Alexander\Documents\movie2-3.wmv [2010.03.16 13:19:12 \| 003,920,494 \| ---- \| C] () -- C:\Users\Alexander\Documents\movie1-1.wmv [2010.03.16 13:17:37 \| 011,789,736 \| ---- \| C] () -- C:\Users\Alexander\Documents\34072.wmv [2010.03.15 14:40:40 \| 023,546,212 \| ---- \| C] () -- C:\Users\Alexander\Documents\5739GEMaSkm.flv [2010.03.15 14:29:49 \| 023,423,737 \| ---- \| C] () -- C:\Users\Alexander\Documents\5339GByg2Ze.flv [2010.03.04 12:40:51 \| 001,933,656 \| ---- \| C] () -- C:\Users\Alexander\Documents\3-16.wmv [2010.03.04 12:38:02 \| 001,925,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\3-15.wmv [2010.03.04 12:37:17 \| 005,320,704 \| ---- \| C] () -- C:\Users\Alexander\Documents\17703.mpg [2010.03.04 12:34:55 \| 001,449,314 \| ---- \| C] () -- C:\Users\Alexander\Documents\clip_53.wmv [2010.03.04 12:34:29 \| 001,428,389 \| ---- \| C] () -- C:\Users\Alexander\Documents\clip_46-2.wmv [2010.03.04 12:34:06 \| 001,428,389 \| ---- \| C] () -- C:\Users\Alexander\Documents\clip_26.wmv [2010.03.04 12:32:58 \| 000,577,009 \| ---- \| C] () -- C:\Users\Alexander\Documents\003.wmv [2010.03.04 12:30:27 \| 002,037,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\4-12.wmv [2010.03.04 12:30:04 \| 002,037,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\3-14.wmv [2010.03.04 12:29:42 \| 002,069,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\2-10.wmv [2010.03.04 12:29:19 \| 002,053,662 \| ---- \| C] () -- C:\Users\Alexander\Documents\1-7.wmv [2010.03.04 12:10:04 \| 007,375,962 \| ---- \| C] () -- C:\Users\Alexander\Documents\4391.flv [2010.03.04 12:05:26 \| 002,272,893 \| ---- \| C] () -- C:\Users\Alexander\Documents\4742.flv [2010.03.03 19:40:29 \| 052,149,572 \| ---- \| C] () -- C:\Users\Alexander\Documents\5839Glyj4yj.flv [2010.03.02 12:08:50 \| 027,350,763 \| ---- \| C] () -- C:\Users\Alexander\Documents\5438Gxq7Mdy.flv [2010.03.02 12:06:37 \| 028,388,687 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538CLwcfCO-1.flv [2010.03.02 12:03:58 \| 039,054,871 \| ---- \| C] () -- C:\Users\Alexander\Documents\5438G1F45Uu.flv [2010.03.02 12:01:08 \| 044,557,615 \| ---- \| C] () -- C:\Users\Alexander\Documents\5838GY1OKWj.flv [2010.03.02 11:57:30 \| 053,775,100 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538GJ52w9j.flv [2010.03.02 11:54:45 \| 042,048,465 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538GrUQxBW.flv [2010.03.02 11:51:16 \| 028,789,046 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538GTojJxU.flv [2010.03.02 11:48:27 \| 034,272,136 \| ---- \| C] () -- C:\Users\Alexander\Documents\5638G57lAxN-1.flv [2010.03.02 11:45:15 \| 032,159,136 \| ---- \| C] () -- C:\Users\Alexander\Documents\5438GwMt2Qn.flv [2010.03.02 11:33:33 \| 057,672,046 \| ---- \| C] () -- C:\Users\Alexander\Documents\5338GuPRekz.flv [2010.03.02 11:30:55 \| 040,771,145 \| ---- \| C] () -- C:\Users\Alexander\Documents\5838G9VTzMS.flv [2010.03.02 11:26:37 \| 066,769,895 \| ---- \| C] () -- C:\Users\Alexander\Documents\5438G55gfKE.flv [2010.03.02 11:23:52 \| 040,254,328 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538G25h4xK.flv [2010.03.02 10:30:04 \| 033,355,262 \| ---- \| C] () -- C:\Users\Alexander\Documents\5538GcBSB1j.flv [2010.03.01 16:11:56 \| 034,526,179 \| ---- \| C] () -- C:\Users\Alexander\Documents\5338GPkO4Rn.flv [2010.02.25 12:03:45 \| 034,272,136 \| ---- \| C] () -- C:\Users\Alexander\Documents\5638G57lAxN.flv [2009.11.03 16:51:28 \| 000,087,552 \| ---- \| C] () -- C:\Windows\System32\cpwmon2k.dll [2009.10.20 20:14:57 \| 000,117,248 \| ---- \| C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.10.04 13:24:03 \| 000,004,096 \| -H-- \| C] () -- C:\Users\Alexander\AppData\Local\keyfile3.drm [2008.10.09 22:11:34 \| 000,000,097 \| ---- \| C] () -- C:\Users\Alexander\AppData\Local\fusioncache.dat [2008.01.22 18:55:43 \| 000,278,728 \| ---- \| C] () -- C:\Windows\System32\drivers\atksgt.sys [2008.01.22 18:55:39 \| 000,025,416 \| ---- \| C] () -- C:\Windows\System32\drivers\lirsgt.sys [2007.12.20 18:28:40 \| 000,002,048 \| ---- \| C] () -- C:\Windows\System32\sysprs7.dll [2007.12.20 18:28:40 \| 000,000,205 \| ---- \| C] () -- C:\Windows\System32\lsprst7.dll [2007.12.17 19:48:53 \| 000,001,024 \| ---- \| C] () -- C:\Windows\System32\clauth2.dll [2007.12.17 19:48:53 \| 000,001,024 \| ---- \| C] () -- C:\Windows\System32\clauth1.dll [2007.06.10 10:30:46 \| 000,000,040 \| -HS- \| C] () -- C:\ProgramData\.zreglib [2007.05.01 12:05:44 \| 000,027,648 \| ---- \| C] () -- C:\Windows\System32\AVSredirect.dll [2007.05.01 12:05:43 \| 000,471,552 \| ---- \| C] () -- C:\Windows\System32\Smab.dll [2007.04.27 17:02:59 \| 000,000,719 \| R--- \| C] () -- C:\Windows\System32\InstExec.ini [2007.04.26 20:29:33 \| 000,000,052 \| ---- \| C] () -- C:\Users\Alexander\AppData\Roaming\Default.PLS [2007.04.20 08:15:46 \| 000,000,305 \| ---- \| C] () -- C:\ProgramData\addr_file.html [2007.04.19 14:02:57 \| 000,000,173 \| ---- \| C] () -- C:\Windows\KPCMS.INI [2007.04.19 14:02:42 \| 000,210,944 \| ---- \| C] () -- C:\Windows\System32\MSVCRT10.DLL [2007.04.19 00:57:11 \| 000,007,052 \| ---- \| C] () -- C:\Users\Alexander\AppData\Local\d3d9caps.dat [2007.04.13 11:42:05 \| 000,137,232 \| ---- \| C] () -- C:\Windows\System32\KG162023.DRV [2007.04.13 11:42:05 \| 000,000,263 \| ---- \| C] () -- C:\Windows\System32\KCMV3D.INI [2007.04.13 09:27:45 \| 000,041,472 \| ---- \| C] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.04.12 17:39:49 \| 000,000,400 \| ---- \| C] () -- C:\Windows\ODBC.INI [2007.02.13 16:16:04 \| 000,012,288 \| ---- \| C] () -- C:\Windows\System32\drivers\Spyder2.sys [2007.02.12 10:30:06 \| 000,299,008 \| ---- \| C] () -- C:\Windows\System32\midas.dll [2007.02.12 10:30:06 \| 000,120,320 \| ---- \| C] () -- C:\Windows\System32\UnzDll.dll [2007.02.10 16:17:37 \| 000,006,642 \| ---- \| C] () -- C:\Windows\mgxoschk.ini [2007.02.09 15:43:52 \| 000,000,069 \| ---- \| C] () -- C:\Windows\NeroDigital.ini [2007.02.09 14:12:31 \| 000,003,072 \| ---- \| C] () -- C:\Windows\System32\34CoInstaller.dll [2007.02.06 16:42:40 \| 001,691,808 \| ---- \| C] () -- C:\Windows\System32\drivers\Lvckap.sys [2006.11.02 13:35:32 \| 000,005,632 \| ---- \| C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:25:44 \| 000,159,744 \| ---- \| C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 08:40:29 \| 000,013,750 \| ---- \| C] () -- C:\Windows\System32\pacerprf.ini [2006.09.20 07:34:10 \| 000,000,000 \| ---- \| C] () -- C:\Windows\Buhl.ini [2005.12.22 10:05:46 \| 000,015,498 \| ---- \| C] () -- C:\Windows\VX3000.ini [2005.12.09 14:37:42 \| 000,016,768 \| ---- \| C] () -- C:\Windows\System32\drivers\LVPrcMon.sys [2003.02.20 16:53:42 \| 000,005,702 \| ---- \| C] () -- C:\Windows\System32\OUTLPERF.INI [2002.03.21 14:39:02 \| 000,073,728 \| ---- \| C] () -- C:\Windows\System32\UNACEV2.DLL [1999.01.27 12:39:06 \| 000,065,024 \| ---- \| C] () -- C:\Windows\System32\indounin.dll [1997.06.13 06:56:08 \| 000,056,832 \| ---- \| C] () -- C:\Windows\System32\Iyvu9_32.dll < End of report > Code OTL Extras logfile created on: 25.03.2010 10:28:10 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Alexander\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 \| Country: Deutschland \| Language: DEU \| Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 60,00% Memory free 6,00 Gb Paging File \| 5,00 Gb Available in Paging File \| 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 271,72 Gb Total Space \| 39,97 Gb Free Space \| 14,71% Space Free \| Partition Type: NTFS Drive D: \| 26,34 Gb Total Space \| 18,12 Gb Free Space \| 68,80% Space Free \| Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 298,09 Gb Total Space \| 158,08 Gb Free Space \| 53,03% Space Free \| Partition Type: NTFS Computer Name: ALEX Current User Name: Alexander Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = ComFile] -- Reg Error: Key error. File not found .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) .pif [@ = piffile] -- Reg Error: Key error. File not found .vbs [@ = VBSFile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate -- File not found [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1383E6D6-0694-4209-8295-ED6405E3513D}" = lport=28269 \| protocol=6 \| dir=in \| name=emule \| "{1A6A5053-0D48-4714-A295-6CE849327DEC}" = lport=44168 \| protocol=17 \| dir=in \| name=emule \| "{4F68754D-4F0F-4BAC-B765-BA59182D1EF0}" = lport=2869 \| protocol=6 \| dir=in \| app=system \| "{92C0EF84-13D1-483D-8B65-55B35D16667C}" = lport=1900 \| protocol=17 \| dir=in \| svc=ssdpsrv \| app=svchost.exe \| [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{000CDDA2-412D-471A-9B4F-22A65D1FE763}" = protocol=6 \| dir=in \| app=c:\program files\yahoo!\messenger\yahoomessenger.exe \| "{14AAE102-A15D-4C87-BBB2-774EF9A5D062}" = dir=in \| app=c:\program files\windows live\sync\windowslivesync.exe \| "{1CCA1D6B-F2D5-48A5-BB41-F9A41B686D1C}" = protocol=17 \| dir=in \| app=c:\program files\yahoo!\messenger\yserver.exe \| "{23E40750-3746-45C1-93BE-B455C3FA737B}" = protocol=6 \| dir=in \| app=c:\program files\yahoo!\messenger\yserver.exe \| "{29DA5EAC-E00B-473C-B77F-757E5EF88BBF}" = dir=in \| app=c:\program files\home cinema\tv enhance\tveservice.exe \| "{6F31C600-719B-48DC-8D2E-AB3F317FECAE}" = dir=in \| app=c:\program files\home cinema\tv enhance\tvenhance.exe \| "{85B8827A-AFDD-41EB-9269-D8C5794A7C15}" = protocol=6 \| dir=in \| app=c:\program files\itunes\itunes.exe \| "{95476183-D4D4-4F6C-BDFD-A208DCB61901}" = protocol=17 \| dir=in \| app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe \| "{9A27CC66-E98B-4ED8-8823-8B5458381EFC}" = protocol=6 \| dir=in \| app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe \| "{A58C6229-5170-4F5A-AE0B-5A508AA7266F}" = protocol=17 \| dir=in \| app=c:\program files\microsoft lifecam\lifeexp.exe \| "{C191A980-F2B6-49D8-9F2C-CA3C835DA658}" = protocol=6 \| dir=in \| app=c:\program files\microsoft lifecam\lifecam.exe \| "{C9FCAB7C-2759-4B6D-ADD7-52A4C7ED3896}" = protocol=17 \| dir=in \| app=c:\program files\itunes\itunes.exe \| "{CFA8C3E2-E071-4489-A4A1-CCCABA86B173}" = dir=in \| app=c:\program files\windows live\messenger\msnmsgr.exe \| "{D124D7B3-A0A9-487F-816E-F9CB5D962132}" = protocol=17 \| dir=in \| app=c:\program files\yahoo!