Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: MSConfig und andere Programme starten nicht.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.11.2010, 17:42   #1
sharK223
 
MSConfig und andere Programme starten nicht. - Ausrufezeichen

MSConfig und andere Programme starten nicht.



Guten Tag Leute,

ich habe ein ziehmlich nerviges Problem.
Es ist bestimmt ein sehr häufiges Problem das dinge wie MSconfig nicht starten wollen aber ich habe mich jetzt 2 Stunden durch das Internet gearbeitet und nix gefunden was mir hilft.

Problembeschreibung:
Seit heute starten folgende Programme nicht mehr:
MSconfig
JDownloader
Systemwiederherstellung

Nur die Systemwiederherstellung gibt ein Fehler aus:


Mein System ist:
Windows 7 64-Bit Ultimate
Alle Updates die es bis DaTo gibt

Als ich das letzte mal so ein ähnliches problem hatte, musste ich nur in den abgesichterten Modus wechseln und in der MSconfig auf Normalen Systemstart stellen.
Danach ging wieder alles.
Heute funktioniert dies aber auch nicht da sich auch hier die MSconfig nicht starten lies, auch nicht mit einem anderen Konto.
Bevor ich es vergesse, mein Kaspersky 2010 hat mir eben eine Desenfection einer DLLhost.exe empfohlen.
Hab es natürlich sofort gemacht.
System startete neu aber es gab keine verbesserung.
Eventuel ist die Regestry ja schrott. Ich benutzte häufiger CCleaner...

Bitte helft mir.

Alt 30.11.2010, 18:31   #2
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.





Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
Schritt 2

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________


Alt 30.11.2010, 20:25   #3
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Guten Tag,

danke für die Hilfe aber zuerst habe ich eine Frage.
Malewarebytes möchte einen Systemneustart. Soll ich den Log jetzt schon posten und neu starten oder soll ich lieber noch nicht neustarten und erst die Liste abarbeiten?

Edit

Da ich leider nicht viel Zeit habe starte ich das System jetzt neu und jage danach OTL drüber.
Entschuldigung das ich mich damit der Anleitung wiedersetzt aber da Sie ja derzeit Offline sind
erwarte ich keine hilfe in der nächsten halben stunde.

Malewarebytes Log:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5220

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30.11.2010 20:22:16
mbam-log-2010-11-30 (20-22-16).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 158864
Laufzeit: 2 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Edit

hier nun die LOGs der OTL.exe

OTL.txt
Code:
ATTFilter
OTL logfile created on: 30.11.2010 20:44:32 - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\sharK223\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
21,00 Gb Paging File | 19,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 15,83 Gb Free Space | 26,55% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 83,89 Gb Free Space | 18,02% Space Free | Partition Type: NTFS
Drive E: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 74,53 Gb Total Space | 2,79 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive J: | 7,40 Gb Total Space | 1,10 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
 
Computer Name: SHARK223-PC | User Name: sharK223 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe
PRC - [2010.11.06 00:45:26 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.10.31 10:42:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.05.25 18:53:50 | 002,155,848 | ---- | M] () -- D:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2010.03.27 12:45:16 | 000,329,168 | ---- | M] () -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe
PRC - [2010.03.18 19:25:50 | 000,360,960 | ---- | M] (iZ3D Inc.) -- D:\Programme\iZ3D Driver\Win32\S3DCService.exe
PRC - [2009.04.17 09:09:46 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.02 05:27:27 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009.07.14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.09.29 02:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.11.18 16:11:42 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.11.06 00:45:26 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.05.25 18:53:50 | 002,155,848 | ---- | M] () [Auto | Running] -- D:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010.05.17 18:40:18 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.05.06 08:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP)
SRV - [2010.03.27 12:45:16 | 000,329,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe -- (WTGService)
SRV - [2010.03.18 19:34:34 | 000,614,400 | ---- | M] (iZ3D Inc.) [Auto | Running] -- D:\Programme\iZ3D Driver\Win64\S3DCService.exe -- (S3D Service (Win64)) S3D Service (Win64)
SRV - [2010.03.18 19:25:50 | 000,360,960 | ---- | M] (iZ3D Inc.) [Auto | Running] -- D:\Programme\iZ3D Driver\Win32\S3DCService.exe -- (S3D Service (Win32)) S3D Service (Win32)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 02:14:28 | 000,020,992 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.22 12:01:30 | 000,124,256 | ---- | M] () [Disabled | Stopped] -- D:\Programme\OverDrive\AODAssist.exe -- (AODService)
SRV - [2009.04.17 09:09:46 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.04.02 05:27:27 | 000,090,112 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008.12.16 15:19:42 | 002,371,584 | R--- | M] (Adobe Systems Incorporated.) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\FMSMaster.exe -- (FMS) Flash Media Server (FMS)
SRV - [2008.12.16 15:04:38 | 002,502,656 | R--- | M] (Adobe Systems Incorporated.) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\FMSAdmin.exe -- (FMSAdmin)
SRV - [2008.12.16 14:40:22 | 000,024,635 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- D:\Programme\Flash Media Server 3.5\Apache2.2\bin\httpd.exe -- (FMSHttpd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV:64bit: - [2010.09.29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.09.29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.09.29 02:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.19 17:54:25 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010.07.15 13:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.09 12:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010.07.02 11:00:22 | 000,276,576 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.06.23 16:10:56 | 000,344,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.05.16 14:31:54 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.05.16 14:31:54 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.04.14 00:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010.03.23 22:21:08 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.03.10 07:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.03.10 03:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTLWUSB)
DRV:64bit: - [2010.01.07 02:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2010.01.01 18:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.21 20:56:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.10.14 20:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009.10.02 18:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.10.01 10:19:10 | 001,492,608 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW71364.sys -- (HCW3x64)
DRV:64bit: - [2009.09.30 15:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.14 13:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.09.01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.08.17 12:20:46 | 001,235,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64)
DRV:64bit: - [2009.01.19 19:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2007.08.08 17:54:12 | 000,035,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2007.07.05 02:58:36 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxu6.sys -- (athrusb6)
DRV:64bit: - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.11.08 08:59:36 | 000,602,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2009.11.11 20:22:30 | 000,014,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Programme\SapphireRedLine\atillk64.sys -- (atillk64)
DRV - [2009.05.27 19:11:18 | 000,043,704 | ---- | M] () [Kernel | System | Running] -- D:\Programme\iZ3D Driver\Win64\S3DInjectionDriver.sys -- (iZ3DInjectionDriver)
DRV - [2008.07.24 11:04:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.02.16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007.02.07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2006.11.08 09:00:06 | 000,530,560 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PA707UCM.sys -- (PAC7311)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 90 D6 38 AF D1 CA 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://doompage.square7.ch/"
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.1
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.99999
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.31 10:42:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.31 10:42:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.31 10:42:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.31 10:42:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.07.19 17:54:43 | 000,000,000 | ---D | M]
 
