| |
| |||||||
Log-Analyse und Auswertung: Computer deutlich langsamer; wirklich ein Virus/Malware?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.04.2012, 20:37
| #1 |
| |  Computer deutlich langsamer; wirklich ein Virus/Malware? Hallo Leute, Mein Computer ist seit einiger Zeit deutlich langsamer! Ehrlich gesagt, ist das nichts bemerkenswertes für Computer. Aber ich habe jetzt meinen Computer mal bereinigt und es wird nicht wirklich besser. Zudem kann Avira Free Antivirus nichts finden (Ja, Avira ist Müll..!). Dazu kommt noch, das mein Rechner ewig zum Herunterfahren braucht (Trotz richtiger Einstellungen über 2 Minuten). Ich habe zwar keine richtige Anzeichen für Schädlinge, würde mich aber freuen, wenn ein Experte sich meine Log-Files anschauen könnte, da ich nichts verdächtiges finde. Ich hoffe, ich habe alles wichtige beachtet! Danke schon einmal, Gruß! Code:
ATTFilter .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Thilo at 21:11:09 on 2012-04-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2895 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\WireHelpSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uPolicies-explorer: NoFavoritesMenu = 0100000000000000
uPolicies-explorer: nologoff = 1 (0x1)
uPolicies-explorer: noclose = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{46C8D141-1684-4E05-A455-8D768A510A77} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{83B6CFD2-0C5B-47EB-831B-9748142E8627} : DhcpNameServer = 192.168.60.250
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
{0347C33E-8762-4905-BF09-768834316C61}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\fsyhceci.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.ftp - 72.64.146.73
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 72.64.146.73
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 72.64.146.73
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 72.64.146.73
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
R1 BIOS;BIOS;C:\Windows\System32\drivers\BIOS64.sys [2010-9-9 14136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 ESLWireAC;ESLWireAC;\??\C:\Windows\system32\drivers\ESLWireACD.sys --> C:\Windows\system32\drivers\ESLWireACD.sys [?]
R2 WireHelpSvc;WireHelpSvc;C:\Program Files\Common Files\WireHelpSvc.exe [2012-1-11 168864]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 avmaudio;AVM Audio;C:\Windows\system32\DRIVERS\avmaudio.sys --> C:\Windows\system32\DRIVERS\avmaudio.sys [?]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;C:\Windows\system32\DRIVERS\ESLvnic.sys --> C:\Windows\system32\DRIVERS\ESLvnic.sys [?]
R3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\system32\DRIVERS\fwlanusb.sys --> C:\Windows\system32\DRIVERS\fwlanusb.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253600]
S3 avmeject;AVM Eject;C:\Windows\system32\drivers\avmeject.sys --> C:\Windows\system32\drivers\avmeject.sys [?]
S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]
S3 MHIKEY10;MHIKEY10;C:\Windows\system32\Drivers\MHIKEY10x64.sys --> C:\Windows\system32\Drivers\MHIKEY10x64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2012-04-12 15:33:40 -------- d-----w- C:\AVZ
2012-04-12 01:02:56 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-12 01:02:56 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-12 01:02:56 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-12 01:00:41 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-12 01:00:41 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-12 01:00:41 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-12 01:00:41 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-12 01:00:41 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-12 01:00:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-12 01:00:41 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-10 13:42:34 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D835269-2EF9-4A26-BA20-7A434182CAFC}\mpengine.dll
2012-04-07 13:09:19 -------- d-----w- C:\Users\Anwender\Sina USB
2012-04-03 11:30:02 8767136 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-03 11:20:30 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-31 14:27:06 -------- d-----w- C:\Users\Anwender\AppData\Roaming\Teeworlds
2012-03-31 13:05:18 -------- d-----w- C:\Program Files\iPod
2012-03-31 13:05:17 -------- d-----w- C:\Program Files\iTunes
2012-03-28 15:45:26 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-03-27 13:28:57 -------- d-----w- C:\ProgramData\EA Logs
2012-03-26 15:49:59 -------- d-----w- C:\Users\Anwender\AppData\Roaming\Get from YouTube
2012-03-26 15:49:30 -------- d-----w- C:\Users\Anwender\AppData\Roaming\Music Editor Free
2012-03-25 12:30:53 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-25 12:30:53 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-24 12:45:38 -------- d-----w- C:\Program Files (x86)\SoundSpectrum
2012-03-24 11:22:04 -------- d-----w- C:\Program Files (x86)\iTunes
2012-03-17 03:46:09 -------- d-----w- C:\Users\Anwender\AppData\Roaming\SynthMaker
2012-03-14 12:59:59 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 12:59:54 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 12:59:54 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 12:57:56 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-14 12:57:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-14 12:57:56 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-14 12:57:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-14 12:57:47 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-14 12:57:46 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 12:57:46 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-13 22:33:29 -------- d-----w- C:\Users\Anwender\AppData\Roaming\Image-Line
2012-03-13 22:07:14 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2012-03-13 22:07:11 -------- d-----w- C:\Program Files (x86)\Outsim
2012-03-13 22:04:15 -------- d-----w- C:\Program Files (x86)\Image-Line
.
==================== Find3M ====================
.
2012-04-03 11:30:10 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-27 14:07:05 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-03-27 14:06:48 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-03-11 13:01:19 116096 ----a-w- C:\Windows\System32\drivers\avmaudio.sys
2012-03-11 13:01:17 32256 ----a-w- C:\Windows\System32\MiniInstaller.dll
2012-03-04 21:06:14 268435456 --sha-w- C:\swapfile.sys
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-15 10:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 10:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-02-06 20:48:08 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2011-11-28 12:21:00 168864 ----a-w- C:\Program Files\Common Files\WireHelpSvc.exe
.