\messenger\yahoomessenger.exe \| "{D376DAC2-A6B5-4D63-B3AD-8DB8778F64CA}" = dir=in \| app=c:\program files\windows live\messenger\wlcsdk.exe \| "{EEB8B26A-B426-4401-ACC2-12E390D3B7E0}" = protocol=17 \| dir=in \| app=c:\program files\microsoft lifecam\lifecam.exe \| "{F4D4A58B-AC37-42E7-A670-2FD8DFECED95}" = protocol=6 \| dir=in \| app=c:\program files\microsoft lifecam\lifeexp.exe \| "TCP Query User{065F15BD-4E7B-4682-AA1D-842A75FA196D}C:\users\alexander\documents\games\volleyball\winzip\blobby\volley.exe" = protocol=6 \| dir=in \| app=c:\users\alexander\documents\games\volleyball\winzip\blobby\volley.exe \| "TCP Query User{08E73252-9CBC-4154-A3D4-27BACF6C54F3}C:\program files\skype\phone\skype.exe" = protocol=6 \| dir=in \| app=c:\program files\skype\phone\skype.exe \| "TCP Query User{48B3710B-061C-4A3E-B725-A6C4C3911371}C:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule0.47c-xtreme5.4.2\emule.exe" = protocol=6 \| dir=in \| app=c:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule0.47c-xtreme5.4.2\emule.exe \| "TCP Query User{5A1ECA4A-2AB3-4CEB-A9D3-53EF8A92F872}C:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule.exe" = protocol=6 \| dir=in \| app=c:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule.exe \| "TCP Query User{5D723038-6A65-46F5-BE04-9455DF1C50E7}C:\program files\real\realplayer\realplay.exe" = protocol=6 \| dir=in \| app=c:\program files\real\realplayer\realplay.exe \| "TCP Query User{5F440C76-EE11-456B-87C2-A089E877498B}C:\users\alexander\documents\games\volleyball\volley.exe" = protocol=6 \| dir=in \| app=c:\users\alexander\documents\games\volleyball\volley.exe \| "TCP Query User{85305FDC-9E65-436D-98D1-79D2D97C7348}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 \| dir=in \| app=c:\program files\streamtorrent 1.0\streamtorrent.exe \| "TCP Query User{8BC6E5F2-8168-4259-97C1-AEFA34325A75}C:\program files\bittornado\btdownloadgui.exe" = protocol=6 \| dir=in \| app=c:\program files\bittornado\btdownloadgui.exe \| "TCP Query User{8BF7E6E7-324B-453F-91F3-5B1A399A644A}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 \| dir=in \| app=c:\program files\sopcast\adv\sopadver.exe \| "TCP Query User{8D70E4C7-AA94-4CA4-A4B4-5F6AC8D07169}C:\program files\emule\emule.exe" = protocol=6 \| dir=in \| app=c:\program files\emule\emule.exe \| "TCP Query User{8DD838FC-4C35-40E0-A624-3B2860092EA4}C:\program files\internet explorer\iexplore.exe" = protocol=6 \| dir=in \| app=c:\program files\internet explorer\iexplore.exe \| "TCP Query User{A0AD885D-7897-4BE3-9D21-148ED0B4C84A}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 \| dir=in \| app=c:\program files\participatory culture foundation\miro\miro_downloader.exe \| "TCP Query User{A0F0B5CA-7624-4462-97E2-6456F2B03715}C:\program files\icq6\icq.exe" = protocol=6 \| dir=in \| app=c:\program files\icq6\icq.exe \| "TCP Query User{A281C3C8-610B-41EC-9FBC-0D9E22CCC76E}C:\program files\spiele\[pc game] worms armageddon + all weapons unblocked + cracked + xp patch by lupen[fumai]\wormsarm\wa.exe" = protocol=6 \| dir=in \| app=c:\program files\spiele\[pc game] worms armageddon + all weapons unblocked + cracked + xp patch by lupen[fumai]\wormsarm\wa.exe \| "TCP Query User{A81AD0A1-3E0C-4C31-9D38-597FEC4236F6}C:\program files\tvants\tvants.exe" = protocol=6 \| dir=in \| app=c:\program files\tvants\tvants.exe \| "TCP Query User{AB681533-C22B-4924-8832-7073898A6CCE}C:\program files\azureus\azureus.exe" = protocol=6 \| dir=in \| app=c:\program files\azureus\azureus.exe \| "TCP Query User{AE0ADB02-8BE5-4D85-8622-1B1BD081CB9A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 \| dir=in \| app=c:\program files\tvuplayer\tvuplayer.exe \| "TCP Query User{B6AEA29F-2884-4DB2-A7D4-35CFF08D31B9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 \| dir=in \| app=c:\program files\java\jre6\bin\javaw.exe \| "TCP Query User{C114B483-C9A1-4918-B827-F5A9CF82756C}C:\program files\windows sidebar\sidebar.exe" = protocol=6 \| dir=in \| app=c:\program files\windows sidebar\sidebar.exe \| "TCP Query User{C9468DFD-46FE-4D1F-9262-8AD84B79F9A2}C:\program files\sopcast\sopcast.exe" = protocol=6 \| dir=in \| app=c:\program files\sopcast\sopcast.exe \| "TCP Query User{E045013F-51F4-451B-A402-2C8AF3C3EF13}C:\program files\mozilla firefox\firefox.exe" = protocol=6 \| dir=in \| app=c:\program files\mozilla firefox\firefox.exe \| "TCP Query User{EED2C84E-847F-4F9E-BA01-137004DB2572}C:\users\alexander\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=6 \| dir=in \| app=c:\users\alexander\appdata\roaming\sopcast\adv\sopadver.exe \| "UDP Query User{22975DDC-7255-405B-BB53-758ED2064FF9}C:\program files\real\realplayer\realplay.exe" = protocol=17 \| dir=in \| app=c:\program files\real\realplayer\realplay.exe \| "UDP Query User{35190A81-0653-43B6-AA72-C4B675684710}C:\program files\emule\emule.exe" = protocol=17 \| dir=in \| app=c:\program files\emule\emule.exe \| "UDP Query User{46FC4587-DCA0-48C3-803A-9D4481F0C9C0}C:\program files\sopcast\sopcast.exe" = protocol=17 \| dir=in \| app=c:\program files\sopcast\sopcast.exe \| "UDP Query User{526E20E1-FAFE-4F07-8D64-AAA0E4795255}C:\program files\icq6\icq.exe" = protocol=17 \| dir=in \| app=c:\program files\icq6\icq.exe \| "UDP Query User{62B6D90C-086D-4E11-9CC1-DF40D61E6453}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 \| dir=in \| app=c:\program files\participatory culture foundation\miro\miro_downloader.exe \| "UDP Query User{665130DD-A0E6-46E8-A8B3-46E0478B68F2}C:\program files\spiele\[pc game] worms armageddon + all weapons unblocked + cracked + xp patch by lupen[fumai]\wormsarm\wa.exe" = protocol=17 \| dir=in \| app=c:\program files\spiele\[pc game] worms armageddon + all weapons unblocked + cracked + xp patch by lupen[fumai]\wormsarm\wa.exe \| "UDP Query User{707935D3-C323-43A2-B3B0-BC8AB719965F}C:\program files\bittornado\btdownloadgui.exe" = protocol=17 \| dir=in \| app=c:\program files\bittornado\btdownloadgui.exe \| "UDP Query User{79FD97EB-0609-46A3-8BB9-AD6998C6F147}C:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule.exe" = protocol=17 \| dir=in \| app=c:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule.exe \| "UDP Query User{7B0499EC-D697-40FC-A7D0-35747A5E7CEC}C:\program files\skype\phone\skype.exe" = protocol=17 \| dir=in \| app=c:\program files\skype\phone\skype.exe \| "UDP Query User{88771CD0-ACE0-42E1-825D-CBC065D1C545}C:\users\alexander\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=17 \| dir=in \| app=c:\users\alexander\appdata\roaming\sopcast\adv\sopadver.exe \| "UDP Query User{90856665-F3DC-4DB2-872A-D0FE99C5F88C}C:\program files\windows sidebar\sidebar.exe" = protocol=17 \| dir=in \| app=c:\program files\windows sidebar\sidebar.exe \| "UDP Query User{9D6E2EA9-B8F0-4164-A2BB-802C1AD0B903}C:\program files\internet explorer\iexplore.exe" = protocol=17 \| dir=in \| app=c:\program files\internet explorer\iexplore.exe \| "UDP Query User{A0015873-1534-4208-83D1-555F8240D961}C:\program files\mozilla firefox\firefox.exe" = protocol=17 \| dir=in \| app=c:\program files\mozilla firefox\firefox.exe \| "UDP Query User{A7731B92-AEDF-45BB-8A0B-CECD6DBF301F}C:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule0.47c-xtreme5.4.2\emule.exe" = protocol=17 \| dir=in \| app=c:\users\alexander\downloads\emule0.47c-xtreme5.4.2\emule0.47c-xtreme5.4.2\emule.exe \| "UDP Query User{ADAA1397-7F53-49FB-957A-962762E4E06F}C:\users\alexander\documents\games\volleyball\winzip\blobby\volley.exe" = protocol=17 \| dir=in \| app=c:\users\alexander\documents\games\volleyball\winzip\blobby\volley.exe \| "UDP Query User{AEC3262F-B8F7-4727-9030-0F1C3D42ECDD}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 \| dir=in \| app=c:\program files\tvuplayer\tvuplayer.exe \| "UDP Query User{AF4C068B-5B3A-496B-935A-D1997120FB31}C:\program files\azureus\azureus.exe" = protocol=17 \| dir=in \| app=c:\program files\azureus\azureus.exe \| "UDP Query User{BCAD1237-1A6B-4C37-B3BA-CCE5E76E8B3F}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 \| dir=in \| app=c:\program files\sopcast\adv\sopadver.exe \| "UDP Query User{BD1100A7-87B0-4E25-9932-3DD2ABFDD618}C:\program files\tvants\tvants.exe" = protocol=17 \| dir=in \| app=c:\program files\tvants\tvants.exe \| "UDP Query User{CCD47767-6C74-4453-A75A-595ED40A4148}C:\users\alexander\documents\games\volleyball\volley.exe" = protocol=17 \| dir=in \| app=c:\users\alexander\documents\games\volleyball\volley.exe \| "UDP Query User{E032E439-B972-4F3D-9D89-3E4EC54012B1}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 \| dir=in \| app=c:\program files\streamtorrent 1.0\streamtorrent.exe \| "UDP Query User{F6738005-B61B-4CE3-ADC0-C8137BB0EF08}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 \| dir=in \| app=c:\program files\java\jre6\bin\javaw.exe \| [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter "{1AFC251D-B1E5-46AA-B07E-DA9D03954C92}" = MSN Webcam Recorder 17.