| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Zirkumflex und Akzent doppelt (Keylogger?)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.02.2012, 21:58
| #1 |
 |  Zirkumflex und Akzent doppelt (Keylogger?) Servus, ich hab seid heute gerade eben irgendwie das Problem, das mein Zirkumflex doppelt erscheint. Laut Google soll es ein Trojaner und/oder Keylogger sein. Hier mein Hijackthis-Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:40:21, on 18.02.2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16930) Boot mode: Normal Running processes: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe C:\Program Files (x86)\ICQ7.5\ICQ.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Mert\Desktop\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 127.94.0.1 client.openvpn.net O1 - Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray O4 - HKCU\..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: UltraMon.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12757 bytes OTL-LOG: Code:
ATTFilter OTL logfile created on: 18.02.2012 21:52:42 - Run 1 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Mert\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 53,63% Memory free 15,96 Gb Paging File | 11,49 Gb Available in Paging File | 71,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 456,71 Gb Total Space | 291,63 Gb Free Space | 63,86% Space Free | Partition Type: NTFS Drive D: | 456,71 Gb Total Space | 340,33 Gb Free Space | 74,52% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 138,76 Gb Free Space | 14,90% Space Free | Partition Type: NTFS Drive M: | 7,52 Gb Total Space | 1,78 Gb Free Space | 23,67% Space Free | Partition Type: FAT32 Drive N: | 7,42 Gb Total Space | 7,34 Gb Free Space | 98,94% Space Free | Partition Type: NTFS Computer Name: MERT-PC | User Name: Mert | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe PRC - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2012.02.12 11:54:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.01.12 00:29:00 | 028,201,096 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe PRC - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.09.07 19:15:46 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe PRC - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe PRC - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe PRC - [2011.08.22 12:34:38 | 000,484,008 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe PRC - [2011.08.22 12:34:38 | 000,400,040 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe PRC - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe PRC - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe PRC - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.21 06:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.09.14 02:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe PRC - [2009.12.21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe PRC - [2009.01.26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe ========== Modules (No Company Name) ========== MOD - [2012.02.16 14:46:23 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c3a30271ff59d68e8bb09a5e049de95\IAStorUtil.ni.dll MOD - [2012.02.15 22:13:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll MOD - [2012.02.15 22:13:03 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll MOD - [2012.02.15 22:12:59 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll MOD - [2012.02.15 22:12:52 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll MOD - [2012.02.15 22:12:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll MOD - [2012.02.15 22:12:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll MOD - [2012.02.15 22:12:46 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll MOD - [2012.02.14 13:16:21 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012.02.14 13:16:19 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2012.02.14 13:16:17 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll MOD - [2012.02.14 13:16:15 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll MOD - [2012.02.14 13:16:13 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll MOD - [2012.02.12 11:54:43 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.12.18 13:06:58 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\2abaab1dfbdf0db8f4bf0378d8599c98\IAStorCommon.ni.dll MOD - [2011.12.18 13:06:41 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2011.12.02 19:01:24 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll MOD - [2011.12.02 18:59:12 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll MOD - [2011.12.02 18:59:12 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll MOD - [2011.12.02 18:59:12 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll MOD - [2011.12.02 18:59:12 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll MOD - [2011.12.02 18:59:12 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll MOD - [2011.12.02 18:59:10 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll MOD - [2011.12.02 18:59:10 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll MOD - [2011.12.02 18:59:10 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll MOD - [2011.12.02 18:59:10 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll MOD - [2011.12.02 18:58:06 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll MOD - [2011.12.02 18:58:04 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll MOD - [2011.12.02 18:58:02 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll MOD - [2011.12.02 18:58:00 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll MOD - [2011.12.02 18:57:58 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll MOD - [2011.11.12 23:58:03 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.10.10 20:52:14 | 000,070,424 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll MOD - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe MOD - [2011.08.25 19:34:06 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd MOD - [2011.08.25 19:34:06 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd MOD - [2011.08.25 19:34:00 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd MOD - [2011.08.25 19:33:58 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd MOD - [2011.08.25 19:33:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd MOD - [2011.08.25 19:32:48 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd MOD - [2011.08.19 01:44:10 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.dll MOD - [2011.08.06 18:32:27 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll MOD - [2011.07.14 13:21:22 | 001,712,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll MOD - [2011.07.14 13:21:22 | 001,137,664 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll MOD - [2011.07.14 13:21:22 | 001,108,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll MOD - [2011.07.14 13:21:22 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll MOD - [2011.07.14 13:21:22 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll MOD - [2011.07.14 13:21:22 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll MOD - [2011.07.14 13:21:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll MOD - [2011.07.14 13:21:22 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll MOD - [2011.07.14 13:21:20 | 011,496,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll MOD - [2011.07.14 13:21:20 | 002,169,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll MOD - [2011.07.14 13:21:20 | 001,013,248 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll MOD - [2011.07.14 13:21:20 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll MOD - [2011.07.14 13:21:20 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll MOD - [2011.07.14 13:21:20 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll MOD - [2011.07.14 13:21:20 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll MOD - [2011.07.14 13:21:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll MOD - [2011.07.14 13:21:20 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll MOD - [2011.07.14 13:21:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll MOD - [2011.07.14 13:21:20 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll MOD - [2011.07.14 13:21:18 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll MOD - [2011.07.14 13:21:18 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll MOD - [2011.07.14 13:21:18 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll MOD - [2011.07.14 13:21:18 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll MOD - [2011.07.14 13:21:18 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll MOD - [2011.07.14 13:21:18 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll MOD - [2011.07.14 13:21:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll MOD - [2011.07.14 13:21:18 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll MOD - [2011.07.14 13:21:18 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpodcast_plugin.dll MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll MOD - [2011.07.14 13:21:16 | 001,776,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll MOD - [2011.07.14 13:21:16 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll MOD - [2011.07.14 13:21:16 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmediadirs_plugin.dll MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll MOD - [2011.07.14 13:21:14 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll MOD - [2011.07.14 13:21:14 | 000,265,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll MOD - [2011.07.14 13:21:14 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll MOD - [2011.07.14 13:21:14 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll MOD - [2011.07.14 13:21:14 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll MOD - [2011.07.14 13:21:14 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll MOD - [2011.07.14 13:21:14 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll MOD - [2011.07.14 13:21:14 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll MOD - [2011.07.14 13:21:14 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll MOD - [2011.07.14 13:21:14 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll MOD - [2011.07.14 13:21:14 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll MOD - [2011.07.14 13:21:14 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll MOD - [2011.07.14 13:21:14 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfolder_plugin.dll MOD - [2011.07.14 13:21:12 | 008,248,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll MOD - [2011.07.14 13:21:12 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll MOD - [2011.07.14 13:21:12 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll MOD - [2011.07.14 13:21:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll MOD - [2011.07.14 13:21:12 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll MOD - [2011.07.14 13:21:12 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll MOD - [2011.07.14 13:21:12 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll MOD - [2011.07.14 13:21:12 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll MOD - [2011.07.14 13:21:12 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll MOD - [2011.07.14 13:21:10 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll MOD - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe MOD - [2011.07.14 13:21:10 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll MOD - [2011.07.14 13:21:10 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll MOD - [2011.07.14 13:21:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll MOD - [2011.07.14 13:21:10 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll MOD - [2011.07.14 13:21:10 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll MOD - [2011.02.27 10:12:56 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll MOD - [2011.02.26 11:33:20 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32gui.pyd MOD - [2011.02.26 11:33:14 | 000,096,768 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd MOD - [2011.02.26 11:32:28 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd MOD - [2011.02.26 11:31:48 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd MOD - [2010.12.14 19:55:09 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.12.14 19:55:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.08.24 18:48:54 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd MOD - [2010.08.24 18:48:52 | 000,286,208 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd MOD - [2010.08.24 18:48:48 | 000,153,088 