============= FINISH: 21:11:54,47 ===============
|
|
13.04.2012, 07:08
| #2 | ||
| /// Helfer-Team    |  Computer deutlich langsamer; wirklich ein Virus/Malware? Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
2. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Zitat:
kira
__________________ |
|
13.04.2012, 17:16
| #3 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira,
__________________Danke für die schnelle Antwort. Ich war mir nicht ganz sicher, wie ich den Scan mit "OTL" ausführen sollte, da hier: http://www.trojaner-board.de/85104-o...-oldtimer.html die selbe Anleitung stand, aber auf dem Bild beschrieben wurde, dass "LOP Prüfung" und "Purity Prüfung" ausgewählt werden sollte. Somit habe ich den Scann zur Sicherheit zwei mal durchgeführt, das erste mal ohne die beiden Prüfungen (Im Code) und das zweite mal mit den beiden Prüfungen (Als Anhang). Sonst war eigentlich alles klar  Gruß Extras.Txt: Code:
ATTFilter OTL Extras logfile created on: 13.04.2012 17:53:05 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 69,44% Memory free
8,00 Gb Paging File | 6,62 Gb Available in Paging File | 82,83% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 288,86 Gb Free Space | 62,03% Space Free | Partition Type: NTFS
Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.11.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"sp6" = Logitech SetPoint 6.32
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B94CF00-3A9C-AEBF-265D-EABF6EC11CEA}" = Catalyst Control Center InstallProxy
"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional
"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian
"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{36E15666-43C1-91A7-0281-498F9D383B2C}" = simfy
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish
"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D0042A0-9064-4C7F-B906-3EAC4427EE07}_is1" = Counter-Strike Source DZ
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German
"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech
"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish
"{BCAF3D46-3BDA-441F-97B9-3878ACD0CD4F}_is1" = Half-Life 2 (Addon) DZ
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1
"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian
"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch
"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 1.2.6
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Origin" = Origin
"Simfy" = simfy
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"TrueCrypt" = TrueCrypt
"Visual C++ 6.0 Autoren Edition (deu)" = Microsoft Visual C++ 6.0 Autoren Edition (Deutsch)
"VLC media player" = VLC media player 1.1.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"GeoGebra 4.0" = GeoGebra 4.0
"GeoGebraPrim" = GeoGebraPrim
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.03.2012 13:51:02 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 27.03.2012 08:37:11 | Computer Name = Anwender-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.03.2012 08:58:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.03.2012 08:38:04 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.03.2012 11:36:24 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.03.2012 11:36:36 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.03.2012 11:49:35 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2012 17:12:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 30.03.2012 11:54:19 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 30.03.2012 12:11:27 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 13.02.2011 10:27:17 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:27:10 - Fehler beim Herstellen der Internetverbindung. 15:27:10
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 11:27:23 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:23 - Fehler beim Herstellen der Internetverbindung. 16:27:23
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 11:27:31 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:28 - Fehler beim Herstellen der Internetverbindung. 16:27:28
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 12:27:35 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 17:27:35 - Fehler beim Herstellen der Internetverbindung. 17:27:35
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 12:27:41 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 17:27:40 - Fehler beim Herstellen der Internetverbindung. 17:27:40
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 13:27:46 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 18:27:46 - Fehler beim Herstellen der Internetverbindung. 18:27:46
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 13:27:52 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 18:27:51 - Fehler beim Herstellen der Internetverbindung. 18:27:51
- Serververbindung konnte nicht hergestellt werden..
Error - 20.02.2011 10:12:42 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:12:42 - Fehler beim Herstellen der Internetverbindung. 15:12:42
- Serververbindung konnte nicht hergestellt werden..
Error - 20.02.2011 10:12:54 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:12:47 - Fehler beim Herstellen der Internetverbindung. 15:12:47
- Serververbindung konnte nicht hergestellt werden..
Error - 23.02.2011 11:27:05 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:04 - Fehler beim Herstellen der Internetverbindung. 16:27:04
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 13.04.2012 00:17:23 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 00:17:30 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 00:17:37 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 00:17:44 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 00:18:33 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 00:18:40 | Computer Name = Anwender-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 13.04.2012 10:12:23 | Computer Name = Anwender-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ISODisk.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 13.04.2012 10:12:36 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
AMD FUEL Service erreicht.
Error - 13.04.2012 10:12:36 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 13.04.2012 10:12:42 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ISODisk
< End of report >
Code:
ATTFilter OTL logfile created on: 13.04.2012 17:51:15 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 69,44% Memory free 8,00 Gb Paging File | 6,62 Gb Available in Paging File | 82,83% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 288,86 Gb Free Space | 62,03% Space Free | Partition Type: NTFS Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Anwender\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) ========== Modules (No Company Name) ========== MOD - C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll () MOD - C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\avutil-51.dll () MOD - C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\avformat-53.dll () MOD - C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\avcodec-53.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (WireHelpSvc) -- C:\Programme\Common Files\WireHelpSvc.exe () SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>) DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (MHIKEY10) -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys (Generic USB smartcard reader) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (BIOS) -- C:\Windows\SysNative\drivers\BIOS64.sys (BIOSTAR Group) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan) DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (BIOS) -- C:\Windows\SysWOW64\drivers\BIOS64.sys (BIOSTAR Group) DRV - (ISODisk) -- C:\Windows\SysWow64\drivers\ISODisk.sys () DRV - (Winsock) -- C:\Windows\SysWow64\WINSOCK.SRG () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 82 0B 4B 42 A2 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..network.proxy.backup.ftp: "72.64.146.73" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.socks: "72.64.146.73" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "72.64.146.73" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "72.64.146.73" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "72.64.146.73" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "72.64.146.73" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "72.64.146.73" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.25 14:30:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 17:39:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] [2010.12.31 14:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Extensions [2012.04.02 20:33:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions [2011.08.06 17:03:51 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.03.31 01:46:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.03.25 15:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.03.25 15:21:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI [2012.03.25 14:30:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.06.12 19:07:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.11 23:00:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.11 23:00:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.11 23:00:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.11 23:00:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.11 23:00:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.11 23:00:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Google-Suche = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: stern.de = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = Reg Error: Unknown registry data type File not found O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: nologoff = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: noclose = 1 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46C8D141-1684-4E05-A455-8D768A510A77}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83B6CFD2-0C5B-47EB-831B-9748142E8627}: DhcpNameServer = 192.168.60.250 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysNative\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\Shell\AutoRun\command - "" = K:\pushinst.exe O33 - MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\Shell - "" = AutoRun O33 - MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.04.13 17:44:15 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Desktop\Neuer Ordner [2012.04.13 17:43:59 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Anwender\Desktop\OTL.exe [2012.04.12 17:33:40 | 000,000,000 | ---D | C] -- C:\AVZ [2012.04.12 03:02:56 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.04.12 03:02:56 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.04.12 03:02:56 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.04.12 03:00:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.04.12 03:00:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012.04.12 03:00:41 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012.04.07 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Sina USB [2012.04.07 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\U3 [2012.04.05 03:08:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Christentum [2012.04.03 13:30:02 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.04.03 13:20:30 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.03.31 16:27:06 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Teeworlds [2012.03.31 15:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.03.31 15:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.03.31 15:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.03.28 17:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.03.28 17:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2012.03.27 15:30:28 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Battlefield 3 [2012.03.27 15:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.03.26 17:49:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Get from YouTube [2012.03.26 17:49:30 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Music Editor Free [2012.03.25 15:28:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.03.25 15:21:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.03.25 15:21:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.03.25 15:21:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.03.25 03:27:13 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SoundSpectrum [2012.03.24 14:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundSpectrum [2012.03.24 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.03.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Downloads [2012.03.17 05:46:09 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SynthMaker ========== Files - Modified Within 30 Days ========== [2012.04.13 17:46:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Anwender\Desktop\OTL.exe [2012.04.13 17:42:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001UA.job [2012.04.13 17:29:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.13 16:19:51 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.13 16:19:51 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.13 16:12:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.13 16:12:26 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2012.04.13 00:42:01 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001Core.job [2012.04.12 20:47:19 | 000,000,000 | ---- | M] () -- C:\Users\Anwender\defogger_reenable [2012.04.12 20:44:56 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.04.12 20:44:56 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.04.12 20:44:56 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.04.12 20:44:56 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.04.12 20:44:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.04.12 18:08:45 | 000,000,035 | ---- | M] () -- C:\Windows\SIERRA.INI [2012.04.03 13:30:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.04.03 13:30:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.04.03 13:30:02 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.03.27 16:07:05 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.03.27 16:06:48 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.03.26 16:40:38 | 000,295,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.04.12 20:47:19 | 000,000,000 | ---- | C] () -- C:\Users\Anwender\defogger_reenable [2012.04.03 13:20:33 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.03.11 14:48:02 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp [2012.03.05 17:45:20 | 000,009,600 | ---- | C] () -- C:\Windows\SysWow64\drivers\ISODisk.sys [2012.03.04 21:36:37 | 000,181,132 | ---- | C] () -- C:\Windows\hpoins29.dat [2012.03.04 21:36:37 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat [2012.02.10 20:58:24 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.01.11 15:10:38 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.12.28 20:53:02 | 000,000,035 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.06.05 10:11:06 | 001,777,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.14 22:48:53 | 000,283,470 | ---- | C] () -- C:\Windows\LOGO.SYS.jpg [2011.04.23 13:41:44 | 000,007,634 | ---- | C] () -- C:\Users\Anwender\AppData\Local\Resmon.ResmonCfg [2011.04.09 23:40:05 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.09 13:02:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin < End of report > Code:
ATTFilter Adobe AIR Adobe Systems Incorporated 01.01.2012 3.1.0.4880
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 02.04.2012 6,00MB 11.2.202.228
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 02.04.2012 6,00MB 11.2.202.228
Adobe Reader 9.4.6 Adobe Systems Incorporated 15.09.2011 147,3MB 9.4.6
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 21.05.2011 11.5.9.620
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 21.02.2012 26,3MB 3.0.859.0
Apple Application Support Apple Inc. 23.03.2012 61,0MB 2.1.7
Apple Mobile Device Support Apple Inc. 23.03.2012 24,5MB 5.1.1.4
Apple Software Update Apple Inc. 22.08.2011 2,38MB 2.1.3.127
Audacity 1.2.6 10.12.2011
AVM FRITZ!WLAN AVM Berlin 30.12.2010
Battlefield 3™ Electronic Arts 17.01.2012 1.0.0.0
Battlelog Web Plugins EA Digital Illusions CE AB 26.03.2012 1.118.0
Bonjour Apple Inc. 03.12.2011 2,04MB 3.0.0.10
Call of Duty: Black Ops Treyarch 02.01.2011
Call of Duty: Black Ops - Multiplayer Treyarch 02.01.2011
CCleaner Piriform 11.04.2012 3.17
CodeBlocks The Code::Blocks Team 02.04.2011 10.05
Counter-Strike Source DZ DiGiTALZONE 08.04.2011 4.057MB 20
ESL Wire 1.11.1 Turtle Entertainment GmbH 11.01.2012 59,7MB
ESN Sonar ESN Social Software AB 17.01.2012 0.70.0
Far Cry 2 Ubisoft 08.04.2011 1.00.00
FL Studio 10 Image-Line 13.03.2012
Free Audio Dub version 1.7.9.908 DVDVideoSoft Ltd. 25.03.2012 37,4MB 1.7.9.908
Free YouTube Download version 3.0.19.1206 DVDVideoSoft Ltd. 10.12.2011 68,7MB
Free YouTube to MP3 Converter version 3.10.17.221 DVDVideoSoft Ltd. 02.03.2012 71,5MB 3.10.17.221
GeoGebra 4.0 International GeoGebra Institute 05.10.2011
GeoGebraPrim International GeoGebra Institute 27.11.2011
Google Chrome Google Inc. 28.01.2012 18.0.1025.152
HP Customer Participation Program 13.0 HP 03.03.2012 13.0
HP Imaging Device Functions 13.0 HP 03.03.2012 13.0
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 HP 03.03.2012 13.0
HP Photosmart Essential 3.5 HP 03.03.2012 3.5
HP Smart Web Printing 4.51 HP 03.03.2012 4.51
HP Solution Center 13.0 HP 03.03.2012 13.0
ISODisk 1.1 ISODisk.com 04.03.2012
iTunes Apple Inc. 30.03.2012 156,9MB 10.6.1.7
Java(TM) 6 Update 22 Oracle 24.03.2012 97,1MB 6.0.220
Java(TM) 6 Update 26 Oracle 11.06.2011 97,1MB 6.0.260
Java(TM) 6 Update 26 (64-bit) Oracle 11.06.2011 91,6MB 6.0.260
Logitech GamePanel Software 3.03.133 Logitech Inc. 23.12.2011 53,8MB 3.03.133
Logitech SetPoint 6.32 Logitech 10.12.2011 39,1MB 6.32.20
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 08.09.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 08.09.2010 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 04.06.2011 52,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 04.06.2011 10,7MB 4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 04.06.2011 83,5MB 4.0.30319
Microsoft Visual C++ 6.0 Autoren Edition (Deutsch) 09.02.2012
Mozilla Firefox 11.0 (x86 de) Mozilla 24.03.2012 37,5MB 11.0
OpenOffice.org 3.3 OpenOffice.org 24.03.2012 435MB 3.3.9567
Origin Electronic Arts, Inc. 26.03.2012 8.5.0.4554
Paint.NET v3.5.8 dotPDN LLC 19.05.2011 10,4MB 3.58.0
Pando Media Booster Pando Networks Inc. 14.08.2011 5,47MB 2.3.6.0
QuickTime Apple Inc. 21.02.2012 73,3MB 7.71.80.42
Realtek 8136 8168 8169 Ethernet Driver Realtek 08.09.2010 1.00.0006
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 08.09.2010 6.0.1.5928
simfy simfy GmbH 01.01.2012 1.6.2
Skype™ 5.6 Skype Technologies S.A. 15.10.2011 19,5MB 5.6.110
Steam Valve Corporation 02.01.2011 1,49MB 1.0.0.0
TrueCrypt TrueCrypt Foundation 14.12.2011 7.1
VirtualDJ Home FREE Atomix Productions 28.02.2012 48,4MB 7.0.5
VLC media player 1.1.7 VideoLAN 05.02.2011 1.1.7
WinRAR 30.12.2010
|
|
13.04.2012, 21:17
| #4 | |
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware? 1. Zitat:
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..network.proxy.backup.ftp: "72.64.146.73"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "72.64.146.73"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "72.64.146.73"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "72.64.146.73"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "72.64.146.73"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "72.64.146.73"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "72.64.146.73"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
[2012.02.11 23:00:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.11 23:00:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = Reg Error: Unknown registry data type File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: nologoff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: noclose = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\Shell\AutoRun\command - "" = K:\pushinst.exe
O33 - MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\Shell - "" = AutoRun
O33 - MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
[2012.04.13 17:42:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001UA.job
[2012.04.13 00:42:01 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001Core.job
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
2. Deine Javaversion ist nicht aktuell! Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen: → Systemsteuerung → Software → deinstallieren... → Rechner neu aufstarten → Downloade nun die Offline-Version von Java "Empfohlen Version 6 Update 31 " von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 2. Java aktualisieren- über Systemsteuerung-> Nach Update suchen... oder: Downloade nun die Offline-Version von Java "Empfohlen Version 6 Update 31 " von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen. 3. Adobe Reader aktualisieren : - Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 4. reinige dein System mit CCleaner:
5.
6. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 7. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< 8. erneut einen Scan mit OTL:
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
14.04.2012, 19:28
| #5 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira, vielen Dank, das du mir so gut hilfst!! Der Fehler, dass Windows so lange zum Herunterfahren bleibt, besteht leider weiterhin. OTL Fix Log: Code:
ATTFilter ========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "https://www.google.de/" removed from browser.startup.homepage
Prefs.js: "72.64.146.73" removed from network.proxy.backup.ftp
Prefs.js: 3128 removed from network.proxy.backup.ftp_port
Prefs.js: "72.64.146.73" removed from network.proxy.backup.socks
Prefs.js: 3128 removed from network.proxy.backup.socks_port
Prefs.js: "72.64.146.73" removed from network.proxy.backup.ssl
Prefs.js: 3128 removed from network.proxy.backup.ssl_port
Prefs.js: "72.64.146.73" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "72.64.146.73" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "72.64.146.73" removed from network.proxy.socks
Prefs.js: 3128 removed from network.proxy.socks_port
Prefs.js: "72.64.146.73" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Anwender\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoClose deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFavoritesMenu deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\nologoff deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\noclose deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9040f88b-14d7-11e0-b66a-806e6f6e6963}\ not found.
File K:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9040f91b-14d7-11e0-b66a-00306776e90f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9040f91b-14d7-11e0-b66a-00306776e90f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9040f91b-14d7-11e0-b66a-00306776e90f}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File J:\LaunchU3.exe -a not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960291654-816558809-1824353052-1001Core.job moved successfully.
OTL by OldTimer - Version 3.2.39.2 log created on 04142012_004307
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 04/14/2012 at 04:51 PM
Application Version : 5.0.1146
Core Rules Database Version : 8458
Trace Rules Database Version: 6270
Scan type : Complete Scan
Total Scan Time : 01:25:19
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 517
Memory threats detected : 0
Registry items scanned : 67100
Registry threats detected : 0
File items scanned : 97775
File threats detected : 6
Adware.Tracking Cookie
C:\USERS\SO\AppData\Roaming\Microsoft\Windows\Cookies\T09JPIP9.txt [ Cookie:so@apmebf.com/ ]
C:\USERS\SO\AppData\Roaming\Microsoft\Windows\Cookies\YQBQOHAG.txt [ Cookie:so@mediaplex.com/ ]
C:\USERS\SO\AppData\Roaming\Microsoft\Windows\Cookies\J8YYSAGQ.txt [ Cookie:so@atdmt.com/ ]
C:\USERS\SO\Cookies\T09JPIP9.txt [ Cookie:so@apmebf.com/ ]
C:\USERS\SO\Cookies\YQBQOHAG.txt [ Cookie:so@mediaplex.com/ ]
C:\USERS\SO\Cookies\J8YYSAGQ.txt [ Cookie:so@atdmt.com/ ]
Code:
ATTFilter OTL logfile created on: 14.04.2012 20:20:13 - Run 2 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 69,75% Memory free 8,00 Gb Paging File | 6,19 Gb Available in Paging File | 77,47% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 288,32 Gb Free Space | 61,92% Space Free | Partition Type: NTFS Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.04.13 17:46:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Anwender\Desktop\OTL.exe PRC - [2012.01.04 17:58:25 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe ========== Modules (No Company Name) ========== MOD - [2012.04.12 09:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll MOD - [2012.04.12 09:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll MOD - [2012.04.12 09:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll MOD - [2012.04.12 09:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll MOD - [2012.04.12 09:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll MOD - [2012.04.12 08:51:55 | 008,743,584 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll MOD - [2012.04.12 08:51:55 | 008,743,584 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\APPLIC~1\180102~1.162\gcswf32.dll MOD - [2012.04.02 14:07:05 | 020,297,512 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2012.04.02 14:07:04 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012.04.02 14:07:04 | 000,907,048 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2012.04.02 14:07:04 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012.04.02 14:07:04 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.11.09 23:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012.04.14 18:30:14 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.01.05 14:12:30 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.11.28 14:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc) SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.11 15:01:19 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.20 19:46:48 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2011.12.15 23:40:44 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.11.28 14:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:64bit: - [2011.11.28 14:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2010.09.15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10) DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.03 10:11:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.10 15:10:47 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BIOS64.sys -- (BIOS) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2007.08.20 11:05:02 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64) DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2011.06.24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.06.10 15:10:47 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\BIOS64.sys -- (BIOS) DRV - [2006.04.26 02:03:56 | 000,009,600 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ISODisk.sys -- (ISODisk) DRV - [1998.05.07 01:00:00 | 000,000,111 | ---- | M] () [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.SRG -- (Winsock) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 82 0B 4B 42 A2 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: "" FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: "" FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: "" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.25 14:30:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.14 15:17:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] [2010.12.31 14:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Extensions [2012.04.14 17:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions [2011.08.06 17:03:51 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.03.31 01:46:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.04.14 01:32:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.04.14 01:32:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI [2012.03.25 14:30:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.14 01:32:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.11 23:00:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.11 23:00:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.11 23:00:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.11 23:00:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Google-Suche = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: stern.de = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46C8D141-1684-4E05-A455-8D768A510A77}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83B6CFD2-0C5B-47EB-831B-9748142E8627}: DhcpNameServer = 192.168.60.250 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysNative\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.04.14 17:14:53 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Desktop\AntiVirus [2012.04.14 17:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.04.14 15:25:08 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SUPERAntiSpyware.com [2012.04.14 15:24:17 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.04.14 15:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012.04.14 15:24:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012.04.14 15:22:07 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Sicherheit [2012.04.14 15:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.04.14 01:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.04.14 01:32:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.04.14 01:32:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.04.14 01:32:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.04.14 00:43:07 | 000,000,000 | ---D | C] -- C:\_OTL [2012.04.13 17:43:59 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Anwender\Desktop\OTL.exe [2012.04.12 17:33:40 | 000,000,000 | ---D | C] -- C:\AVZ [2012.04.12 03:02:56 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.04.12 03:02:56 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.04.12 03:02:56 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.04.12 03:00:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.04.12 03:00:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012.04.12 03:00:41 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012.04.07 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Sina USB [2012.04.07 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\U3 [2012.04.05 03:08:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Christentum [2012.04.03 13:30:02 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.04.03 13:20:30 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.03.31 16:27:06 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Teeworlds [2012.03.31 15:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.03.31 15:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.03.31 15:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.03.28 17:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.03.28 17:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2012.03.27 15:30:28 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Battlefield 3 [2012.03.27 15:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.03.26 17:49:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Get from YouTube [2012.03.26 17:49:30 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Music Editor Free [2012.03.25 15:28:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.03.25 03:27:13 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SoundSpectrum [2012.03.24 14:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundSpectrum [2012.03.24 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.03.