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth "{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6 "{63B75E16-F290-4FCD-AF67-A9134CD01031}" = Nero 7 Essentials "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version] "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78DB08B0-F440-4BA6-9372-F2C6CC9721B7}" = Microsoft LifeCam "{7AE25201-3E12-4FA2-9E65-67CD475D9263}" = ACDSee 9 Foto-Manager "{7F9129B6-C438-4CCB-80CB-A97E9F3B6B8C}" = Taksi Desktop Video Recorder v0.765 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{92083A9A-549D-4057-88E8-223EA08563FA}" = Cisco AnyConnect VPN Client "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95D3658E-D526-4891-822D-B2A6C3DED9CE}" = SIW 1.68 "{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch "{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1 "{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9 "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0 "{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance "{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm "Ad-Aware SE Personal" = Ad-Aware SE Personal "Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0.7 Professional - English, Français, Deutsch "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player "AnyDVD" = AnyDVD "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode) "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "[url="http://www.ccleaner.de"]CCleaner[/url]" = [url="http://www.ccleaner.de"]CCleaner[/url] "CutePDF Writer Installation" = CutePDF Writer 2.8 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Free Studio_is1" = Free Studio version 4.2 "Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 2.2 "Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1 "Google Chrome" = Google Chrome "Google Updater" = Google Updater "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager "LetsTrade" = LetsTrade Komponenten "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre) "NVIDIA Drivers" = NVIDIA Drivers "Premiere Internet TV_is1" = Premiere Internet TV Version 1.2.3 "RealPlayer 6.0" = RealPlayer "SimpleScreenshot" = SimpleScreenshot 1.20 "Skype_is1" = Skype 3.1 "SopCast" = SopCast 2.0.4 "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.2 "TVAnts 1.0" = TVAnts 1.0 "TVUPlayer" = TVUPlayer 2.4.1.0 "Uninstall_is1" = Uninstall 1.0.0.1 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WinZip" = WinZip "X10Hardware" = X10 Hardware(TM) "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:27 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:28 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:28 \| Computer Name = Alex \| Source = Windows Search Service \| ID = 3013 Description = Error - 25.03.2010 05:10:44 \| Computer Name = Alex \| Source = SideBySide \| ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\ALEXAN~1\AppData\Local\Temp\RarSFX1\redist.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 25.03.2010 05:14:43 \| Computer Name = Alex \| Source = Application Error \| ID = 1000 Description = Fehlerhafte Anwendung LifeTray.exe, Version 1.30.175.0, Zeitstempel 0x4587138e, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e037dd, Ausnahmecode 0xe06d7363, Fehleroffset 0x0003fbae, Prozess-ID 0xf78, Anwendungsstartzeit 01cacbfb9b617577. [ Cisco AnyConnect VPN Client Events ] Error - 25.03.2010 04:31:41 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CTunnelStateMgr::OnTunnelInitiateComplete File: .\TunnelStateMgr.cpp Line: 1038 Invoked Function: ITunnelProtocol::initiateTunnel Return Code: -31719410 (0xFE1C000E) Description: TLSPROTOCOL_ERROR_MAX_RETRANSMITS_EXCEEDED callback Error - 25.03.2010 04:31:41 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CTlsTunnelMgr::OnTunnelInitiateComplete File: .\TunnelMgr.cpp Line: 599 Invoked Function: CTunnelStateMgr::initiateTunnel Return Code: -31719410 (0xFE1C000E) Description: TLSPROTOCOL_ERROR_MAX_RETRANSMITS_EXCEEDED callback Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp Line: 1257 Invoked Function: WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description: Eine vorhandene Verbindung wurde vom Remotehost geschlossen. Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp Line: 1258 Invoked Function: WSARecv/WSARecvFrom Return Code: 0 (0x00000000) Description: unknown Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp Line: 823 Invoked Function: CSocketTransport::readSocket Return Code: -31522801 (0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line: 811 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31522801 (0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp Line: 1644 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene Verbindung wurde vom Remotehost geschlossen. Error - 25.03.2010 04:32:38 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp Line: 385 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805 (0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE Error - 25.03.2010 04:32:40 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67110873 Description = Termination reason code 5: The user is logging off the system. Error - 25.03.2010 04:32:40 \| Computer Name = ALEX \| Source = vpnagent \| ID = 67108866 Description = Function: RestoreProxySettingsToBrowser File: .\BrowserProxy.cpp Line: 1040 Invoked Function: DeleteFile Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. [ Media Center Events ] Error - 17.05.2007 03:50:35 \| Computer Name = Alex \| Source = Recording \| ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 05/17/2007 09:50:34 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 17.05.2007 03:50:35 \| Computer Name = Alex \| Source = Recording \| ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 05/17/2007 09:50:35 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. [ System Events ] Error - 25.03.2010 04:06:24 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7011 Description = Error - 25.03.2010 04:06:24 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7026 Description = Error - 25.03.2010 04:35:35 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7011 Description = Error - 25.03.2010 04:35:35 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7026 Description = Error - 25.03.2010 05:05:51 \| Computer Name = Alex \| Source = EventLog \| ID = 6008 Description = Das System wurde zuvor am 25.03.2010 um 10:03:58 unerwartet heruntergefahren. Error - 25.03.2010 05:07:29 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7011 Description = Error - 25.03.2010 05:07:29 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7026 Description = Error - 25.03.2010 05:15:22 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7011 Description = Error - 25.03.2010 05:15:22 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7026 Description = Error - 25.03.2010 05:17:31 \| Computer Name = Alex \| Source = Service Control Manager \| ID = 7006 Description = < End of report >

04.04.2010, 01:13 Swisstreasure Moderator Beiträge: 5694	#81 Flashdesinfector "Messenger Plus! Live" = Messenger Plus! Live "Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2 Java(TM) 6 Update 17 O4 - HKLM..\Run: [Acer Tour] File not found O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [Ovt Wia] C:\Windows\OV530EM.exe File not found O4 - HKCU..\Run: [diskperfxp.exe] C:\Users\Aytac\AppData\Local\Temp\diskperfxp.exe (Microsoft Corporation) O4 - HKCU..\Run: [userinit] C:\Users\Aytac\AppData\Roaming\sdra64.exe () O4 - HKCU..\Run: [捁牥吠畯r] File not found O4 - HKCU..\Run: [捁牥吠畯⁲敒業摮牥] File not found O32 - AutoRun File - [2006.09.18 23:43:36 \| 000,000,024 \| ---- \| M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{03f7e47a-f6ff-11de-b275-0019db7af3b9}\Shell - "" = AutoRun O33 - MountPoints2\{03f7e47a-f6ff-11de-b275-0019db7af3b9}\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found O33 - MountPoints2\{a9edfa30-fe08-11de-8908-00040ec8045c}\Shell\Auto\command - "" = activexdebugger32.exe f O33 - MountPoints2\{a9edfa30-fe08-11de-8908-00040ec8045c}\Shell\explore\Command - "" = activexdebugger32.exe f O33 - MountPoints2\{a9edfa30-fe08-11de-8908-00040ec8045c}\Shell\open\Command - "" = activexdebugger32.exe f O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found [2006.11.02 10:31:23 \| 000,183,808 \| R--- \| C] () -- C:\Users\Aytac\AppData\Roaming\sdra64.exe

05.04.2010, 03:37 Swisstreasure Moderator Beiträge: 5694	#82 c:\users\Aytac\AppData\Roaming\User Protection c:\program files\Messenger Plus! Live [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Corwid"="c:\users\Aytac\AppData\Roaming\Adobe\Update\widgdi.dat" [2010-02-12 107792]

08.04.2010, 16:59 Swisstreasure Moderator Beiträge: 5694	#83 S1 ethagdgk;ethagdgk;c:\windows\system32\drivers\ethagdgk.sys [07.04.2010 11:42 140288] S3 DMSKSSRh;DMSKSSRh;\??\c:\dokume~1\**\LOKALE~1\Temp\DMSKSSRh.sys --> c:\dokume~1\**\LOKALE~1\Temp\DMSKSSRh.sys [?] Java C:\WINDOWS\System32\drivers\ldnpw.sys DRV - (ethagdgk) -- C:\WINDOWS\system32\drivers\ethagdgk.sys () [2010.04.07 11:42:29 \| 000,140,288 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\ethagdgk.sys [2010.04.07 11:42:29 \| 000,140,288 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ethagdgk.sys [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At72.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At71.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At70.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At69.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At68.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At67.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At66.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At65.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At64.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At63.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At62.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At61.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At60.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At59.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At58.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At57.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At56.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At55.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At54.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At53.