[2010.03.20 20:24:08 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Extensions
[2010.11.30 20:20:38 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions
[2010.11.30 15:48:44 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.06.16 18:26:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.30 15:48:44 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.09.07 17:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.11.30 15:48:42 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\firebug@software.joehewitt.com
[2010.07.25 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\gutscheinmieze@synatix-gmbh.de
[2010.11.30 15:48:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\nasanightlaunch@example.com
[2010.10.24 13:13:19 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\mozilla\Firefox\Profiles\kem51ojn.default\extensions\toolbar@ask.com
[2010.05.07 21:16:18 | 000,002,252 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\askcom.xml
[2010.07.28 19:58:43 | 000,001,023 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\battlenet.xml
[2010.10.24 13:23:19 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-2.xml
[2010.07.24 17:55:46 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-3.xml
[2010.07.25 22:25:56 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-4.xml
[2010.10.27 18:11:33 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-5.xml
[2010.10.31 10:44:22 | 000,000,950 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin-6.xml
[2010.06.16 18:26:36 | 000,000,168 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.gif
[2010.06.16 18:26:36 | 000,000,618 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.src
[2010.06.23 20:04:52 | 000,001,056 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\icqplugin.xml
[2010.09.12 11:44:44 | 000,001,694 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\mycsharpde.xml
[2010.04.23 15:34:46 | 000,002,057 | ---- | M] () -- C:\Users\sharK223\AppData\Roaming\Mozilla\FireFox\Profiles\kem51ojn.default\searchplugins\youtube-videosuche.xml
[2010.09.20 12:14:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.19 17:54:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009.08.07 09:38:10 | 000,044,544 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll
[2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll
[2010.09.13 16:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.13 16:02:53 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.25 22:18:10 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
[2010.09.13 16:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.13 16:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.13 16:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.05.14 19:49:23 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\Programme\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\sharK223\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\sharK223\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TaskTray]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: add to &BOM - D:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: add to &BOM - D:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\x64\sbhook64.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~3\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~3\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.06 21:18:15 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{1070ca28-344f-11df-92e2-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{1070ca28-344f-11df-92e2-e0cb4ec61c42}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{1070ca43-344f-11df-92e2-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{1070ca43-344f-11df-92e2-e0cb4ec61c42}\Shell\AutoRun\command - "" = I:\Installer.exe -- File not found
O33 - MountPoints2\{4027081e-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{4027081e-36c1-11df-801f-e0cb4ec61c42}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{40270833-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{40270833-36c1-11df-801f-e0cb4ec61c42}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{40270838-36c1-11df-801f-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{457e12b9-3e78-11df-918c-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{457e12bb-3e78-11df-918c-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{5d0da523-3743-11df-a63a-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{5d0da526-3743-11df-a63a-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{6806954e-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{68069550-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{68069553-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{68069557-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{6806955a-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{6806955c-39ac-11df-99de-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{8f8490de-94d9-11df-b0dc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8f8490de-94d9-11df-b0dc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2009.03.06 21:18:15 | 000,112,208 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{bbe848b8-3a90-11df-a353-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{bbe848bb-3a90-11df-a353-000e2ea5b66d}\Shell - "" = AutoRun
O33 - MountPoints2\{ca167ab7-3991-11df-afd6-e0cb4ec61c42}\Shell - "" = AutoRun
O33 - MountPoints2\{ca167aba-3991-11df-afd6-e0cb4ec61c42}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.30 20:18:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe
[2010.11.30 20:16:53 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Roaming\Malwarebytes
[2010.11.30 20:16:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.30 20:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.30 20:16:26 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.30 20:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.30 20:14:02 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\sharK223\Desktop\mbam-setup.exe
[2010.11.30 16:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.11.29 18:20:33 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Passwort Sicherheit
[2010.11.28 14:57:04 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Wiki to Wiki Converter
[2010.11.28 14:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SSScanAppDataDir
[2010.11.27 13:12:26 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Widescreen Fixer