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Downloads [2012.03.17 05:46:09 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SynthMaker ========== Files - Modified Within 30 Days ========== [2012.04.14 19:29:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.14 18:30:14 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.04.14 18:30:14 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.04.14 18:30:08 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.04.14 14:06:22 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.14 14:06:22 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.14 13:58:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.14 13:57:58 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2012.04.14 01:32:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.04.14 01:32:09 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.04.14 01:32:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.04.14 01:32:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.04.13 17:46:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Anwender\Desktop\OTL.exe [2012.04.12 20:44:56 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.04.12 20:44:56 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.04.12 20:44:56 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.04.12 20:44:56 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.04.12 20:44:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.04.12 18:08:45 | 000,000,035 | ---- | M] () -- C:\Windows\SIERRA.INI [2012.03.27 16:07:05 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.03.27 16:06:48 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.03.26 16:40:38 | 000,295,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.04.14 15:17:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.04.03 13:20:33 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.03.11 14:48:02 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp [2012.03.05 17:45:20 | 000,009,600 | ---- | C] () -- C:\Windows\SysWow64\drivers\ISODisk.sys [2012.03.04 21:36:37 | 000,181,132 | ---- | C] () -- C:\Windows\hpoins29.dat [2012.03.04 21:36:37 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat [2012.02.10 20:58:24 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.01.11 15:10:38 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.12.28 20:53:02 | 000,000,035 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.06.05 10:11:06 | 001,777,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.14 22:48:53 | 000,283,470 | ---- | C] () -- C:\Windows\LOGO.SYS.jpg [2011.04.23 13:41:44 | 000,007,634 | ---- | C] () -- C:\Users\Anwender\AppData\Local\Resmon.ResmonCfg [2011.04.09 23:40:05 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.09 13:02:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== LOP Check ========== [2011.11.30 19:38:56 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\.minecraft [2011.12.17 18:09:39 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\concept design [2012.03.03 13:16:54 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\DVDVideoSoft [2011.12.11 01:57:44 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers [2012.03.26 17:49:59 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Get from YouTube [2012.03.17 19:19:32 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\GetRightToGo [2012.03.14 00:33:29 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Image-Line [2011.10.05 19:04:57 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Leadertech [2011.05.20 23:26:53 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\MediaRover [2012.03.26 17:50:28 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Music Editor Free [2011.02.20 17:04:17 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\My Battle for Middle-earth(tm) II Files [2010.12.31 18:51:43 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\OpenOffice.org [2012.01.17 23:45:10 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Origin [2011.08.23 14:36:01 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\redsn0w [2011.12.28 20:59:35 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Save-EE [2012.01.02 14:34:23 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Simfy [2012.04.12 17:40:00 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\SoundSpectrum [2012.03.17 05:46:09 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\SynthMaker [2012.03.31 16:44:40 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\Teeworlds [2011.12.15 23:41:50 | 000,000,000 | ---D | M] -- C:\Users\Anwender\AppData\Roaming\TrueCrypt [2012.03.05 17:29:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 14.04.2012 20:20:13 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 69,75% Memory free
8,00 Gb Paging File | 6,19 Gb Available in Paging File | 77,47% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 288,32 Gb Free Space | 61,92% Space Free | Partition Type: NTFS
Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.11.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"sp6" = Logitech SetPoint 6.32
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B94CF00-3A9C-AEBF-265D-EABF6EC11CEA}" = Catalyst Control Center InstallProxy
"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional
"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian
"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{36E15666-43C1-91A7-0281-498F9D383B2C}" = simfy
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish
"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D0042A0-9064-4C7F-B906-3EAC4427EE07}_is1" = Counter-Strike Source DZ
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German
"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech
"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish
"{BCAF3D46-3BDA-441F-97B9-3878ACD0CD4F}_is1" = Half-Life 2 (Addon) DZ
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1
"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian
"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch
"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 1.2.6
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Origin" = Origin
"Simfy" = simfy
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"TrueCrypt" = TrueCrypt
"Visual C++ 6.0 Autoren Edition (deu)" = Microsoft Visual C++ 6.0 Autoren Edition (Deutsch)
"VLC media player" = VLC media player 1.1.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"GeoGebra 4.0" = GeoGebra 4.0
"GeoGebraPrim" = GeoGebraPrim
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.03.2012 13:51:02 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 27.03.2012 08:37:11 | Computer Name = Anwender-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.03.2012 08:58:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.03.2012 08:38:04 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.03.2012 11:36:24 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.03.2012 11:36:36 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.03.2012 11:49:35 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2012 17:12:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 30.03.2012 11:54:19 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 30.03.2012 12:11:27 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 13.02.2011 10:27:17 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:27:10 - Fehler beim Herstellen der Internetverbindung. 15:27:10
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 11:27:23 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:23 - Fehler beim Herstellen der Internetverbindung. 16:27:23
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 11:27:31 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:28 - Fehler beim Herstellen der Internetverbindung. 16:27:28
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 12:27:35 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 17:27:35 - Fehler beim Herstellen der Internetverbindung. 17:27:35
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 12:27:41 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 17:27:40 - Fehler beim Herstellen der Internetverbindung. 17:27:40
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 13:27:46 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 18:27:46 - Fehler beim Herstellen der Internetverbindung. 18:27:46
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2011 13:27:52 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 18:27:51 - Fehler beim Herstellen der Internetverbindung. 18:27:51
- Serververbindung konnte nicht hergestellt werden..
Error - 20.02.2011 10:12:42 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:12:42 - Fehler beim Herstellen der Internetverbindung. 15:12:42
- Serververbindung konnte nicht hergestellt werden..
Error - 20.02.2011 10:12:54 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 15:12:47 - Fehler beim Herstellen der Internetverbindung. 15:12:47
- Serververbindung konnte nicht hergestellt werden..
Error - 23.02.2011 11:27:05 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0
Description = 16:27:04 - Fehler beim Herstellen der Internetverbindung. 16:27:04
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 13.04.2012 18:46:05 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 13.04.2012 18:46:09 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ISODisk
Error - 13.04.2012 18:52:35 | Computer Name = Anwender-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ISODisk.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 13.04.2012 18:52:54 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
AMD FUEL Service erreicht.