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At52.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At51.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At50.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| C] () -- C:\WINDOWS\tasks\At49.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At9.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At8.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At7.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At6.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At5.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At4.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At3.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At24.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At23.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At22.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At21.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At20.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At2.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At19.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At18.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At17.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At16.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At15.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At14.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At13.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At12.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At11.job [2010.03.31 18:20:15 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At10.job [2010.03.31 18:20:14 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\tasks\At1.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At72.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At71.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At70.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At69.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At68.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At67.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At66.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At65.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At64.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At63.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At62.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At61.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At60.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At59.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At58.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At57.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At56.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At55.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At54.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At53.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At52.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At51.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At50.job [2010.03.31 18:24:51 \| 000,000,354 \| ---- \| M] () -- C:\WINDOWS\tasks\At49.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At9.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At8.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At7.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At6.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At5.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At4.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At3.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At24.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At23.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At22.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At21.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At20.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At2.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At19.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At18.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At17.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At16.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At15.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At14.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At13.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At12.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At11.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At10.job [2010.03.31 18:20:16 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\tasks\At1.job

06.05.2010, 18:26 Swisstreasure Moderator Beiträge: 5694	#84 PRC - C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe () PRC - C:\WINDOWS\Opukua.exe () SRV - (SSHNAS) -- C:\WINDOWS\system32\sshnas21.dll () O4 - HKCU..\Run: [M5T8QL3YW3] C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe () O4 - HKCU..\Run: [] File not found [2010.05.05 17:44:59 \| 000,165,888 \| ---- \| M] () -- C:\WINDOWS\Opukua.exe [2010.05.05 17:43:44 \| 000,193,024 \| ---- \| M] () -- C:\WINDOWS\System32\sshnas21.dll [2010.05.06 17:35:12 \| 000,000,244 \| -H-- \| M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.05.06 17:30:02 \| 000,000,278 \| -H-- \| M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.05.05 17:45:11 \| 000,165,888 \| ---- \| C] () -- C:\WINDOWS\Opukua.exe [2010.05.05 17:45:08 \| 000,000,278 \| -H-- \| C] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.05.05 17:45:03 \| 000,000,244 \| -H-- \| C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.05.05 17:43:44 \| 000,193,024 \| ---- \| C] () -- C:\WINDOWS\System32\sshnas21.dll C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe C:\WINDOWS\Opukua.exe C:\WINDOWS\system32\sshnas21.dll C:\Dokumente und Einstellungen\Till\Desktop\1241908321_GTA Environment mod 3.zip C:\Dokumente und Einstellungen\Till\Desktop\IV.EFC20FIX.rar C:\Dokumente und Einstellungen\Till\Desktop\IVAsiLoader.rar C:\Dokumente und Einstellungen\All Users\Desktop\Rockstar Games Social Club.lnk C:\Dokumente und Einstellungen\All Users\Desktop\Steam.lnk C:\Dokumente und Einstellungen\Till\Desktop\DLV_Patch_63_beta_01.exe C:\Dokumente und Einstellungen\Till\Desktop\5162_GTA_IV_CPLUSPLUS_Script_Hook_Version_0.5.0_Rev.1_(Redistributable)_(Apr_16_2010)(3).rar C:\Dokumente und Einstellungen\Till\Desktop\titleupdate.de.zip C:\Dokumente und Einstellungen\Till\Desktop\5162_GTA_IV_CPLUSPLUS_Script_Hook_Version_0.5.0_Rev.1_(Redistributable)_(Apr_16_2010)(2).rar C:\Dokumente und Einstellungen\Till\Desktop\5546_XLiveLess_V_0.999-beta1_by_listener.rar C:\Dokumente und Einstellungen\All Users\Desktop\ArtMoney SE v7.32.lnk C:\Dokumente und Einstellungen\Till\Desktop\artmoney732eng.exe C:\Dokumente und Einstellungen\Till\Desktop\5162_GTA_IV_CPLUSPLUS_Script_Hook_Version_0.5.0_Rev.1_(Redistributable)_(Apr_16_2010).rar C:\Dokumente und Einstellungen\Till\Desktop\GTAIV_TU5.zip C:\Dokumente und Einstellungen\Till\Desktop\GTAIV_1.0.6.0_Patch.zip C:\Dokumente und Einstellungen\Till\Desktop\Sgt_Melins Combine soundmod V2.rar

07.05.2010, 18:00 Swisstreasure Moderator Beiträge: 5694	#85 Fixen mit OTL • Starte bitte die OTL.exe. Vista-User mit Rechtsklick "als Administrator starten" • Kopiere nun den Inhalt in die Textbox. Code :OTL PRC - C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe () PRC - C:\WINDOWS\Opukua.exe () SRV - (SSHNAS) -- C:\WINDOWS\system32\sshnas21.dll () O4 - HKCU..\Run: [M5T8QL3YW3] C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe () O4 - HKCU..\Run: [] File not found [2010.05.05 17:44:59 \| 000,165,888 \| ---- \| M] () -- C:\WINDOWS\Opukua.exe [2010.05.05 17:43:44 \| 000,193,024 \| ---- \| M] () -- C:\WINDOWS\System32\sshnas21.dll [2010.05.06 17:35:12 \| 000,000,244 \| -H-- \| M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.05.06 17:30:02 \| 000,000,278 \| -H-- \| M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.05.05 17:45:11 \| 000,165,888 \| ---- \| C] () -- C:\WINDOWS\Opukua.exe [2010.05.05 17:45:08 \| 000,000,278 \| -H-- \| C] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job [2010.05.05 17:45:03 \| 000,000,244 \| -H-- \| C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2010.05.05 17:43:44 \| 000,193,024 \| ---- \| C] () -- C:\WINDOWS\System32\sshnas21.dll :Files C:\Dokumente und Einstellungen\Till\Lokale Einstellungen\Temp\Ovx.exe C:\WINDOWS\Opukua.exe :Commands [purity] [emptytemp] [CLEARALLRESTOREPOINTS] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Run Fix Button. • Klick auf . • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument. Kopiere nun den Inhalt hier in Code-Tags in Deinen Thread

12.06.2010, 12:03 N1con Member Beiträge: 395	#86 N1con Feierabendbier Spende __________ Wenn ich euch geholfen habe, könnt ihr gerne ans Board spenden, auch ich freue mich über einen kleinen Obolus für mein Feierabendbier Protecus Spenden

20.06.2010, 23:38 Swisstreasure Moderator Beiträge: 5694	#87 Lade den Avenger herunter und entzippe ihn auf den Desktop. Nicht gezippt direkt als EXE ist der Avenger hier erhältlich. Starte die avenger.exe durch Doppelklick und akzeptiere mit OK die Nutzungsbedingungen. Füge den Inhalt der folgenden Codebox vollständig und unverändert bei "Input script here" ein und klicke auf "Execute". Beantworte die Frage, ob Du sicher bist, dass das Skript ausgeführt werden soll mit "Ja". Code Drivers to delete: gdndzogr Drivers to disable: gdndzogr Beantworte die Frage zum Neustart des Rechners (Reboot now?) ebenfalls mit "Ja". Nachdem der Rechner neu gestartet ist (das kann auch zweimal nötig sein und passieren!) und das DOS-Fenster, das der Avenger geöffnet hat, wieder geschlossen ist, öffnet Avenger Deinen Editor mit dem Avengerlog, zu finden auch unter C:\avenger.txt. Den Inhalt bitte posten. Ein Backup der entfernten Objekte wurde als C:\avenger\backup.zip angelegt.