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd MOD - [2010.08.24 18:48:16 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd MOD - [2010.08.24 18:48:02 | 000,720,896 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd MOD - [2010.08.24 18:47:50 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd MOD - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe MOD - [2010.08.04 10:47:32 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyHook.dll MOD - [2008.06.19 16:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll MOD - [2008.03.05 08:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll MOD - [2008.03.04 13:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll MOD - [2008.02.26 10:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll MOD - [2007.12.24 00:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.09.24 02:58:30 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2012.01.31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011.11.28 13:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc) SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.09.03 03:32:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService) SRV - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld) SRV - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe -- (OpenVPNAccessClient) SRV - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd) SRV - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv) SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.12.30 23:28:03 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.11.08 22:04:26 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.15 22:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.09.20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.11.28 13:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.09.24 03:58:12 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.09.24 02:19:14 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.09.09 15:49:23 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.08.22 12:34:38 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.08.22 12:34:38 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.08.19 01:46:06 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas) DRV:64bit: - [2011.08.03 09:58:40 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:64bit: - [2011.07.26 18:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.28 22:36:54 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv) DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.08 22:04:26 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2010.09.21 07:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2010.09.21 02:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.09.14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.04.09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2009.11.12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "t-online.de" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M] [2011.08.06 18:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Extensions [2012.02.13 18:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Firefox\Profiles\savn4bdz.default\extensions [2011.11.10 13:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.09.29 15:42:09 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2012.02.12 11:54:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.08.18 20:54:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.18 20:54:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.08.18 20:54:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.08.18 20:54:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.08.18 20:54:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.08.18 20:54:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.11.08 23:54:39 | 000,000,994 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.94.0.1 client.openvpn.net O1 - Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe () O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D66314D-CC1A-4638-B8A7-13A8A44F9016}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{695F12FB-254F-4B60-85B6-14ABDFACA6B0}: DhcpNameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBACCCE-0E50-4BFA-9731-6C5BF2CEC6F6}: DhcpNameServer = 10.93.8.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC551D30-6EAB-4261-82AF-410F9902D3ED}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.19 19:52:08 | 000,000,000 | ---D | M] - M:\AutoHotKey -- [ FAT32 ] O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\index.html O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell - "" = AutoRun O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell\AutoRun\command - "" = K:\SETUP.EXE O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.18 21:52:07 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe [2012.02.18 21:52:06 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe [2012.02.18 21:39:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe [2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Nuaww [2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Koaqyd [2012.02.18 15:05:43 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Malwarebytes [2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.18 15:05:34 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.02.18 15:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.02.17 16:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.02.17 14:35:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.02.15 23:40:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\REFS [2012.02.15 15:29:48 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012.02.15 15:29:39 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012.02.15 15:29:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012.02.15 15:28:01 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012.02.15 15:27:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.02.15 15:27:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.02.15 15:27:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.02.15 15:27:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.02.15 15:27:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.02.15 15:27:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.02.15 15:27:51 