[2010.11.25 16:15:11 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Mario-Simulator
[2010.11.22 17:11:10 | 000,000,000 | ---D | C] -- C:\Fast Games
[2010.11.20 09:53:29 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\Criterion Games
[2010.11.20 09:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.11.20 09:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2010.11.20 09:41:26 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Crack
[2010.11.20 09:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010.11.11 12:28:55 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\VCD6
[2010.11.11 12:16:41 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\AV.Voice.Changer.v7.0.29.Diamond.FULL-RBC
[2010.11.11 11:45:56 | 000,377,568 | ---- | C] (AnalogX, LLC) -- C:\Users\sharK223\Desktop\sayiti.exe
[2010.11.11 11:42:25 | 011,058,149 | ---- | C] (Caltrox Educational Software                                ) -- C:\Users\sharK223\Desktop\speech50.exe
[2010.11.08 14:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Natural Mod
[2010.11.08 12:57:27 | 021,591,696 | ---- | C] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup(1).exe
[2010.11.08 12:45:52 | 000,518,746 | ---- | C] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup.exe
[2010.11.05 20:12:39 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\LucasArts
[2010.11.05 20:12:39 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\LucasArts
[2010.11.03 21:24:29 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\Apple Computer
[2010.11.02 20:11:05 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Documents\ICQ
[2010.11.02 18:09:20 | 000,000,000 | ---D | C] -- C:\Users\sharK223\AppData\Local\FalloutNV
[2010.11.01 20:30:07 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\The Fall of Little Red Riding Hood Part 2
[2010.11.01 20:16:35 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\(Jay Naylor) - The Fall Of Little Red Riding Hood [2009]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.30 20:42:38 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.30 20:42:38 | 000,019,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.30 20:37:32 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010.11.30 20:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.30 20:37:25 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.30 20:19:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\sharK223\Desktop\OTL.exe
[2010.11.30 20:16:47 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.30 20:16:03 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\sharK223\Desktop\mbam-setup.exe
[2010.11.30 17:37:33 | 000,090,389 | ---- | M] () -- C:\Users\sharK223\Desktop\Unbenannt-2.jpg
[2010.11.30 17:20:53 | 000,005,474 | ---- | M] () -- C:\Users\sharK223\Desktop\cc_20101130_172048.reg
[2010.11.30 16:23:45 | 000,098,085 | ---- | M] () -- C:\Users\sharK223\Desktop\msconfig.jpg
[2010.11.30 16:10:23 | 002,053,472 | ---- | M] () -- C:\Users\sharK223\Desktop\SecurityTaskManager_Setup.exe
[2010.11.29 17:31:36 | 000,003,432 | ---- | M] () -- C:\bootsqm.dat
[2010.11.28 21:15:47 | 000,069,632 | ---- | M] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation.doc
[2010.11.27 20:40:10 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.11.27 20:40:10 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.11.27 19:39:22 | 000,026,624 | ---- | M] () -- C:\Users\sharK223\Desktop\Meeting IT.doc
[2010.11.27 18:48:57 | 001,054,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.27 18:48:57 | 000,752,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.27 18:48:57 | 000,172,116 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.27 18:48:57 | 000,096,626 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.27 18:48:57 | 000,039,922 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.27 18:44:49 | 001,380,223 | ---- | M] () -- C:\Users\sharK223\Desktop\Schnelles Kopieren.png
[2010.11.27 17:56:55 | 000,784,896 | ---- | M] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation_Dajana_Arndt.doc
[2010.11.27 13:12:15 | 000,066,869 | ---- | M] () -- C:\Users\sharK223\Desktop\Widescreen Fixer (2010-11-20).7z
[2010.11.26 16:33:24 | 000,000,748 | ---- | M] () -- C:\Users\sharK223\Desktop\Audiosurf.lnk
[2010.11.24 15:06:12 | 000,010,696 | ---- | M] () -- C:\Users\sharK223\Desktop\Rechnung_418339794968734425853.pdf
[2010.11.23 17:29:15 | 028,710,448 | ---- | M] () -- C:\Users\sharK223\Desktop\5b5e00f5f07d28bf.flv
[2010.11.22 22:04:14 | 000,030,466 | ---- | M] () -- C:\Users\sharK223\Desktop\retoure.pdf
[2010.11.22 21:34:47 | 000,002,186 | ---- | M] () -- C:\Users\sharK223\Desktop\rqvybb.gif
[2010.11.22 21:23:03 | 000,000,331 | ---- | M] () -- C:\Users\sharK223\Desktop\manifest.xml
[2010.11.22 19:17:33 | 000,036,866 | ---- | M] () -- C:\Users\sharK223\Desktop\WLI.PNG
[2010.11.22 19:17:01 | 000,052,179 | ---- | M] () -- C:\Users\sharK223\Desktop\WLI.GIF
[2010.11.22 16:45:56 | 000,000,151 | ---- | M] () -- C:\Windows\SysNative\autopart.opt
[2010.11.21 19:33:17 | 000,167,706 | ---- | M] () -- C:\Users\sharK223\Desktop\unbenannt.jpg
[2010.11.21 13:38:35 | 000,033,058 | ---- | M] () -- C:\Users\sharK223\Desktop\677fwph.gif
[2010.11.21 13:38:15 | 000,118,891 | ---- | M] () -- C:\Users\sharK223\Desktop\schrodinger-hellsing-walkingonsunsh.gif
[2010.11.21 13:38:13 | 000,040,909 | ---- | M] () -- C:\Users\sharK223\Desktop\schrödi.gif
[2010.11.21 13:38:13 | 000,040,909 | ---- | M] () -- C:\Users\sharK223\Desktop\12095939954cbb548ac2a75.gif
[2010.11.21 00:39:53 | 004,695,691 | ---- | M] () -- C:\Users\sharK223\Desktop\Angerfist - Terror Of My Speedcore.mp3
[2010.11.20 23:57:28 | 013,992,138 | ---- | M] () -- C:\Users\sharK223\Desktop\StepMania-3.9a.exe
[2010.11.20 19:03:59 | 000,007,295 | ---- | M] () -- C:\Users\sharK223\Desktop\FritzReNew.zip
[2010.11.20 09:53:13 | 000,001,231 | ---- | M] () -- C:\Users\sharK223\Desktop\Need for Speed - Hot Pursuit.lnk
[2010.11.18 22:21:17 | 000,350,071 | ---- | M] () -- C:\Users\sharK223\Desktop\shot0044.jpg
[2010.11.18 22:09:34 | 000,003,332 | ---- | M] () -- C:\Users\sharK223\Desktop\281855-nvcwa59b.dlc
[2010.11.18 17:05:05 | 000,153,353 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.11.18 17:05:05 | 000,106,761 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.11.11 15:42:44 | 000,872,503 | ---- | M] () -- C:\Users\sharK223\Desktop\86570.gif