04.08.2010, 12:28 Swisstreasure Moderator Beiträge: 5694	#88 F:\_Start.bat uTorrent Java(TM) 6 Update 19 Ask Toolbar FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" Bonjour DAEMON Tools Lite

26.09.2010, 13:45 Swisstreasure Moderator Beiträge: 5694	#89 Code OTL logfile created on: 24.09.2010 20:16:21 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\meraj\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000407 \| Country: Deutschland \| Language: DEU \| Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory \| 1,00 Gb Available Physical Memory \| 48,00% Memory free 4,00 Gb Paging File \| 3,00 Gb Available in Paging File \| 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 88,31 Gb Total Space \| 35,44 Gb Free Space \| 40,14% Space Free \| Partition Type: NTFS Drive D: \| 88,00 Gb Total Space \| 83,00 Gb Free Space \| 94,32% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MERAJ-PC Current User Name: meraj Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010.09.24 20:13:18 \| 000,575,488 \| ---- \| M] (OldTimer Tools) -- C:\Users\meraj\Downloads\OTL.exe PRC - [2010.08.20 21:45:26 \| 001,164,584 \| ---- \| M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.04.22 19:54:00 \| 000,267,432 \| ---- \| M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.04.20 14:26:44 \| 000,300,912 \| ---- \| M] () -- C:\Programme\Samsung\Samsung Update Plus\SUPBackGround.exe PRC - [2010.04.20 12:52:02 \| 000,132,608 \| ---- \| M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2010.03.16 13:16:58 \| 000,140,288 \| ---- \| M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2010.03.02 11:28:23 \| 000,282,792 \| ---- \| M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.26 16:14:04 \| 000,652,800 \| ---- \| M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe PRC - [2010.02.24 10:28:01 \| 000,135,336 \| ---- \| M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.01.14 22:10:53 \| 000,076,968 \| ---- \| M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.10.27 10:15:02 \| 000,120,832 \| ---- \| M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009.09.05 18:29:06 \| 000,385,024 \| ---- \| M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2009.08.14 06:07:28 \| 000,268,848 \| ---- \| M] (VMware, Inc.) -- C:\Programme\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe PRC - [2009.04.11 08:28:11 \| 001,143,296 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe PRC - [2009.04.11 08:27:36 \| 002,926,592 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.02.26 15:24:50 \| 000,097,680 \| ---- \| M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2008.10.25 11:44:34 \| 000,031,072 \| ---- \| M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008.08.30 22:01:38 \| 000,577,024 \| ---- \| M] (http://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe PRC - [2008.06.18 14:31:00 \| 001,122,816 \| ---- \| M] (Nokia) -- C:\Programe\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2008.06.17 16:00:34 \| 001,249,280 \| ---- \| M] (Time Information Services Ltd.) -- C:\Programe\Nokia\Nokia PC Suite 7\PcSync2.exe PRC - [2008.05.22 15:05:06 \| 000,474,624 \| ---- \| M] (Nokia Corporation) -- C:\Programme\Common Files\Nokia\MPAPI\MPAPI3s.exe PRC - [2008.01.25 01:38:12 \| 002,458,128 \| ---- \| M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe PRC - [2008.01.19 09:38:38 \| 001,008,184 \| ---- \| M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.19 09:33:39 \| 000,202,240 \| ---- \| M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.09 16:50:22 \| 000,767,976 \| ---- \| M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe PRC - [2007.11.15 19:15:16 \| 000,251,216 \| ---- \| M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcsvrcnt.exe PRC - [2007.11.13 13:16:26 \| 000,359,248 \| ---- \| M] (McAfee, Inc.) -- c:\Programme\McAfee\MSC\mcupdui.exe PRC - [2007.11.01 19:12:38 \| 000,582,992 \| ---- \| M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe PRC - [2007.11.01 19:12:38 \| 000,265,040 \| ---- \| M] (McAfee, Inc.) -- c:\Programme\McAfee\MSC\mcuimgr.exe PRC - [2007.07.23 17:24:40 \| 000,348,160 \| ---- \| M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2007.04.09 09:58:46 \| 000,712,704 \| ---- \| M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2007.03.15 13:00:24 \| 000,033,280 \| ---- \| M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2007.03.14 12:07:40 \| 000,565,248 \| ---- \| M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2007.03.14 08:50:24 \| 004,399,104 \| ---- \| M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.03.10 13:41:20 \| 000,069,632 \| ---- \| M] (Intel(R) Corporation) -- C:\Programme\Intel\Intel Media Share Software\Viivmonitor.exe PRC - [2007.03.10 13:40:42 \| 000,368,640 \| ---- \| M] (Intel® Corporation) -- C:\Programme\Intel\Intel Media Share Software\IMSSync.exe PRC - [2007.01.15 08:16:00 \| 000,839,720 \| ---- \| M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe PRC - [2007.01.09 10:01:50 \| 000,540,776 \| ---- \| M] (McAfee, Inc.) -- C:\Programme\Common Files\McAfee\HackerWatch\HWAPI.exe PRC - [2006.12.20 05:27:40 \| 000,719,664 \| ---- \| M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006.12.20 05:27:38 \| 001,600,304 \| ---- \| M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2006.10.05 05:10:12 \| 000,009,216 \| ---- \| M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010.09.24 20:13:18 \| 000,575,488 \| ---- \| M] (OldTimer Tools) -- C:\Users\meraj\Downloads\OTL.exe MOD - [2009.04.11 08:21:38 \| 001,686,016 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008.01.19 09:33:00 \| 000,110,592 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010.04.22 19:54:00 \| 000,267,432 \| ---- \| M] (Avira GmbH) [Auto \| Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.02.26 16:14:04 \| 000,652,800 \| ---- \| M] (Nokia) [On_Demand \| Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.02.24 10:28:01 \| 000,135,336 \| ---- \| M] (Avira GmbH) [Auto \| Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.10.20 20:19:48 \| 000,117,264 \| ---- \| M] (CACE Technologies, Inc.) [On_Demand \| Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009.09.25 03:27:04 \| 000,793,088 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.08.14 06:07:28 \| 000,268,848 \| ---- \| M] (VMware, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2) SRV - [2008.08.04 15:45:16 \| 005,779,456 \| ---- \| M] () [Auto \| Stopped] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL) SRV - [2008.01.25 01:38:12 \| 002,458,128 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- c:\program files\common files\mcafee\mna\mcnasvc.exe -- (McNASvc) SRV - [2008.01.19 09:38:24 \| 000,272,952 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.09 16:50:22 \| 000,767,976 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2007.05.31 17:21:24 \| 000,379,784 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 17:21:18 \| 000,183,688 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007.03.10 13:40:42 \| 000,368,640 \| ---- \| M] (Intel® Corporation) [Auto \| Running] -- C:\Program Files\Intel\Intel Media Share Software\IMSSync.exe -- (IMSSync) SRV - [2007.01.15 08:16:00 \| 000,839,720 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2007.01.09 10:01:50 \| 000,540,776 \| ---- \| M] (McAfee, Inc.) [Auto \| Running] -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe -- (McAfee HackerWatch Service) SRV - [2006.10.05 05:10:12 \| 000,009,216 \| ---- \| M] (Agere Systems) [Auto \| Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel \| Disabled \| Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2010.04.29 12:19:24 \| 000,038,224 \| ---- \| M] (Malwarebytes Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010.03.01 10:05:19 \| 000,124,784 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.02.26 14:32:58 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.02.26 14:32:46 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.02.26 14:32:44 \| 000,022,528 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.02.26 14:32:44 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010.02.16 14:24:01 \| 000,060,936 \| ---- \| M] (Avira GmbH) [File_System \| Auto \| Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.10.20 20:19:44 \| 000,050,704 \| ---- \| M] (CACE Technologies, Inc.) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009.08.14 06:07:34 \| 000,018,224 \| ---- \| M] (VMware, Inc.) [Kernel \| Auto \| Running] -- C:\Programme\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2) DRV - [2009.05.12 15:53:04 \| 000,016,896 \| ---- \| M] (Danish Wireless Design A/S) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\FlashUsb.sys -- (FlashUSB) DRV - [2009.05.11 10:12:49 \| 000,028,520 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.11 06:42:52 \| 000,031,616 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009.02.13 12:35:01 \| 000,011,608 \| ---- \| M] (Avira GmbH) [Kernel \| System \| Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.01.23 14:32:34 \| 000,243,840 \| ---- \| M] (Vimicro Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008.08.26 10:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.12.06 10:51:00 \| 000,298,496 \| ---- \| M] (Marvell) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007.09.26 14:12:22 \| 002,251,776 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.06.20 04:29:15 \| 000,013,312 \| ---- \| M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007.06.06 20:42:36 \| 000,099,200 \| ---- \| M] (Novatel Wireless Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort) DRV - [2007.06.06 20:42:36 \| 000,099,200 \| ---- \| M] (Novatel Wireless Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem) DRV - [2007.05.22 15:35:00 \| 007,117,856 \| ---- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007.05.04 04:21:48 \| 000,208,896 \| ---- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R) DRV - [2007.04.19 08:02:38 \| 000,428,800 \| ---- \| M] (DiBcom) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700) DRV - [2007.03.14 09:54:06 \| 001,749,152 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007.02.12 07:36:54 \| 000,277,784 \| ---- \| M] (Intel Corporation) [Kernel \| Boot \| Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007.02.09 10:09:10 \| 000,182,456 \| ---- \| M] (Synaptics, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007.01.23 12:18:32 \| 000,039,936 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 10:03:28 \| 000,037,376 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.01.23 09:40:20 \| 000,042,496 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.01.09 09:44:38 \| 000,117,848 \| ---- \| M] (McAfee, Inc.) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP) DRV - [2006.12.20 04:08:16 \| 000,078,128 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2006.12.20 04:07:04 \| 000,016,560 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2006.12.20 04:04:16 \| 000,080,688 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2006.11.28 21:11:00 \| 001,161,888 \| ---- \| M] (Agere Systems) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 11:51:45 \| 000,900,712 \| ---- \| M] (QLogic Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006.11.02 11:51:38 \| 000,420,968 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006.11.02 11:51:34 \| 000,316,520 \| ---- \| M] (Emulex) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006.11.02 11:51:32 \| 000,297,576 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006.11.02 11:51:25 \| 000,235,112 \| ---- \| M] (ULi Electronics Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006.11.02 11:51:25 \| 000,232,040 \| ---- \| M] (Intel Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006.11.02 11:51:00 \| 000,147,048 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006.11.02 11:50:45 \| 000,115,816 \| ---- \| M] (Promise Technology, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006.11.02 11:50:41 \| 000,112,232 \| ---- \| M] (VIA Technologies Inc.,Ltd) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006.11.02 11:50:35 \| 000,106,088 \| ---- \| M] (QLogic Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 11:50:35 \| 000,098,408 \| ---- \| M] (Promise Technology, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 11:50:35 \| 000,098,408 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006.11.02 11:50:24 \| 000,088,680 \| ---- \| M] (NVIDIA Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006.11.02 11:50:19 \| 000,045,160 \| ---- \| M] (IBM Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 11:50:17 \| 000,041,576 \| ---- \| M] (Intel Corp./ICP vortex GmbH) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 11:50:16 \| 000,071,784 \| ---- \| M] (Silicon Integrated Systems) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006.11.02 11:50:13 \| 000,040,040 \| ---- \| M] (NVIDIA Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006.11.02 11:50:11 \| 000,071,272 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 11:50:10 \| 000,067,688 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006.11.02 11:50:10 \| 000,065,640 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006.11.02 11:50:10 \| 000,038,504 \| ---- \| M] (Silicon Integrated Systems Corp.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006.11.02 11:50:10 \| 000,037,480 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006.11.02 11:50:09 \| 000,067,688 \| ---- \| M] (Adaptec, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006.11.02 11:50:09 \| 000,035,944 \| ---- \| M] (Integrated Technology Express, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 11:50:07 \| 000,035,944 \| ---- \| M] (Integrated Technology Express, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 11:50:05 \| 000,065,640 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006.11.02 11:50:05 \| 000,035,944 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 11:50:04 \| 000,065,640 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006.11.02 11:50:03 \| 000,034,920 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 11:49:59 \| 000,033,384 \| ---- \| M] (LSI Logic Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 11:49:56 \| 000,031,848 \| ---- \| M] (LSI Logic) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 11:49:53 \| 000,028,776 \| ---- \| M] (LSI Logic Corporation) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006.11.02 11:49:30 \| 000,017,512 \| ---- \| M] (VIA Technologies, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006.11.02 11:49:28 \| 000,016,488 \| ---- \| M] (CMD Technology, Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006.11.02 11:49:20 \| 000,014,952 \| ---- \| M] (Acer Laboratories Inc.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 10:25:24 \| 000,071,808 \| ---- \| M] (Brother Industries Ltd.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 10:24:47 \| 000,011,904 \| ---- \| M] (Brother Industries Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 10:24:46 \| 000,005,248 \| ---- \| M] (Brother Industries, Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 10:24:45 \| 000,013,568 \| ---- \| M] (Brother Industries, Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 10:24:44 \| 000,062,336 \| ---- \| M] (Brother Industries Ltd.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 10:24:44 \| 000,012,160 \| ---- \| M] (Brother Industries Ltd.) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 09:36:50 \| 000,020,608 \| ---- \| M] (N-trig Innovative Technologies) [Kernel \| Disabled \| Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 09:36:43 \| 002,028,032 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.11.02 09:30:56 \| 002,589,184 \| ---- \| M] (Intel® Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel(R) DRV - [2006.11.02 09:30:56 \| 000,047,104 \| ---- \| M] (Realtek Semiconductor Corporation ) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006.11.02 09:30:54 \| 000,117,760 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2005.05.25 11:39:06 \| 000,004,608 \| ---- \| M] () [Kernel \| On_Demand \| Stopped] -- C:\Programme\RMClock\RTCore32.sys -- (RTCore32) DRV - [2004.03.05 18:00:00 \| 000,147,192 \| ---- \| M] (Microsoft Corporation) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\Vmm.sys -- (vmm) DRV - [2004.03.05 18:00:00 \| 000,045,056 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-online.de/cpm-redir/IE-8.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "http://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.1 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949 FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.85 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.4 FF - prefs.js..extensions.enabledItems: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: webbooster@iminent.com:3.27.3 FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.7.2.0 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.01 19:10:18 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.01 19:10:18 \| 000,000,000 \| ---D \| M] [2009.11.18 18:38:42 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Extensions [2010.09.21 16:31:17 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions [2010.08.29 18:57:32 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010.08.27 20:50:10 \| 000,000,000 \| ---D \| M] (FireShot) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010.04.29 20:05:59 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41} [2010.04.29 20:04:19 \| 000,000,000 \| ---D \| M] (Microsoft .NET Framework Assistant) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.02.27 02:37:34 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2009.11.18 19:03:08 \| 000,000,000 \| ---D \| M] (PDF Download) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.09.18 16:28:44 \| 000,000,000 \| ---D \| M] (Winload Toolbar) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2010.08.27 21:07:16 \| 000,000,000 \| ---D \| M] (AniWeather) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2010.05.06 20:57:59 \| 000,000,000 \| ---D \| M] (MeasureIt) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0} [2010.07.01 20:55:07 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.08.29 18:57:32 \| 000,000,000 \| ---D \| M] (ImTranslator) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2010.02.12 00:22:59 \| 000,000,000 \| ---D \| M] (Tamper Data) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947} [2010.07.11 14:40:23 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2009.11.18 18:57:37 \| 000,000,000 \| ---D \| M] (Web Developer) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010.07.01 20:55:10 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2010.08.27 21:07:18 \| 000,000,000 \| ---D \| M] (Adblock Plus) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.08.27 21:07:16 \| 000,000,000 \| ---D \| M] (Download Statusbar) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.06.21 20:16:02 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.05.30 18:19:57 \| 000,000,000 \| ---D \| M] (DownThemAll!) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.02.19 00:02:53 \| 000,000,000 \| ---D \| M] (FoxTab) -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010.02.15 17:47:52 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\de-DE@dictionaries.addons.mozilla.org [2009.11.18 19:03:05 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\OneDragALink@mozilla.org [2010.06.21 20:16:01 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\piclens@cooliris.com [2010.09.18 16:28:43 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\smarterwiki@wikiatic.com [2010.09.18 16:28:44 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\staged-xpis [2010.04.29 20:05:39 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\tabprogressbar@studio17.wordpress.com [2010.04.11 11:54:24 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\mozilla\Firefox\Profiles\sbiqsxx1.default\extensions\TabSidebar@blueprintit.co.uk [2010.03.24 16:13:02 \| 000,000,917 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\Mozilla\FireFox\Profiles\sbiqsxx1.default\searchplugins\conduit.xml [2010.09.18 16:38:54 \| 000,000,950 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\Mozilla\FireFox\Profiles\sbiqsxx1.default\searchplugins\icqplugin-1.xml [2010.09.01 19:10:34 \| 000,000,950 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\Mozilla\FireFox\Profiles\sbiqsxx1.default\searchplugins\icqplugin-2.xml [2010.09.04 15:34:18 \| 000,000,950 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\Mozilla\FireFox\Profiles\sbiqsxx1.default\searchplugins\icqplugin-3.xml [2010.08.03 22:19:34 \| 000,000,947 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\Mozilla\FireFox\Profiles\sbiqsxx1.default\searchplugins\icqplugin.xml [2010.09.04 15:18:37 \| 000,000,000 \| ---D \| M] -- C:\Programme\Mozilla Firefox\extensions [2010.08.06 13:41:31 \| 000,000,000 \| ---D \| M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.09.04 15:18:37 \| 000,000,000 \| ---D \| M] -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com [2010.09.01 19:10:09 \| 000,001,392 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.01 19:10:09 \| 000,002,344 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.01 19:10:09 \| 000,006,805 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.09 16:21:02 \| 000,002,157 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchTheWeb.xml [2010.09.01 19:10:09 \| 000,001,178 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.01 19:10:09 \| 000,001,105 \| ---- \| M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.08.13 11:43:39 \| 000,000,771 \| ---- \| M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [IaNvSrv] C:\Programme\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation) O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe File not found O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe File not found O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [Play AVStation TV Scheduler] C:\Programme\Samsung\Play AVStation\TvScheduler.exe (SAMSUNG ELECTRONICS CO., LTD.) O4 - HKLM..