Error - 13.04.2012 18:52:54 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 13.04.2012 18:52:55 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ISODisk
Error - 14.04.2012 07:57:55 | Computer Name = Anwender-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ISODisk.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 14.04.2012 07:58:13 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
AMD FUEL Service erreicht.
Error - 14.04.2012 07:58:13 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 14.04.2012 07:58:14 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ISODisk
< End of report >
Geändert von thilo (14.04.2012 um 20:13 Uhr) |
|
15.04.2012, 06:00
| #6 |
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware? Punkt 7. fehlt noch?-> http://www.trojaner-board.de/113557-...tml#post813982 1. hast Du eventuell Änderungen am System vorgenommen z.B im Autostart ("msconfig"-> Systemstart) ? wenn ja, was genau? nämlich mir ist aufgefallen, dass da bis auf SUPERAntiSpyware nix drin steht... 2. hast Du momentan kein Antivirus installiert? 3. MBR mit aswMBR von Avast prüfen Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin). XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten. Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen. Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen. Klicke Scan, um den Suchlauf zu starten. Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern. Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.
__________________ --> Computer deutlich langsamer; wirklich ein Virus/Malware? |
|
15.04.2012, 13:40
| #7 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira, jetzt bin ich nochmehr verwirrt. Fehlt Schritt 7. oder Schritt 1(zu dem hast du mir nämlich einen Link geschickt). Ich poste einfach mal die Log-Daten von "Eset", hoffe das meintest du! Ich habe so gut wie alle Programme aus dem AutoStart entfernt! Dies sollte doch aber nicht mit der Zeit zum Herunterfahren zutun haben. Erstrecht, da der Start relativ schnell geht. Zurzeit habe ich Java, Adobe und Avast! im Autostart. (Brauche ich überhaupt Adobe dadrin?) Zum Zeitpunkt das Scannens hatte ich kein Antiviren-Programm auf dem Computer. Da hier http://www.trojaner-board.de/69886-a...-beachten.html steht, das ich mein Antiviren-Programm Abschalten sollte und ich sowieso unzufrieden mit Avira war, habe ich es Deinstalliert und gestern nach dem letzten Scan Avast! (siehe Autostart) installiert, da es aktuell das beste Freeware Programm sein soll. Und wenn wir gerade bei Änderungen im System sind, ich habe die Werte zum Beenden der Prozesse beim Herunterfahren (Registrierungseditor) geändert. Bei dem Download handelt es sich nicht um das Antiviren Programm Avast!, sondern ist ein Tool mit der Avast Engine, oder vertue ich mich? Eset-Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a1fb61af3580bb49af987e6ed8a60d5a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-14 05:06:13
# local_time=2012-04-14 07:06:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 1168 86046136 0 0
# compatibility_mode=8192 67108863 100 0 204 204 0 0
# scanned=306054
# found=4
# cleaned=4
# scan_time=6886
C:\Users\Sina\AppData\Local\Temp\Photo.class a variant of Java/Exploit.CVE-2011-3544.AV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Sina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\7ede12ec-40c361ba Java/Exploit.CVE-2011-3544.AV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\so\AppData\Local\Temp\Inc.class a variant of Java/Exploit.CVE-2011-3544.AW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\so\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\65a67fbe-12e4527e a variant of Java/Exploit.CVE-2011-3544.AW trojan (deleted - quarantined) 00000000000000000000000000000000 C
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-15 14:47:53
-----------------------------
14:47:53.755 OS Version: Windows x64 6.1.7601 Service Pack 1
14:47:53.755 Number of processors: 3 586 0x503
14:47:53.757 ComputerName: ANWENDER-PC UserName: Thilo
14:47:54.867 Initialize success
14:47:54.913 AVAST engine defs: 12041500
14:48:25.530 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:48:25.532 Disk 0 Vendor: Hitachi_HDS721050CLA362 JP2OA3MA Size: 476940MB BusType: 3
14:48:25.559 Disk 0 MBR read successfully
14:48:25.561 Disk 0 MBR scan
14:48:25.563 Disk 0 Windows 7 default MBR code
14:48:25.573 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:48:25.582 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476837 MB offset 206848
14:48:25.601 Disk 0 scanning C:\Windows\system32\drivers
14:48:32.088 Service scanning
14:48:50.990 Modules scanning
14:48:50.990 Disk 0 trace - called modules:
14:48:50.999 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:48:51.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800493d060]
14:48:51.002 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8004498520]
14:48:51.003 5 ACPI.sys[fffff88000e897a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800447c060]
14:48:52.806 AVAST engine scan C:\Windows
14:48:54.957 AVAST engine scan C:\Windows\system32
14:50:45.769 AVAST engine scan C:\Windows\system32\drivers
14:50:54.651 AVAST engine scan C:\Users\Anwender
14:56:23.284 Disk 0 MBR has been saved successfully to "C:\Users\Anwender\Desktop\MBR.dat"
14:56:23.285 The log file has been saved successfully to "C:\Users\Anwender\Desktop\aswMBR.txt"
Geändert von thilo (15.04.2012 um 13:58 Uhr) |
|
16.04.2012, 05:58
| #8 | ||
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware? 1. deinstalliere: Zitat:
stammt von Eset?: Zitat:
Tipps: IE 9: Tipps zu Internet Explorer 9 -> Standard Suchmaschine des Explorers ändern -> Wie kann ich den Cache im Internet Explorer leeren? 4. Windows legt beispielsweise regelmäßig Schattenkopien an (mindestens einmal täglich), die im Notfall zur Wiederherstellung des Systems und zum Zugriff auf ältere Dateiversionen dienen. Diese Funktion belegt sehr viel Speicherplatz. Standardmäßig beträgt der für Schattenkopien reservierte Speicherplatz 15 % der Volumegröße, so dass die Systemleistung auch beeinträchtigt wird. Außerdem gelöschte und ev. schädliche Objekte, die in der Systemwiederherstellung sitzen, müssen auch entfernt werden: Also mach bitte folgendes:
5. ► Schaue bitte nach, ob für Windows neue Update gibt?!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand! 6. ► Internet Explorer aktualisieren: - Version 9 ist aktuell! Du kannst gleich Windows Internet Explorer 9 installieren, um die vorhandene Version von Internet Explorer zu ersetzen:-> Internet Explorer 9 Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann. 7. erneut einen Scan mit OTL:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (16.04.2012 um 06:20 Uhr) |
|
16.04.2012, 13:52
| #9 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira, 1. Ich bin davon ausgegangen, dass diese Programme auf dem Computer beleiben können, da sie eh nur On-Demand Programme sind und Avast! nicht im Weg stehen sollten. Naja, ich hab mir eh " Malwarebytes Anti-Malware " gedownloadet, da es ja relativ gut mir Avast! Kompatible sein soll. edit: Ich finde "AVZ" in der Systemsteuerung nicht :/ 2. Diesen Ordner haben ich selber angelegt und sämtliche Programme, welche ich in deinen Anleitungen gedownloadet habe, als Verknüpfung eingefügt. Ist aber schon in meinem Ordner "Progamme" und wird ja anscheinend eh nichtmehr gebracht (-> Punkt 1.) 3. Internet Explorer benutze ich gar nicht, eigentlich nur "Google Chrome" und manchmal auch "Mozilla Firefox". Zudem bin ich mit deren Einstellungen ganz zufrieden und lösche regelmäßig den Cache. Sind dort etwa falsche Einstellungen? 4. Dies habe ich nach einer Anleitungen auf dieser Seite schon vor meinem ersten Post gemacht. Schadet aber nicht, es aber noch einmal machen! 5. Updates erledigt doch Windows Automatisch, oder? (Bei richtiger Einstellung)  6. Internet Explorer hatte ich eigentlich als Windows-Funktion Deaktiviert. 7. OTL-Logs: OTL.txt: Code:
ATTFilter OTL logfile created on: 16.04.2012 15:12:29 - Run 3 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop\Programme\AntiVirus 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 68,99% Memory free 9,86 Gb Paging File | 8,54 Gb Available in Paging File | 86,61% Paging File free Paging file location(s): c:\pagefile.sys 6000 6000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 288,72 Gb Free Space | 62,00% Space Free | Partition Type: NTFS Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.04.13 17:46:19 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Anwender\Desktop\Programme\AntiVirus\OTL.exe PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe ========== Modules (No Company Name) ========== MOD - [2012.04.12 09:37:34 | 000,444,400 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll MOD - [2012.04.12 09:37:33 | 003,915,248 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll MOD - [2012.04.12 09:36:08 | 000,122,880 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll MOD - [2012.04.12 09:36:06 | 000,220,672 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll MOD - [2012.04.12 09:36:05 | 001,747,456 | ---- | M] () -- C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.11.09 23:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012.04.14 18:30:14 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.10 12:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.01.05 14:12:30 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.11.28 14:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc) SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.11 15:01:19 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio) DRV:64bit: - [2012.03.07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.03.07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.03.07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.03.07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.03.07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.03.07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.20 19:46:48 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2011.12.15 23:40:44 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.11.28 14:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:64bit: - [2011.11.28 14:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2010.09.15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10) DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.03 10:11:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.10 15:10:47 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BIOS64.sys -- (BIOS) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2007.08.20 11:05:02 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64) DRV - [2012.04.10 12:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.06.24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.06.10 15:10:47 | 000,014,136 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\BIOS64.sys -- (BIOS) DRV - [2006.04.26 02:03:56 | 000,009,600 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ISODisk.sys -- (ISODisk) DRV - [1998.05.07 01:00:00 | 000,000,111 | ---- | M] () [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.SRG -- (Winsock) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 82 0B 4B 42 A2 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: "" FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: "" FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: "" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.04.14 20:29:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.25 14:30:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.14 15:17:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.04 21:40:28 | 000,000,000 | ---D | M] [2010.12.31 14:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Extensions [2012.04.14 17:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions [2011.08.06 17:03:51 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.03.31 01:46:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Anwender\AppData\Roaming\mozilla\Firefox\Profiles\fsyhceci.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.04.14 01:32:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.04.14 01:32:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSYHCECI.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI [2012.03.25 14:30:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.14 01:32:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.11 23:00:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.11 23:00:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.11 23:00:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.11 23:00:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Google-Suche = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: stern.de = C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46C8D141-1684-4E05-A455-8D768A510A77}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83B6CFD2-0C5B-47EB-831B-9748142E8627}: DhcpNameServer = 192.168.60.250 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysNative\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.04.15 21:12:39 | 000,000,000 | R--D | C] -- C:\Sandbox [2012.04.15 21:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie [2012.04.15 21:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2012.04.15 20:43:49 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2012.04.15 17:29:20 | 001,851,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft.GroupPolicy.Reporting.dll [2012.04.15 17:29:20 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll [2012.04.15 17:29:20 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrptadm.dll [2012.04.15 17:29:20 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgr.dll [2012.04.15 17:29:20 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SrpUxNativeSnapIn.dll [2012.04.15 17:29:20 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ppcsnap.dll [2012.04.15 17:29:20 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuditNativeSnapIn.dll [2012.04.15 17:29:20 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft.GroupPolicy.AdmTmplEditor.dll [2012.04.15 17:29:20 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgmts.dll [2012.04.15 17:29:20 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Microsoft.GroupPolicy.Interop.dll [2012.04.14 20:59:39 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Malwarebytes [2012.04.14 20:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.04.14 20:52:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.04.14 20:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.04.14 20:31:21 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.04.14 20:31:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.04.14 20:31:20 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.04.14 20:31:18 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.04.14 20:31:18 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012.04.14 20:31:17 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.04.14 20:31:16 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.04.14 20:31:15 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.04.14 20:29:50 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.04.14 20:29:50 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.04.14 20:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.04.14 20:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.04.14 15:22:07 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Sicherheit [2012.04.14 15:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.04.14 01:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.04.14 01:32:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.04.14 01:32:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.04.14 01:32:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.04.14 00:43:07 | 000,000,000 | ---D | C] -- C:\_OTL [2012.04.12 17:33:40 | 000,000,000 | ---D | C] -- C:\AVZ [2012.04.12 03:02:56 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.04.12 03:02:56 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.04.12 03:02:56 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.04.12 03:00:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.04.12 03:00:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012.04.12 03:00:41 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012.04.07 15:09:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Sina USB [2012.04.07 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\U3 [2012.04.05 03:08:19 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Christentum [2012.04.03 13:30:02 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.04.03 13:20:30 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.03.31 16:27:06 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Teeworlds [2012.03.31 15:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.03.31 15:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.03.31 15:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.03.28 17:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.03.28 17:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2012.03.27 15:30:28 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Battlefield 3 [2012.03.27 15:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.03.26 17:49:59 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Get from YouTube [2012.03.26 17:49:30 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\Music Editor Free [2012.03.25 15:28:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.03.25 03:27:13 | 000,000,000 | ---D | C] -- C:\Users\Anwender\AppData\Roaming\SoundSpectrum [2012.03.24 14:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundSpectrum [2012.03.24 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.03.17 19:16:45 | 000,000,000 | ---D | C] -- C:\Users\Anwender\Documents\Downloads ========== Files - Modified Within 30 Days ========== [2012.04.16 15:09:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.16 15:09:55 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2012.04.16 15:03:16 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.16 15:03:16 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.16 14:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.15 22:15:42 | 000,001,758 | ---- | M] () -- C:\Windows\Sandboxie.ini [2012.04.15 17:50:10 | 000,668,330 | ---- | M] () -- C:\Windows\Gpedit.reg [2012.04.14 20:31:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012.04.14 