[2010.11.11 14:31:21 | 001,399,800 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Opps.png
[2010.11.11 12:31:32 | 000,000,884 | ---- | M] () -- C:\Users\sharK223\Desktop\Voice Changer 6.0 Diamond.lnk
[2010.11.11 12:14:43 | 018,281,247 | ---- | M] () -- C:\Users\sharK223\Desktop\AVVCD7.0.29.rar
[2010.11.11 11:50:19 | 000,000,802 | ---- | M] () -- C:\Users\sharK223\Desktop\Speech Synthesizer 5.0.lnk
[2010.11.11 11:46:53 | 011,058,149 | ---- | M] (Caltrox Educational Software                                ) -- C:\Users\sharK223\Desktop\speech50.exe
[2010.11.11 11:46:37 | 000,377,568 | ---- | M] (AnalogX, LLC) -- C:\Users\sharK223\Desktop\sayiti.exe
[2010.11.11 11:36:18 | 000,008,661 | ---- | M] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.sch
[2010.11.11 11:35:24 | 000,008,320 | ---- | M] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.pdf
[2010.11.10 14:40:43 | 000,000,211 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops.url
[2010.11.10 14:40:43 | 000,000,211 | ---- | M] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops - Multiplayer.url
[2010.11.08 12:46:54 | 000,518,746 | ---- | M] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup.exe
[2010.11.08 10:57:24 | 021,591,696 | ---- | M] (pydon) -- C:\Users\sharK223\Desktop\natural.mod.2.0.2.setup(1).exe
[2010.11.07 21:12:44 | 000,250,682 | ---- | M] () -- C:\Users\sharK223\Desktop\mbwcli3071.zip
[2010.11.07 14:53:47 | 000,002,992 | ---- | M] () -- C:\Users\sharK223\Desktop\VA-DJ Networx Vol 35_raidrush.org.dlc
[2010.11.06 00:45:26 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.11.05 23:14:01 | 000,007,635 | ---- | M] () -- C:\Users\sharK223\AppData\Local\resmon.resmoncfg
[2010.11.05 20:09:10 | 000,000,510 | ---- | M] () -- C:\Users\sharK223\Desktop\Star Wars™ The Force Unleashed II.lnk
[2010.11.03 20:26:30 | 000,115,923 | ---- | M] () -- C:\Users\sharK223\Desktop\Marina.jpeg
[2010.11.02 17:50:35 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2010.11.01 20:05:42 | 263,103,568 | ---- | M] () -- C:\Users\sharK223\Desktop\Crysis_Patch_1_2.exe.part
[2010.11.01 17:24:54 | 000,143,098 | ---- | M] () -- C:\Users\sharK223\Desktop\vty-0170.rar
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.30 20:16:47 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.30 17:37:32 | 000,090,389 | ---- | C] () -- C:\Users\sharK223\Desktop\Unbenannt-2.jpg
[2010.11.30 17:20:52 | 000,005,474 | ---- | C] () -- C:\Users\sharK223\Desktop\cc_20101130_172048.reg
[2010.11.30 16:23:47 | 000,098,085 | ---- | C] () -- C:\Users\sharK223\Desktop\msconfig.jpg
[2010.11.30 16:09:16 | 002,053,472 | ---- | C] () -- C:\Users\sharK223\Desktop\SecurityTaskManager_Setup.exe
[2010.11.29 17:31:36 | 000,003,432 | ---- | C] () -- C:\bootsqm.dat
[2010.11.27 18:44:44 | 001,380,223 | ---- | C] () -- C:\Users\sharK223\Desktop\Schnelles Kopieren.png
[2010.11.27 17:56:54 | 000,784,896 | ---- | C] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation_Dajana_Arndt.doc
[2010.11.27 17:47:13 | 000,026,624 | ---- | C] () -- C:\Users\sharK223\Desktop\Meeting IT.doc
[2010.11.27 16:12:28 | 004,118,042 | ---- | C] () -- C:\Users\sharK223\Desktop\Quincy Jagher - One More Time.mp3
[2010.11.27 13:12:18 | 000,066,869 | ---- | C] () -- C:\Users\sharK223\Desktop\Widescreen Fixer (2010-11-20).7z
[2010.11.25 16:33:47 | 003,820,392 | ---- | C] () -- C:\Users\sharK223\Desktop\Drunken_Monkey_-_Calabria.mp3
[2010.11.24 15:06:23 | 000,010,696 | ---- | C] () -- C:\Users\sharK223\Desktop\Rechnung_418339794968734425853.pdf
[2010.11.23 17:50:51 | 009,382,874 | ---- | C] () -- C:\Users\sharK223\Desktop\Andrew_Spencer_and_The_Vamprockerz_-_Zombie__Ray_Knox_Remix_.mp3
[2010.11.23 16:52:55 | 028,710,448 | ---- | C] () -- C:\Users\sharK223\Desktop\5b5e00f5f07d28bf.flv
[2010.11.22 22:04:16 | 000,030,466 | ---- | C] () -- C:\Users\sharK223\Desktop\retoure.pdf
[2010.11.22 21:34:47 | 000,002,186 | ---- | C] () -- C:\Users\sharK223\Desktop\rqvybb.gif
[2010.11.22 21:23:03 | 000,000,331 | ---- | C] () -- C:\Users\sharK223\Desktop\manifest.xml
[2010.11.22 21:22:43 | 000,040,909 | ---- | C] () -- C:\Users\sharK223\Desktop\schrödi.gif
[2010.11.22 19:17:33 | 000,036,866 | ---- | C] () -- C:\Users\sharK223\Desktop\WLI.PNG
[2010.11.22 19:17:01 | 000,052,179 | ---- | C] () -- C:\Users\sharK223\Desktop\WLI.GIF
[2010.11.22 19:01:43 | 000,069,632 | ---- | C] () -- C:\Users\sharK223\Desktop\Praktikumsdokumentation.doc
[2010.11.21 19:33:17 | 000,167,706 | ---- | C] () -- C:\Users\sharK223\Desktop\unbenannt.jpg
[2010.11.21 13:38:35 | 000,033,058 | ---- | C] () -- C:\Users\sharK223\Desktop\677fwph.gif
[2010.11.21 13:38:15 | 000,118,891 | ---- | C] () -- C:\Users\sharK223\Desktop\schrodinger-hellsing-walkingonsunsh.gif
[2010.11.21 13:38:12 | 000,040,909 | ---- | C] () -- C:\Users\sharK223\Desktop\12095939954cbb548ac2a75.gif
[2010.11.21 00:38:16 | 004,695,691 | ---- | C] () -- C:\Users\sharK223\Desktop\Angerfist - Terror Of My Speedcore.mp3
[2010.11.20 23:50:53 | 013,992,138 | ---- | C] () -- C:\Users\sharK223\Desktop\StepMania-3.9a.exe
[2010.11.20 19:04:16 | 000,032,768 | ---- | C] () -- C:\Program Files\FritzReNew.exe
[2010.11.20 19:04:01 | 000,007,295 | ---- | C] () -- C:\Users\sharK223\Desktop\FritzReNew.zip
[2010.11.20 09:53:13 | 000,001,231 | ---- | C] () -- C:\Users\sharK223\Desktop\Need for Speed - Hot Pursuit.lnk
[2010.11.20 09:41:56 | 000,000,161 | ---- | C] () -- C:\Users\sharK223\Desktop\autorun.inf
[2010.11.18 22:24:37 | 000,350,071 | ---- | C] () -- C:\Users\sharK223\Desktop\shot0044.jpg
[2010.11.18 22:09:35 | 000,003,332 | ---- | C] () -- C:\Users\sharK223\Desktop\281855-nvcwa59b.dlc
[2010.11.11 15:42:44 | 000,872,503 | ---- | C] () -- C:\Users\sharK223\Desktop\86570.gif
[2010.11.11 14:31:11 | 001,399,800 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Opps.png
[2010.11.11 12:31:32 | 000,000,884 | ---- | C] () -- C:\Users\sharK223\Desktop\Voice Changer 6.0 Diamond.lnk
[2010.11.11 12:07:52 | 018,281,247 | ---- | C] () -- C:\Users\sharK223\Desktop\AVVCD7.0.29.rar
[2010.11.11 11:50:19 | 000,000,802 | ---- | C] () -- C:\Users\sharK223\Desktop\Speech Synthesizer 5.0.lnk
[2010.11.11 11:36:12 | 000,008,661 | ---- | C] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.sch
[2010.11.11 11:35:28 | 000,008,320 | ---- | C] () -- C:\Users\sharK223\Desktop\speech-synthesizer-schematic.pdf
[2010.11.10 14:40:43 | 000,000,211 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops.url