\Run: [RestartNeroSetup] C:\Users\meraj\AppData\Local\Temp\NeroDemo12547\Setupx.exe (Nero AG) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ViivMonitor] C:\Programme\Intel\Intel Media Share Software\Viivmonitor.exe (Intel(R) Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Nokia.PCSync] C:\Programe\Nokia\Nokia PC Suite 7\PCSync2.exe (Time Information Services Ltd.) O4 - HKCU..\Run: [PC Suite Tray] C:\Programe\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - Startup: C:\Users\meraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\meraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = D:\Programme\Stardock\ObjectDock\ObjectDock.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\meraj\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: canias.de ([www] http in Vertrauenswürdige Sites) O16 - DPF: {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.1.0/jinstall-1_1_0-windows-i586.cab (Java Plug-in 1.1.0) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 \| 000,000,024 \| ---- \| M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1e9cf328-37e8-11de-ab83-001c26e12314}\Shell - "" = AutoRun O33 - MountPoints2\{1e9cf328-37e8-11de-ab83-001c26e12314}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe -- File not found O33 - MountPoints2\{c4af0b99-c5df-11dc-97d5-001c26e12314}\Shell\AutoRun\command - "" = F:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk ) - File not found O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm () Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm () Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: VIDC.MP42 - C:\Windows\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010.09.21 17:49:27 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\Desktop\Amtsgreicht Ettlingen [2010.09.21 16:41:31 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\Desktop\Uli Vohman [2010.09.19 20:40:11 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\AppData\Roaming\Malwarebytes [2010.09.19 20:39:49 \| 000,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.09.19 20:39:45 \| 000,020,952 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.09.19 20:39:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2010.09.19 20:39:44 \| 000,000,000 \| ---D \| C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.09.19 20:14:00 \| 000,000,000 \| ---D \| C] -- C:\Programme\Trend Micro [2010.09.04 15:20:05 \| 000,000,000 \| ---D \| C] -- C:\Programme\AVI 2 DVD & VCD 1 [2010.09.04 15:19:44 \| 000,000,000 \| ---D \| C] -- C:\Programme\Conduit [2010.09.04 15:19:43 \| 000,000,000 \| ---D \| C] -- C:\Programme\Winload [2010.09.04 15:18:19 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\IMinent [2010.09.04 15:13:26 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\Documents\ConvertXToDVD [2010.09.04 15:10:26 \| 000,047,360 \| ---- \| C] (VSO Software) -- C:\Users\meraj\AppData\Roaming\pcouffin.sys [2010.09.04 15:10:26 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\Documents\PcSetup [2010.09.04 15:10:25 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\AppData\Roaming\Vso [2010.09.04 14:12:34 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\AppData\Roaming\WinAVI [2010.09.04 14:12:34 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\AppData\Local\WinAVI [2010.09.04 14:12:30 \| 000,000,000 \| ---D \| C] -- C:\Programme\All in One Converter [2010.09.04 13:58:59 \| 000,000,000 \| ---D \| C] -- C:\Programme\ffdshow [2010.09.04 13:58:38 \| 000,000,000 \| ---D \| C] -- C:\Programme\Haali [2010.09.04 13:57:56 \| 000,000,000 \| ---D \| C] -- C:\Programme\AC3Filter [2010.09.04 13:57:34 \| 000,000,000 \| ---D \| C] -- C:\Programme\AviSynth 2.5 [2010.09.04 13:56:46 \| 000,000,000 \| ---D \| C] -- C:\Programme\Avi2Dvd [2010.08.30 19:46:23 \| 000,000,000 \| ---D \| C] -- C:\Programme\RegCleaner [2010.08.30 19:40:15 \| 000,000,000 \| ---D \| C] -- C:\Programme\CCleaner [2010.08.06 13:37:43 \| 000,000,000 \| ---D \| C] -- C:\Programme\Common Files\Skype [2010.07.11 14:40:22 \| 000,000,000 \| ---D \| C] -- C:\Users\meraj\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.11 14:39:59 \| 000,000,000 \| ---D \| C] -- C:\Programme\DVDVideoSoft [2009.06.16 14:03:56 \| 000,126,976 \| ---- \| C] ( ) -- C:\Windows\System32\Interop.SHDocVw.dll [2006.11.24 07:14:44 \| 000,139,264 \| ---- \| C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006.11.24 07:14:44 \| 000,126,976 \| ---- \| C] ( ) -- C:\Windows\System32\MACSSDK.dll [4 C:\Windows\System32\.tmp files -> C:\Windows\System32\.tmp -> ] [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010.09.24 20:16:17 \| 003,670,016 \| -HS- \| M] () -- C:\Users\meraj\NTUSER.DAT [2010.09.24 20:11:12 \| 000,000,396 \| -H-- \| M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4F779839-8DB2-46BB-A0BB-474A9F8A37F2}.job [2010.09.24 20:09:54 \| 000,035,413 \| ---- \| M] () -- C:\Windows\System32\Config.MPF [2010.09.24 20:08:45 \| 000,000,880 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.09.24 20:08:41 \| 000,000,416 \| -H-- \| M] () -- C:\Windows\tasks\SupBackGroundTask.job [2010.09.24 20:08:27 \| 000,003,168 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.09.24 20:08:27 \| 000,003,168 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.09.24 20:08:14 \| 000,000,006 \| -H-- \| M] () -- C:\Windows\tasks\SA.DAT [2010.09.24 20:08:07 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2010.09.21 18:23:58 \| 000,002,880 \| ---- \| M] () -- C:\Windows\bthservsdp.dat [2010.09.21 18:23:44 \| 000,524,288 \| -HS- \| M] () -- C:\Users\meraj\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.09.21 18:23:44 \| 000,065,536 \| -HS- \| M] () -- C:\Users\meraj\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.09.21 18:23:34 \| 004,071,988 \| -H-- \| M] () -- C:\Users\meraj\AppData\Local\IconCache.db [2010.09.21 18:09:54 \| 001,369,288 \| ---- \| M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.09.21 18:09:54 \| 000,622,814 \| ---- \| M] () -- C:\Windows\System32\perfh007.dat [2010.09.21 18:09:54 \| 000,590,352 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2010.09.21 18:09:54 \| 000,123,938 \| ---- \| M] () -- C:\Windows\System32\perfc007.dat [2010.09.21 18:09:54 \| 000,046,252 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2010.09.21 17:55:00 \| 000,000,884 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.09.21 17:49:24 \| 000,153,485 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\nvModes.001 [2010.09.19 20:39:54 \| 000,000,818 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.09.19 20:14:00 \| 000,001,874 \| ---- \| M] () -- C:\Users\meraj\Desktop\HijackThis.lnk [2010.09.18 22:25:45 \| 000,224,702 \| ---- \| M] () -- C:\Users\meraj\Desktop\Wohnung.pdf [2010.09.04 15:28:45 \| 000,000,578 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\burnaware.ini [2010.09.04 15:20:06 \| 000,000,862 \| ---- \| M] () -- C:\Users\meraj\Desktop\AVI 2 DVD & VCD 1.0.lnk [2010.09.04 15:20:05 \| 000,080,896 \| ---- \| M] () -- C:\Windows\cadkasdeinst01.exe [2010.09.04 15:14:09 \| 000,087,608 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\inst.exe [2010.09.04 15:14:09 \| 000,047,360 \| ---- \| M] (VSO Software) -- C:\Users\meraj\AppData\Roaming\pcouffin.sys [2010.09.04 15:14:09 \| 000,007,887 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\pcouffin.cat [2010.09.04 15:14:09 \| 000,001,144 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\pcouffin.inf [2010.09.04 15:13:49 \| 000,001,041 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\vso_ts_preview.xml [2010.09.04 14:12:33 \| 000,000,876 \| ---- \| M] () -- C:\Users\meraj\Desktop\WinAVI All in One Converter.lnk [2010.09.04 13:58:11 \| 000,033,019 \| ---- \| M] () -- C:\Windows\System32\CoreAAC-uninstall.exe [2010.09.04 12:47:19 \| 000,153,485 \| ---- \| M] () -- C:\Users\meraj\AppData\Roaming\nvModes.dat [2010.08.27 20:42:25 \| 000,391,464 \| ---- \| M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.06 13:27:22 \| 000,000,680 \| ---- \| M] () -- C:\Users\meraj\AppData\Local\d3d9caps.dat [2010.07.11 14:40:18 \| 000,001,032 \| ---- \| M] () -- C:\Users\meraj\Desktop\DVDVideoSoft Free Studio.lnk [4 C:\Windows\System32\.tmp files -> C:\Windows\System32\.tmp -> ] [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010.09.19 20:39:54 \| 000,000,818 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.09.19 20:14:00 \| 000,001,874 \| ---- \| C] () -- C:\Users\meraj\Desktop\HijackThis.lnk [2010.09.18 22:25:44 \| 000,224,702 \| ---- \| C] () -- C:\Users\meraj\Desktop\Wohnung.pdf [2010.09.04 15:20:06 \| 000,000,862 \| ---- \| C] () -- C:\Users\meraj\Desktop\AVI 2 DVD & VCD 1.0.lnk [2010.09.04 15:20:05 \| 000,080,896 \| ---- \| C] () -- C:\Windows\cadkasdeinst01.exe [2010.09.04 15:12:29 \| 000,001,041 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\vso_ts_preview.xml [2010.09.04 15:12:17 \| 000,000,033 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\pcouffin.log [2010.09.04 15:10:26 \| 000,087,608 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\inst.exe [2010.09.04 15:10:26 \| 000,007,887 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\pcouffin.cat [2010.09.04 15:10:26 \| 000,001,144 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\pcouffin.inf [2010.09.04 14:12:33 \| 000,000,876 \| ---- \| C] () -- C:\Users\meraj\Desktop\WinAVI All in One Converter.lnk [2010.09.04 13:59:01 \| 000,085,504 \| ---- \| C] () -- C:\Windows\System32\ff_vfw.dll [2010.09.04 13:59:01 \| 000,050,688 \| ---- \| C] () -- C:\Windows\System32\ff_acm.acm [2010.09.04 13:58:11 \| 000,033,019 \| ---- \| C] () -- C:\Windows\System32\CoreAAC-uninstall.exe [2010.09.04 13:57:57 \| 000,497,664 \| ---- \| C] () -- C:\Windows\System32\ac3filter.acm [2010.03.30 19:39:30 \| 000,001,471 \| ---- \| C] () -- C:\Users\meraj\AppData\Local\RecConfig.xml [2010.03.08 15:48:06 \| 000,116,224 \| ---- \| C] () -- C:\Windows\System32\redmonnt.dll [2009.11.21 19:42:35 \| 000,819,200 \| ---- \| C] () -- C:\Windows\System32\xvidcore.dll [2009.11.21 19:42:34 \| 000,180,224 \| ---- \| C] () -- C:\Windows\System32\xvidvfw.dll [2009.11.04 13:11:47 \| 000,000,578 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\burnaware.ini [2009.10.21 09:49:23 \| 000,117,248 \| ---- \| C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.10.20 20:19:30 \| 000,053,299 \| ---- \| C] () -- C:\Windows\System32\pthreadVC.dll [2009.06.16 14:03:58 \| 000,053,248 \| ---- \| C] () -- C:\Windows\System32\dossec.dll [2009.06.02 13:11:05 \| 000,053,248 \| ---- \| C] () -- C:\Windows\System32\CommonDL.dll [2009.06.02 13:11:05 \| 000,002,412 \| ---- \| C] () -- C:\Windows\System32\lgAxconfig.ini [2009.04.06 19:41:28 \| 000,000,680 \| ---- \| C] () -- C:\Users\meraj\AppData\Local\d3d9caps.dat [2009.01.07 19:53:49 \| 000,023,552 \| ---- \| C] () -- C:\Windows\System32\jesterss.dll [2008.06.20 23:22:28 \| 000,000,056 \| -H-- \| C] () -- C:\ProgramData\ezsidmv.dat [2008.01.24 18:01:46 \| 000,000,305 \| ---- \| C] () -- C:\ProgramData\addr_file.html [2008.01.18 11:22:58 \| 000,000,600 \| ---- \| C] () -- C:\Users\meraj\AppData\Local\PUTTY.RND [2007.10.28 20:14:52 \| 000,000,306 \| RHS- \| C] () -- C:\ProgramData\ntuser.pol [2007.10.28 20:06:31 \| 000,024,206 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\UserTile.png [2007.10.28 19:04:55 \| 000,153,485 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\nvModes.001 [2007.10.28 19:04:53 \| 000,153,485 \| ---- \| C] () -- C:\Users\meraj\AppData\Roaming\nvModes.dat [2007.10.08 19:11:48 \| 000,006,144 \| ---- \| C] () -- C:\Users\meraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.06.20 04:35:59 \| 000,000,135 \| R--- \| C] () -- C:\Windows\System32\lngEng.ini [2007.06.20 04:35:59 \| 000,000,117 \| ---- \| C] () -- C:\Windows\System32\lngKor.ini [2007.06.19 10:56:17 \| 000,167,936 \| ---- \| C] () -- C:\Windows\System32\nvccoin.dll [2007.06.19 10:55:57 \| 001,060,424 \| ---- \| C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.06.19 10:55:51 \| 000,016,480 \| ---- \| C] () -- C:\Windows\System32\rixdicon.dll [2007.03.29 23:00:40 \| 000,203,264 \| R--- \| C] () -- C:\Windows\System32\CddbCdda.dll [2007.02.15 09:51:02 \| 000,274,432 \| ---- \| C] () -- C:\Windows\System32\NDADLL.dll [2006.12.20 05:00:12 \| 000,389,120 \| ---- \| C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.29 10:00:28 \| 000,307,200 \| ---- \| C] () -- C:\Windows\System32\LDBGenWizView.dll [2006.11.02 14:35:32 \| 000,005,632 \| ---- \| C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:25:44 \| 000,159,744 \| ---- \| C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 09:40:29 \| 000,013,750 \| ---- \| C] () -- C:\Windows\System32\pacerprf.ini [2006.10.09 03:01:28 \| 000,061,440 \| ---- \| C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001.11.14 05:56:00 \| 001,802,240 \| ---- \| C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2010.04.24 16:37:05 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\.bittorrent [2008.09.08 14:12:20 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Aptana [2010.03.30 19:55:06 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Audio Record Edit Toolbox Pro [2010.03.30 19:52:51 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Audio Recorder for Free [2009.12.27 16:23:41 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Azureus [2010.09.19 23:49:32 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Desktopicon [2010.07.11 14:40:22 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\DVDVideoSoftIEHelpers [2009.04.08 13:01:51 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\FileZilla [2010.01.15 19:15:27 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\FireShot [2008.12.29 19:13:29 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\gtk-2.0 [2010.09.19 20:00:55 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\ICQ [2010.04.25 15:31:23 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\ImgBurn [2010.01.08 12:02:31 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\InfoRapid KnowledgeMap [2008.02.02 12:46:46 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\JDiskReport [2009.06.02 12:01:38 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\LG Electronics [2008.09.23 17:17:35 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\MySQL [2010.02.11 22:25:44 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Nokia [2008.03.22 22:13:14 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Notepad++ [2008.08.22 14:47:53 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\PC Suite [2007.10.28 20:06:31 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\PeerNetworking [2010.03.11 22:03:35 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\streamripper [2008.09.01 13:48:25 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Subversion [2009.03.27 18:03:02 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Toolbars [2010.09.04 14:37:56 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\uTorrent [2008.01.09 21:53:06 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Vodafone [2010.09.04 15:14:09 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Vso [2010.09.04 14:12:34 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\WinAVI [2010.02.19 00:01:36 \| 000,000,000 \| ---D \| M] -- C:\Users\meraj\AppData\Roaming\Wireshark [2009.11.25 11:22:44 \| 000,000,364 \| ---- \| M] () -- C:\Windows\Tasks\Install_NSS.job [2007.06.20 05:15:35 \| 000,000,382 \| ---- \| M] () -- C:\Windows\Tasks\McDefragTask.job [2007.06.20 05:15:35 \| 000,000,368 \| ---- \| M] () -- C:\Windows\Tasks\McQcTask.job [2010.09.21 18:23:58 \| 000,032,530 \| ---- \| M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010.09.24 20:08:41 \| 000,000,416 \| -H-- \| M] () -- C:\Windows\Tasks\SupBackGroundTask.job [2010.09.24 20:11:12 \| 000,000,396 \| -H-- \| M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4F779839-8DB2-46BB-A0BB-474A9F8A37F2}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\. >[/color] [2009.12.04 12:31:53 \| 000,001,024 \| ---- \| M] () -- C:\.rnd [2006.09.18 23:43:36 \| 000,000,024 \| ---- \| M] () -- C:\autoexec.bat [2009.04.11 08:36:36 \| 000,333,257 \| RHS- \| M] () -- C:\bootmgr [2006.11.16 12:39:29 \| 000,008,192 \| R-S- \| M] () -- C:\BOOTSECT.BAK [2006.09.18 23:43:37 \| 000,000,010 \| ---- \| M] () -- C:\config.sys [2010.09.21 18:15:41 \| 000,003,660 \| ---- \| M] () -- C:\fpRedmon.log [2007.09.03 04:55:27 \| 000,000,000 \| RHS- \| M] () -- C:\IO.SYS [2007.09.03 04:55:27 \| 000,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2010.09.24 20:08:02 \| 2459,635,712 \| -HS- \| M] () -- C:\pagefile.sys [2007.11.21 16:14:06 \| 000,009,216 \| ---- \| M] () -- C:\test_cap2.grf [2007.11.23 18:48:41 \| 000,007,680 \| ---- \| M] () -- C:\test_pre2.grf [color=#A23BEC]< %systemroot%\system32\.wt >[/color] [color=#A23BEC]< %systemroot%\system32\.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\.com >[/color] [2006.11.02 14:37:12 \| 000,026,040 \| ---- \| M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2006.11.02 14:37:12 \| 000,026,489 \| ---- \| M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2006.11.02 14:37:12 \| 000,029,779 \| ---- \| M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2010.04.11 21:06:54 \| 000,037,665 \| ---- \| M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\.ini >[/color] [2006.09.18 23:37:34 \| 000,000,065 \| ---- \| M] () -- C:\Windows\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\. >[/color] [2006.11.02 11:46:03 \| 000,070,144 \| ---- \| M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNBPP3.DLL [2008.01.19 09:34:28 \| 000,089,600 \| ---- \| M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL [2006.11.02 14:35:48 \| 000,022,528 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll [2006.10.26 19:56:12 \| 000,033,104 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll [color=#A23BEC]< %systemroot%\REPAIR\.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\.ini >[/color] [color=#A23BEC]< %systemroot%\system32\.jpg >[/color] [color=#A23BEC]< %systemroot%\.scr >[/color] [2009.07.10 14:10:44 \| 000,307,568 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [1 C:\Windows\.tmp files -> C:\Windows\.tmp -> ] [color=#A23BEC]< %systemroot%\._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\. >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\. >[/color] [color=#A23BEC]< %PROGRAMFILES%\. >[/color] [2008.10.30 21:16:24 \| 000,000,174 \| -HS- \| M] () -- C:\Programme\desktop.ini [color=#A23BEC]< %APPDATA%\Update\. >[/color] [color=#A23BEC]< %systemroot%\. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\.dll /lockedfiles >[/color] [2009.06.16 14:03:58 \| 000,053,248 \| ---- \| M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dossec.dll [2009.06.16 14:03:56 \| 000,126,976 \| ---- \| M] ( )[b] Unable to obtain MD5[/b] -- C:\Windows\System32\Interop.SHDocVw.dll [2009.04.11 08:27:47 \| 000,241,128 \| ---- \| M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2009.04.11 08:28:23 \| 000,228,352 \| ---- \| M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [4 C:\Windows\system32\.tmp files -> C:\Windows\system32\.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\.sav >[/color] [2006.11.02 12:34:05 \| 000,008,192 \| ---- \| M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 12:34:05 \| 000,020,480 \| ---- \| M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 12:34:05 \| 000,008,192 \| ---- \| M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 \| 010,133,504 \| ---- \| M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 \| 001,826,816 \| ---- \| M] () -- C:\Windows\System32\config\SYSTEM.SAV [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2009.04.11 08:28:25 \| 000,627,712 \| ---- \| M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\user32.dll [4 C:\Windows\system32\.tmp files -> C:\Windows\system32\.tmp -> ] [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2008.01.19 09:37:09 \| 000,179,200 \| ---- \| M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll [4 C:\Windows\system32\.tmp files -> C:\Windows\system32\.tmp -> ] [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2006.11.02 11:44:30 \| 000,004,608 \| ---- \| M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll [4 C:\Windows\system32\.tmp files -> C:\Windows\system32\.tmp -> ] [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008.10.29 08:20:29 \| 002,923,520 \| ---- \| M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 \| 002,927,104 \| ---- \| M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 \| 002,927,616 \| ---- \| M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2007.11.22 19:50:01 \| 002,923,520 \| ---- \| M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2007.11.22 19:50:01 \| 002,923,520 \| ---- \| M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009.04.11 08:27:36 \| 002,926,592 \| ---- \| M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 \| 002,926,592 \| ---- \| M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 \| 002,923,520 \| ---- \| M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 11:45:07 \| 002,923,520 \| ---- \| M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008.01.19 09:33:10 \| 002,927,104 \| ---- \| M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008.01.19 09:33:37 \| 000,096,768 \| ---- \| M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.19 09:33:37 \| 000,096,768 \| ---- \| M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2006.11.02 11:45:57 \| 000,095,744 \| ---- \| M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009.04.11 08:28:13 \| 000,314,368 \| ---- \| M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 \| 000,314,368 \| ---- \| M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 11:45:57 \| 000,308,224 \| ---- \| M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 09:33:37 \| 000,314,880 \| ---- \| M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-24 18:18:18 < End of report >

06.01.2011, 23:38 naiad ...neu hier Beiträge: 6	#90 codetag-test Code test

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

» Logfile zum Posten
» Malwarebytes log posten
»
» Anonymes posten im Usenet?
» Tipp: Posten von Ellenlangen Hijack usw!!!

Seite(n): Erste Seite 3 4 5 6 7