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.02.15 15:27:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.02.15 15:27:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.02.15 15:27:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.02.15 15:27:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.02.15 15:27:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.02.15 15:27:50 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.02.15 15:27:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.02.15 15:27:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.02.12 18:55:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Steckbriefe CHEMIE [2012.02.10 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Skype [2012.02.10 22:12:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.02.10 22:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.02.10 22:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.02.05 14:52:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Electronic Arts [2012.02.04 00:16:25 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\libimobiledevice [2012.02.03 23:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012.02.01 15:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries [2012.02.01 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SteelSeries [2012.02.01 15:27:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\ElevatedDiagnostics [2012.01.31 15:23:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\TeamViewer [2012.01.30 22:13:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Rainmeter [2012.01.30 22:12:53 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Rainmeter [2012.01.30 22:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter [2012.01.30 22:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2012.01.30 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\Programme [2012.01.30 15:19:07 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager [2012.01.30 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\WBFS Manager Covers [2012.01.30 15:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\WBFS [2012.01.30 15:05:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\WBFSManager [2012.01.29 15:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WBFS [2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit [2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs [2012.01.28 20:21:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Diagnostics [2012.01.25 21:52:28 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.25 21:52:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.25 21:52:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.25 21:52:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.25 21:52:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.25 21:52:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.22 13:32:00 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\AutoHotKey [2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey [2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey [2012.01.21 13:14:01 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Realtime Soft [2012.01.21 13:13:11 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Realtime Soft [2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon [2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft [2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe [2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe [2012.02.18 21:40:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.02.18 21:16:28 | 003,870,904 | ---- | M] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe [2012.02.18 21:13:42 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.02.18 15:39:59 | 000,992,927 | ---- | M] () -- C:\Users\Mert\Desktop\Unbenannt.jpg [2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.18 15:00:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.18 14:59:55 | 2133,766,143 | -HS- | M] () -- C:\hiberfil.sys [2012.02.18 13:05:07 | 000,113,154 | ---- | M] () -- C:\Users\Mert\Desktop\vivi.jpg [2012.02.15 23:48:41 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.02.15 23:48:41 | 000,697,284 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.02.15 23:48:41 | 000,652,602 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.02.15 23:48:41 | 000,148,322 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.02.15 23:48:41 | 000,121,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.02.15 22:11:57 | 000,311,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.02.15 17:02:04 | 001,641,574 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.13 14:31:06 | 000,013,139 | ---- | M] () -- C:\Users\Mert\Documents\Lebenslauf.odt [2012.02.10 17:00:33 | 000,283,894 | ---- | M] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp [2012.02.04 00:20:06 | 001,290,907 | ---- | M] () -- C:\s630.4 [2012.02.04 00:20:06 | 000,698,449 | ---- | M] () -- C:\s630.5 [2012.01.30 22:10:42 | 000,001,723 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012.01.21 13:13:09 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.18 21:16:23 | 003,870,904 | ---- | C] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe [2012.02.18 15:39:59 | 000,992,927 | ---- | C] () -- C:\Users\Mert\Desktop\Unbenannt.jpg [2012.02.18 13:00:18 | 000,113,154 | ---- | C] () -- C:\Users\Mert\Desktop\vivi.jpg [2012.02.10 17:00:33 | 000,283,894 | ---- | C] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp [2012.02.04 00:20:06 | 001,290,907 | ---- | C] () -- C:\s630.4 [2012.02.04 00:20:06 | 000,698,449 | ---- | C] () -- C:\s630.5 [2012.01.30 22:10:42 | 000,001,723 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012.01.21 13:13:09 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2012.01.21 13:13:09 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk [2011.10.15 10:25:57 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat [2011.09.23 21:15:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.09.18 18:53:42 | 000,245,253 | ---- | C] () -- C:\Windows\hpoins19.dat [2011.09.18 18:53:42 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011.09.09 15:48:59 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.09.06 12:47:33 | 000,000,600 | ---- | C] () -- C:\Users\Mert\AppData\Local\PUTTY.RND [2011.09.01 15:37:42 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.28 12:47:46 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini [2011.08.19 14:56:44 | 000,000,233 | ---- | C] () -- C:\Windows\wininit.ini [2011.08.18 13:41:39 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.08.12 14:07:41 | 000,005,504 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2011.08.11 12:24:59 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.08.11 12:24:58 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.08.11 12:24:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.07 16:14:59 | 000,007,597 | ---- | C] () -- C:\Users\Mert\AppData\Local\Resmon.ResmonCfg [2011.08.06 18:00:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2010.12.30 23:24:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2010.12.30 23:15:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2007.04.14 11:24:26 | 000,103,552 | ---- | C] () -- C:\Program Files (x86)\gtaweap3.ttf ========== LOP Check ========== [2012.02.18 23:58:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\.minecraft [2011.08.12 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Canneverbe Limited [2011.11.09 13:23:56 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Dropbox [2012.02.18 15:29:43 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\FileZilla [2012.01.05 15:29:13 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\GetRightToGo [2011.10.17 14:46:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\HLSW [2012.02.18 15:05:22 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\ICQ [2012.02.18 21:30:46 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Koaqyd [2011.09.08 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\LolClient [2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Notepad++ [2012.02.18 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Nuaww [2011.08.06 17:43:37 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OEM [2011.09.01 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OpenOffice.org [2011.10.19 23:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Origin [2011.10.30 14:51:40 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\pdfforge [2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Rainmeter [2012.02.12 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SoftGrid Client [2011.11.12 23:54:16 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SplitMediaLabs [2011.10.16 21:32:49 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Subversion [2012.01.31 15:23:19 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TeamViewer [2011.09.01 15:38:10 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TP [2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TS3Client [2011.09.03 14:09:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Vodafone [2012.01.05 13:27:37 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Mit freundlichen Grüßen |
|
18.02.2012, 21:59
| #2 |
| | Zirkumflex und Akzent doppelt (Keylogger?) Hier der Extras-Log,
__________________Hat in den oberigen Post nicht reingepasst. Code:
ATTFilter OTL Extras logfile created on: 18.02.2012 21:52:43 - Run 1
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Mert\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 53,63% Memory free
15,96 Gb Paging File | 11,49 Gb Available in Paging File | 71,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,71 Gb Total Space | 291,63 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Drive D: | 456,71 Gb Total Space | 340,33 Gb Free Space | 74,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 138,76 Gb Free Space | 14,90% Space Free | Partition Type: NTFS
Drive M: | 7,52 Gb Total Space | 1,78 Gb Free Space | 23,67% Space Free | Partition Type: FAT32
Drive N: | 7,42 Gb Total Space | 7,34 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
Computer Name: MERT-PC | User Name: Mert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{537056B7-32A4-4408-9B54-0341963C7C9C}" = UltraMon
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{69B9EA74-CEF1-3AE9-FE26-3BB5601E29A6}" = ccc-utility64
"{6DC8FF97-A9CF-02F2-8FC1-F5E1B69A34E3}" = AMD AVIVO64 Codecs
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A125C1EA-3D24-D4CC-318A-CCBC62663E1B}" = AMD Drag and Drop Transcoding
"{A134DC03-2C81-C8D2-5476-D7D9AD3F43CC}" = AMD Catalyst Install Manager
"{A4FE25A0-9262-487A-9002-893FCBF16B18}" = TortoiseSVN 1.7.0.22068 (64 bit)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB2DC25C-BF52-CA8A-9957-52FBAD4E955C}" = AMD Media Foundation Decoders
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.11.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17BD95E5-2A54-0A2B-82D4-AC782217B3F8}" = CCC Help Thai
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1C78514A-5E5A-E653-1271-DAC1744206E3}" = HydraVision
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{203FB0BF-C26B-A69C-E603-E3FB448EFB9B}" = CCC Help Greek
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3000829F-3C20-16B9-EBF0-9665BD349DF1}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{354D756E-C1C4-7ABF-CC12-8DBA3A782625}" = CCC Help Norwegian
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2AD820-0C15-C863-F056-5501091E9B85}" = CCC Help Spanish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F101706-5B5F-99A7-59EE-1CF037FC2A10}" = CCC Help Czech
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54054F2E-03B7-2907-3452-3DB1EB85E973}" = CCC Help Dutch
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.7
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D237863-D917-17B9-1645-713A41FB8CC0}" = CCC Help Turkish
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F95709A-B60B-B099-AF6E-32FB078B0DFA}" = CCC Help French
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1" = Photo Frame
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{762F16BC-88B5-9689-4191-353FD630DA98}" = CCC Help Japanese
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7799BE29-0992-5FD9-5C44-17843E39A7AB}" = Catalyst Control Center Localization All
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81E6A0C5-53BA-91C4-E381-BAD1A3F1B04B}" = CCC Help English
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{85030773-2A43-8ACE-F6FD-29958AE19924}" = CCC Help Italian