[2010.11.10 14:40:43 | 000,000,211 | ---- | C] () -- C:\Users\sharK223\Desktop\Call of Duty Black Ops - Multiplayer.url
[2010.11.07 21:12:37 | 000,250,682 | ---- | C] () -- C:\Users\sharK223\Desktop\mbwcli3071.zip
[2010.11.07 14:53:50 | 000,002,992 | ---- | C] () -- C:\Users\sharK223\Desktop\VA-DJ Networx Vol 35_raidrush.org.dlc
[2010.11.06 06:51:25 | 006,990,750 | ---- | C] () -- C:\Users\sharK223\Desktop\Keine Angabe.mp3
[2010.11.06 06:46:23 | 008,199,421 | ---- | C] () -- C:\Users\sharK223\Desktop\Daivd Guetta ft. Kid Cudi - Memories (Ali Nadem Remix).mp3
[2010.11.06 06:27:30 | 008,870,016 | ---- | C] () -- C:\Users\sharK223\Desktop\Suicide Silence - Disengage (Big Chocolate Remix).mp3
[2010.11.06 06:09:21 | 007,425,082 | ---- | C] () -- C:\Users\sharK223\Desktop\03 - An Ocean Between Us.mp3
[2010.11.05 20:09:10 | 000,000,510 | ---- | C] () -- C:\Users\sharK223\Desktop\Star Wars™ The Force Unleashed II.lnk
[2010.11.03 20:24:07 | 000,115,923 | ---- | C] () -- C:\Users\sharK223\Desktop\Marina.jpeg
[2010.11.02 17:50:35 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Fallout New Vegas.lnk
[2010.11.01 19:06:56 | 000,120,064 | ---- | C] () -- C:\Users\sharK223\Desktop\21514_Fiesta_SiteSkinLeft_336x768.swf
[2010.11.01 17:26:41 | 263,103,568 | ---- | C] () -- C:\Users\sharK223\Desktop\Crysis_Patch_1_2.exe.part
[2010.11.01 17:24:27 | 000,143,098 | ---- | C] () -- C:\Users\sharK223\Desktop\vty-0170.rar
[2010.10.16 16:15:18 | 000,185,344 | ---- | C] () -- C:\Windows\SysWow64\PCGW32.DLL
[2010.09.15 14:04:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.07.25 22:19:27 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010.07.18 11:42:33 | 000,000,000 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\debuggee.mdmp
[2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.06.19 01:17:19 | 000,000,000 | ---- | C] () -- C:\Program Files\ini.ini
[2010.05.22 12:46:50 | 000,000,052 | ---- | C] () -- C:\Windows\videodeLuxe.INI
[2010.05.09 15:09:27 | 000,000,171 | ---- | C] () -- C:\Windows\icecast2.ini
[2010.04.28 17:58:14 | 000,002,550 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\EliseProfile0.dat
[2010.04.03 19:08:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010.04.03 19:08:25 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.04.03 19:08:05 | 000,001,208 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.30 18:43:30 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.03.30 14:15:34 | 000,000,156 | ---- | C] () -- C:\Users\sharK223\AppData\Roaming\default.rss
[2010.03.28 15:49:08 | 000,007,635 | ---- | C] () -- C:\Users\sharK223\AppData\Local\resmon.resmoncfg
[2010.03.24 21:26:20 | 000,929,908 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.20 18:20:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.03.20 18:20:26 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.03.20 18:17:06 | 000,041,973 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.03.20 18:16:30 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.03.20 18:16:25 | 000,034,381 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.02.28 16:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006.11.01 07:54:30 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2006.11.01 07:52:38 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2006.10.27 12:52:34 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP7311.ini
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2010.07.02 16:28:15 | 000,000,000 | -HSD | M] -- C:\Users\sharK223\AppData\Roaming\.#
[2010.09.22 13:06:04 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Atari
[2010.08.15 18:23:33 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Bioshock
[2010.08.15 19:06:38 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Bioshock2
[2010.11.24 20:10:43 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\BitTorrent
[2010.06.12 20:03:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\bizarre creations
[2010.03.30 17:40:50 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\CDZilla
[2010.06.18 20:29:27 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.09.07 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.23 17:08:35 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\FlashFXP
[2010.05.07 19:02:31 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\fltk.org
[2010.09.15 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Foxit Software
[2010.07.21 15:24:31 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\GetRightToGo
[2010.03.24 21:29:20 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\GrabPro
[2010.07.25 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Gutscheinmieze
[2010.08.08 11:42:12 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Hardcore
[2010.11.26 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ICQ
[2010.07.19 18:03:57 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ImgBurn
[2010.10.16 16:15:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\iZ3D Driver
[2010.08.04 11:55:58 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\MAXON
[2010.09.22 18:36:19 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Mp3tag
[2010.10.24 13:33:44 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Notepad++
[2010.11.23 23:26:42 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Orbit
[2010.08.01 15:50:17 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ProgSense
[2010.07.19 18:19:00 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\ProtectDisc
[2010.07.14 20:04:53 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Publish Providers
[2010.07.14 20:04:51 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Sony
[2010.04.14 12:58:52 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Spore
[2010.08.17 09:38:11 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\The Creative Assembly
[2010.06.20 20:26:13 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\TS3Client
[2010.04.27 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Ubisoft
[2010.05.16 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Uniblue
[2010.07.06 16:23:29 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\uTorrent
[2010.09.19 18:11:57 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Vara Software
[2010.03.28 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\sharK223\AppData\Roaming\Verbindungsassistent
[2010.11.07 14:09:00 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\sharK223\Desktop\Keine Angabe.mp3:TOC.WMV

< End of report >
         
Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 30.11.2010 20:40:49 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\sharK223\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
21,00 Gb Paging File | 19,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 15,83 Gb Free Space | 26,55% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 83,89 Gb Free Space | 18,02% Space Free | Partition Type: NTFS
Drive E: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 74,53 Gb Total Space | 2,79 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive J: | 7,40 Gb Total Space | 1,10 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
 
Computer Name: SHARK223-PC | User Name: sharK223 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Programme\FlashFXP\FlashFXP.exe" = D:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2BBFC887-B2FD-4873-A09E-E817A8282494}" = Microsoft IntelliPoint 7.0
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{4432F6A4-33D7-41B9-88E4-6735CF334671}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU
"{4B55F339-396E-29A9-B6D0-24B6D251C90A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{EB78DD44-9AEE-7160-4AC3-053636D393C6}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F68310EC-B615-4044-B7D7-1A6349758D42}" = Microsoft SQL Server VSS Writer
"{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}" = Microsoft SQL Server Native Client
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"{FD53298A-4734-AFCB-B733-4C07776E589E}" = ccc-utility64
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"MAXON1B91BFEF" = CINEMA 4D 11.514
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - DEU
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor v1.0.10
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{179C91E9-D9ED-D5CC-F0D8-9579DBDED8D6}" = CCC Help English
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{249CAB4C-B528-4273-AB92-F072A35C65A7}" = Wirecast
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{421EC9A7-4A58-43CD-AC9B-8FACFFB9A843}" = Microsoft Visual C# 2005 Express Edition - DEU
"{43430808-081A-4C0D-B7CC-601000018301}" = LOST PLANET 2
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{46C1BAFF-6EAC-446F-A3D4-59BE2708EA41}" = Trust Webcam 14839 
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4AC93914-8B9C-469F-B641-A492996B7BD3}" = Aion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56aba277-ee53-4478-a607-fa42208ff5a9}" = Menu Templates - Pack 1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5B52E1FF-BD66-4582-97BA-55C575C19504}" = Microsoft MSDN 2005 Express Edition - DEU
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63A56D6A-8AA4-4568-A9E0-790D31B2F30E}" = Adobe Flash Media Encoder 2.5
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A782F9A-57EB-48C8-91CD-D017A376F372}" = Split/Second Demo
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C8B53B9-41EE-AD83-007A-55EE64DE6932}" = Catalyst Control Center Graphics Previews Common
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77B5AD60-8F14-11D4-9BC9-0050041A1090}" = American McGee's Alice(tm)
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{782D349D-6CA0-42C0-8DF6-5083D91C28D0}" = SapphireRedLine
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis*Disk*Director*Home
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BBB7F293-12A9-821C-9409-013CD8E824EC}" = Application Profiles
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{c7773a89-6ba8-477f-87d0-b9798028e445}" = Nero 9 Essentials
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CF5DE1DD-F7E6-694D-1E82-84C7C9C9ABDB}" = Catalyst Control Center Graphics Previews Vista
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}" = REALTEK Wireless LAN Driver
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7951681-CCC7-24AA-7BFE-9647F477DCFF}" = HydraVision
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB0F4554-AD4F-4C8C-9764-66AC2CF8D184}" = AMD OverDrive
"{EB3B36B9-E1F4-81BA-BEB5-4FB07D4CEE39}" = Catalyst Control Center InstallProxy
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF8BC672-4FBB-4E42-A34D-6A616B54E662}" = Drivers
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F446160A-373F-2310-2062-914C4DED0309}" = Application Profiles
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F6C4EE06-DA6D-45DC-A129-04166F5FF238}" = PC VGA Camera
"{F744201B-8229-4FBF-AF10-13BAFD02AF7C}" = STORM
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9D65BA1-84C5-B4CB-91FE-D68F07ECBA24}" = ccc-core-static
"{FA1A7D68-C146-98E6-A2D0-ACEAE2F58A66}" = Application Profiles