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F0F75F-A226-0399-053D-61448AA4E6F8}" = CCC Help Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99F1ADE8-AF52-58B6-9F72-0D88ED512616}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A03E4302-F387-47F3-8136-6D9D9286CD3B}" = SteelSeries Kinzu Optical Mouse
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4164865-081E-5539-FE40-FA24A909AB30}" = CCC Help Danish
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5C57B21-E40C-4091-84AD-25D0A9E28587}" = OpenVPN Connect
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF112B8F-D0B5-3421-BDF1-76CC3A8504A5}" = CCC Help German
"{E089C847-6667-BDA0-A9A3-42C79748E291}" = CCC Help Polish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8E5C24D-C43D-32F9-9F10-A7113F5D16F8}" = CCC Help Korean
"{E9876984-35CE-4D31-2408-86154AD2AB91}" = CCC Help Swedish
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{eaae683d-4274-4537-875b-36cd7b95d402}" = Nero 9 Essentials
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBC5D379-7166-D9C6-1FB7-CB1658E125D1}" = CCC Help Chinese Traditional
"{ED082826-CCAC-1F22-67B3-40E6149AB56C}" = CCC Help Finnish
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F31B5936-E765-BF72-EB28-AF4E71966842}" = CCC Help Chinese Standard
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F5DB4726-E7D3-2400-13F9-C470A3C9FD1F}" = Catalyst Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FC384AF3-A370-2EE7-3F65-965C3819780B}" = Catalyst Control Center InstallProxy
"{FCBEFF93-3A91-F55E-4CB6-DD6E30B84964}" = CCC Help Hungarian
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.5.0
"FlyVPN" = FlyVPN
"HLSW_is1" = HLSW v1.3.3.7b
"Hotkey Utility" = Hotkey Utility
"HotspotShield" = Hotspot Shield 2.07
"Identity Card" = Identity Card
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenVPN" = OpenVPN 2.1.4
"Origin" = Origin
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"Project Reality: BF2 (pr)_is1" = Project Reality: BF2
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 4000" = Garry's Mod
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 550" = Left 4 Dead 2
"TeamViewer 6" = TeamViewer 6
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"WBFS Manager 3.0" = WBFS Manager 3.0
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WT088283" = Plants vs. Zombies
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.02.2012 07:52:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x5feff119
ID
des fehlerhaften Prozesses: 0xd88 Startzeit der fehlerhaften Anwendung: 0x01cce3fa80e4e159
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
eb42d2be-4fef-11e1-8bba-b5d4120d9aa2
Error - 05.02.2012 09:40:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: java.exe, Version: 6.0.260.3, Zeitstempel:
0x4dc11607 Name des fehlerhaften Moduls: java.dll, Version: 6.0.260.3, Zeitstempel:
0x4dc14bf1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004e2f ID des fehlerhaften Prozesses:
0x10dc Startzeit der fehlerhaften Anwendung: 0x01cce40bc20ec688 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Java\jre6\bin\java.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\Java\jre6\bin\java.dll Berichtskennung: 019d95a1-4fff-11e1-8bba-b5d4120d9aa2
Error - 06.02.2012 10:29:50 | Computer Name = Mert-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.02.2012 10:30:59 | Computer Name = Mert-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 06.02.2012 17:02:11 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x62b6f119
ID
des fehlerhaften Prozesses: 0x135c Startzeit der fehlerhaften Anwendung: 0x01cce50cf034a455
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
d5c79edd-5105-11e1-94d2-82e2616115d4
Error - 07.02.2012 12:20:45 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x6116f119
ID
des fehlerhaften Prozesses: 0x1514 Startzeit der fehlerhaften Anwendung: 0x01cce5a94640dc95
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
af623f32-51a7-11e1-b1e9-9e63525640a5
Error - 07.02.2012 17:03:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x62bdf119
ID
des fehlerhaften Prozesses: 0x8ac Startzeit der fehlerhaften Anwendung: 0x01cce5d4c5fa6afc
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
397919ba-51cf-11e1-ab3e-e0924cc1d4a4
Error - 08.02.2012 18:00:14 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x62bff119
ID
des fehlerhaften Prozesses: 0x1b74 Startzeit der fehlerhaften Anwendung: 0x01cce6ac0b8c0124
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
46c1e6bb-52a0-11e1-891c-93343de406a2
Error - 09.02.2012 10:36:05 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ee862ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x635df119
ID
des fehlerhaften Prozesses: 0xe0 Startzeit der fehlerhaften Anwendung: 0x01cce73447b9a479
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
6515bb19-532b-11e1-942f-dde2dd7a27a5
Error - 09.02.2012 18:24:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4ea78f27 Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4f28cccc Ausnahmecode: 0xc0000005 Fehleroffset: 0x6345f1c9
ID
des fehlerhaften Prozesses: 0x8a4 Startzeit der fehlerhaften Anwendung: 0x01cce772c8acc5f9
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
df227b1b-536c-11e1-9950-b571ff864aa2
[ System Events ]
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Hotspot Shield Service" ist vom Dienst "DHCP-Client" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application
Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1068
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD avipbb DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
Error - 18.02.2012 09:53:52 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 18.02.2012 10:00:25 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
< End of report >
|
|
| Themen zu Zirkumflex und Akzent doppelt (Keylogger?) |
| antivir, antivir guard, autorun, avira, bho, bonjour, cdburnerxp, desktop, error, firefox, format, google, hijack, home, hotspot, hotspot shield, internet, internet explorer, logfile, mozilla, notification, origin, packard bell, pando media booster, plug-in, problem, realtek, registry, rundll, safer networking, security, software, trojaner, version=1.0, windows |
Linear-Darstellung