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7Smoker Pro_is1" = 7Smoker Pro 1.2
"Adobe Flash Media Server 3.5_is1" = Adobe Flash Media Server 3.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Afterburner" = MSI Afterburner 1.6.1
"AnalogX SayIt" = AnalogX SayIt
"ASIO4ALL" = ASIO4ALL
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Biet-O-Matic v2.14.3" = Biet-O-Matic v2.14.3
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Fallout New Vegas_is1" = Fallout New Vegas
"FL Studio 9" = FL Studio 9
"Foxit Creator" = Foxit Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{46C1BAFF-6EAC-446F-A3D4-59BE2708EA41}" = Trust Webcam 14839 
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{95633EBE-216B-48B5-B103-0C9919787F46}" = Obscure
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{EF8BC672-4FBB-4E42-A34D-6A616B54E662}" = D-Link DL10050 Series Fast Ethernet Driver
"InstallShield_{F6C4EE06-DA6D-45DC-A129-04166F5FF238}" = PC VGA Camera
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MAGIX Online Druck Service" = MAGIX Online Druck Service
"MAGIX Video deLuxe 2005 e-version" = MAGIX Video deLuxe 2005 e-version
"MAGIX Video deLuxe silver" = MAGIX Video deLuxe silver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft MSDN 2005 Express Edition - DEU" = Microsoft MSDN 2005 Express Edition - DEU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C# 2005 Express Edition - DEU" = Microsoft Visual C# 2005 Express Edition - DEU
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mp3tag" = Mp3tag v2.43
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Natural Mod" = Natural Mod
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Orbit_is1" = Orbit Downloader
"PoiZone" = PoiZone
"Postal 2" = Postal 2
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"rayatitray" = Ray Adams ATI Tray Tools
"Sawer" = Sawer
"Security Task Manager" = Security Task Manager 1.8c
"Serious Sam HD The First Encounter_is1" = Serious Sam HD The First Encounter
"Speech Synthesizer 5.0_is1" = Speech Synthesizer 5.0
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"StarCraft II" = StarCraft II
"Steam App 12840" = DiRT 2
"Steam App 18800" = Zero Gear Demo
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 50130" = Mafia II
"Steam App 50620" = Darksiders
"StepMania" = StepMania 3.9a (Nur entfernen)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Verbindungsassistent" = Verbindungsassistent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Windows Live Essentials
"Worms Reloaded_is1" = Worms Reloaded
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"xvid" = XviD MPEG-4 Video Codec
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
Ich hoffe das hilft
__________________

Geändert von sharK223 (30.11.2010 um 20:48 Uhr)

Alt 30.11.2010, 21:21   #4
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Lade Dir bitte WVCheck ( by Artellos ) von einem der folgenden Downloadspiegel herunter
und speichere die Datei auf dem Desktop.
  • Starte WVCheck.exe
  • Wie Du im DOS Fenster lesen kannst wird das Tool eventuell eine Weile brauchen.
    Bestätige mit Enter.
  • Wenn der Scan beendet wurde, öffnet sich ein Textdokument. Kopiere den Inhalt und poste diesen bitte hier in deinen Thread.
Das Textdokument wird dort gespeichert, wo auch die WVCheck.exe ist ( WVCheck_<Uhrzeit>_<Datum>.txt )

Alt 01.12.2010, 21:16   #5
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Guten Abend,

leider ging es nicht früher...

Hier der WVCheck:
Code:
ATTFilter
Windows Validation Check
Version: 1.9.11.4
Log Created On: 2113_01-12-2010
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7  
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Do not download or install updates automatically.
-----------------------
Last Success Time for Update Detection: 2010-10-13 17:36:07
Last Success Time for Update Download: 2010-10-13 19:06:10
Last Success Time for Update Installation: 2010-10-13 19:34:44


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
WVCheck found no known bad files.


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
Line: 127.0.0.1 sls.microsoft.com
Matched: *microsoft.com*
-----------------------
Line: 127.0.0.1 mpa.one.microsoft.com
Matched: *microsoft.com*
-----------------------


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - e8b0ffc209e504cb7e79fc24e6c085f0


-------- End of File, program close at 2113_01-12-2010 --------
         
Mir ist aufgefallen, dass sich auch das Fenster wo ich meine
Aufnahmegeräte und wiedergabegeräte sehen kann nicht öffnet.
Vermutlich das selbe problem. Wird langsahm echt nervig.

Mit freundlichen Grüßen
sharK


Alt 01.12.2010, 22:25   #6
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Woher hast Du Die Windows Version? Und hast Du die ORIGINAL CD griffbereit?

Alt 01.12.2010, 22:39   #7
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Hmm...
Auf sagen wir auf sone Frage war ich nicht vorbereitet :P
Nein ich hab die Version von meinem Vater bekommen. Soweit ich das weis
war se bei seinem Rechner dabei. Mehr kann ich nicht dazu sagen.
Die Original CD hat er bestimmt irgentwo aber ich weis nicht wo und er ist für die nächsten 2 Wochen nicht zugegent... Ich habe nur eine Win 7 64-Bit Repair CD. Aber ich kann ja mal nachgucken ob ich se finde.
Darf ich fragen wozu ich die brauche?

Alt 02.12.2010, 00:01   #8
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Ich denke Du hast eine illegal erworbene resp. auf illegalem Weg aktivierte Version...

Alt 02.12.2010, 17:47   #9
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Öhm, ach ja?
Ich weis nicht. Wie gesagt das hat alles mein Vater gemacht ^^.
Ich muss ihn wohl mal zur rede stellen. Naja aber was soll ich den nun mit
der DVD machen, mein Nachbar hat die DVD nähmlich. Mein Vater hat sie ihnen
ausgeliehen.

Alt 04.12.2010, 15:10   #10
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Was ist denn nun?
Was soll ich mit der DVD machen?
Mir ist nähmlich nochwas aufgefallen.
Wenn ich rechtskilck auf einen markierten Text mache,
dann kommt das Menü mit Kopieren und Auschneiden nicht...

Alt 04.12.2010, 15:48   #11
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Ich werde Dir noch antworten wie es weiter geht.

Alt 05.12.2010, 02:28   #12
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Was kannst Du mit zu folgendem sagen:
Zitat:
[2010.11.20 09:41:26 | 000,000,000 | ---D | C] -- C:\Users\sharK223\Desktop\Crack
[2010.11.20 09:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield

Alt 08.12.2010, 14:35   #13
sharK223
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Nicht viel eigentlich weil ich meinen Desktop gestern grundlegend aufgräumt habe ^^. Ich hab sowieso das Gefühl, dass es besser und vorallem schneller ist wenn ich Windows neu installiere. Normalerweise bin ich ja nicht so der Freund davon aber wenn sich nichtmal die Eigenschafts Fenster öffnen lassen werde ich des Zieles mistrauisch.

Alt 08.12.2010, 15:34   #14
Swisstreasure
/// Malwareteam
 
MSConfig und andere Programme starten nicht. - Standard

MSConfig und andere Programme starten nicht.



Ja das bleibt Dir auch leider als einzige Option übrig.

Antwort

Themen zu MSConfig und andere Programme starten nicht.
64-bit, dinge, dllhost.exe, fehler, folge, folgende, funktioniert, guten, helft, heute, interne, internet, kaspersky, leute, msconfig, natürlich, neu, nicht mehr, nicht starten, programme, programme starten nicht, starten, starten nicht, stelle, systemstart, updates, wechsel, wechseln, ähnliches



Ähnliche Themen: MSConfig und andere Programme starten nicht.


  1. Win 7 Programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (3)
  2. Manche Programme starten nicht
    Log-Analyse und Auswertung - 19.10.2010 (19)
  3. Avira wird nicht ausgefuehrt andere Programme koennen nicht installiert werden
    Plagegeister aller Art und deren Bekämpfung - 02.02.2010 (2)
  4. Antivir und andere Virenprogramme starten nicht / Rootkit?
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (16)
  5. Programme starten nicht, kein Internet, AntiViruss. funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 30.07.2009 (6)
  6. programme starten nicht und firefox öffnet nicht alle Seiten
    Plagegeister aller Art und deren Bekämpfung - 16.06.2009 (5)
  7. programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 23.03.2009 (6)
  8. msconfig, regedit, task manager etc. lassen sich nicht starten
    Log-Analyse und Auswertung - 17.03.2009 (3)
  9. Programme, die nicht starten
    Log-Analyse und Auswertung - 26.08.2008 (12)
  10. Programme starten nicht (exe)
    Log-Analyse und Auswertung - 21.01.2008 (0)
  11. Programme Starten nicht richtig und lassen sich nicht beenden
    Plagegeister aller Art und deren Bekämpfung - 08.09.2007 (1)
  12. Programme starten nicht, kann nicht runterfahren-nach antivir und adware
    Plagegeister aller Art und deren Bekämpfung - 05.05.2007 (31)
  13. Programme starten nicht unter XP
    Log-Analyse und Auswertung - 18.03.2007 (4)
  14. Diverse Programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 24.06.2006 (3)
  15. Programme starten nicht
    Log-Analyse und Auswertung - 16.06.2006 (2)
  16. Icq und andere Programme starten nicht mehr...
    Alles rund um Windows - 02.04.2005 (1)
  17. Kann Programme in msconfig Autostart nicht deaktivieren
    Alles rund um Windows - 24.02.2005 (3)

Zum Thema MSConfig und andere Programme starten nicht. - Guten Tag Leute, ich habe ein ziehmlich nerviges Problem. Es ist bestimmt ein sehr häufiges Problem das dinge wie MSconfig nicht starten wollen aber ich habe mich jetzt 2 Stunden - MSConfig und andere Programme starten nicht....
Archiv
Du betrachtest: MSConfig und andere Programme starten nicht. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.