18:30:14 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.04.14 18:30:14 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.04.14 18:30:08 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012.04.14 01:32:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.04.14 01:32:09 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.04.14 01:32:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.04.14 01:32:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.04.12 20:44:56 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.04.12 20:44:56 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.04.12 20:44:56 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.04.12 20:44:56 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.04.12 20:44:56 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.04.12 18:08:45 | 000,000,035 | ---- | M] () -- C:\Windows\SIERRA.INI [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.03.27 16:07:05 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.03.27 16:06:48 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.03.26 16:40:38 | 000,295,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.04.15 21:11:40 | 000,001,758 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.04.15 17:49:21 | 000,668,330 | ---- | C] () -- C:\Windows\Gpedit.reg [2012.04.15 17:47:13 | 000,147,439 | ---- | C] () -- C:\Windows\SysNative\gpedit.msc [2012.04.14 20:31:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012.04.14 15:17:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.04.03 13:20:33 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.03.11 14:48:02 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp [2012.03.05 17:45:20 | 000,009,600 | ---- | C] () -- C:\Windows\SysWow64\drivers\ISODisk.sys [2012.03.04 21:36:37 | 000,181,132 | ---- | C] () -- C:\Windows\hpoins29.dat [2012.03.04 21:36:37 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat [2012.02.10 20:58:24 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.01.11 15:10:38 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.12.28 20:53:02 | 000,000,035 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.06.05 10:11:06 | 001,777,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.14 22:48:53 | 000,283,470 | ---- | C] () -- C:\Windows\LOGO.SYS.jpg [2011.04.23 13:41:44 | 000,007,634 | ---- | C] () -- C:\Users\Anwender\AppData\Local\Resmon.ResmonCfg [2011.04.09 23:40:05 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.09 13:02:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin < End of report > [CODE]OTL Extras logfile created on: 16.04.2012 15:12:29 - Run 3 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Anwender\Desktop\Programme\AntiVirus 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 68,99% Memory free 9,86 Gb Paging File | 8,54 Gb Available in Paging File | 86,61% Paging File free Paging file location(s): c:\pagefile.sys 6000 6000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 288,72 Gb Free Space | 62,00% Space Free | Partition Type: NTFS Drive D: | 557,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ANWENDER-PC | User Name: Thilo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel "{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8 "{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64 "{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CCleaner" = CCleaner "Defraggler" = Defraggler "ESL Wire_is1" = ESL Wire 1.11.1 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Sandboxie" = Sandboxie 3.68 (64-bit) "sp6" = Logitech SetPoint 6.32 "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0B94CF00-3A9C-AEBF-265D-EABF6EC11CEA}" = Catalyst Control Center InstallProxy "{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional "{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian "{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{36E15666-43C1-91A7-0281-498F9D383B2C}" = simfy "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish "{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D0042A0-9064-4C7F-B906-3EAC4427EE07}_is1" = Counter-Strike Source DZ "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min "{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German "{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese "{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy "{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400 "{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech "{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish "{BCAF3D46-3BDA-441F-97B9-3878ACD0CD4F}_is1" = Half-Life 2 (Addon) DZ "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BF731945-7AAD-45E3-A202-A60C9213915C}_is1" = ISODisk 1.1 "{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian "{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch "{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2 "{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Audacity_is1" = Audacity 1.2.6 "avast" = avast! Free Antivirus "AVMWLANCLI" = AVM FRITZ!WLAN "Battlelog Web Plugins" = Battlelog Web Plugins "ESN Sonar-0.70.0" = ESN Sonar "ESN Sonar-0.70.4" = ESN Sonar "FL Studio 10" = FL Studio 10 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de) "Origin" = Origin "Simfy" = simfy "Steam App 42700" = Call of Duty: Black Ops "Steam App 42710" = Call of Duty: Black Ops - Multiplayer "TrueCrypt" = TrueCrypt "Visual C++ 6.0 Autoren Edition (deu)" = Microsoft Visual C++ 6.0 Autoren Edition (Deutsch) "VLC media player" = VLC media player 1.1.7 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CodeBlocks" = CodeBlocks "GeoGebra 4.0" = GeoGebra 4.0 "GeoGebraPrim" = GeoGebraPrim "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 25.03.2012 18:53:58 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 26.03.2012 12:06:57 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 26.03.2012 13:51:02 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 27.03.2012 08:37:11 | Computer Name = Anwender-PC | Source = Windows Installer 3.1 | ID = 921877 Description = Error - 27.03.2012 08:58:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 28.03.2012 08:38:04 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 28.03.2012 11:36:24 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 28.03.2012 11:36:36 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 28.03.2012 11:49:35 | Computer Name = Anwender-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_vuplayer.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 29.03.2012 17:12:39 | Computer Name = Anwender-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = [ Media Center Events ] Error - 13.02.2011 10:27:17 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 15:27:10 - Fehler beim Herstellen der Internetverbindung. 15:27:10 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 11:27:23 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 16:27:23 - Fehler beim Herstellen der Internetverbindung. 16:27:23 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 11:27:31 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 16:27:28 - Fehler beim Herstellen der Internetverbindung. 16:27:28 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 12:27:35 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 17:27:35 - Fehler beim Herstellen der Internetverbindung. 17:27:35 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 12:27:41 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 17:27:40 - Fehler beim Herstellen der Internetverbindung. 17:27:40 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 13:27:46 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 18:27:46 - Fehler beim Herstellen der Internetverbindung. 18:27:46 - Serververbindung konnte nicht hergestellt werden.. Error - 13.02.2011 13:27:52 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 18:27:51 - Fehler beim Herstellen der Internetverbindung. 18:27:51 - Serververbindung konnte nicht hergestellt werden.. Error - 20.02.2011 10:12:42 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 15:12:42 - Fehler beim Herstellen der Internetverbindung. 15:12:42 - Serververbindung konnte nicht hergestellt werden.. Error - 20.02.2011 10:12:54 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 15:12:47 - Fehler beim Herstellen der Internetverbindung. 15:12:47 - Serververbindung konnte nicht hergestellt werden.. Error - 23.02.2011 11:27:05 | Computer Name = Anwender-PC | Source = MCUpdate | ID = 0 Description = 16:27:04 - Fehler beim Herstellen der Internetverbindung. 16:27:04 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 16.04.2012 07:08:36 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: ISODisk Error - 16.04.2012 08:55:50 | Computer Name = Anwender-PC | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ISODisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 16.04.2012 08:56:09 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht. Error - 16.04.2012 08:56:09 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 16.04.2012 08:56:10 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: ISODisk Error - 16.04.2012 09:09:52 | Computer Name = Anwender-PC | Source = Application Popup | ID = 1060 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ISODisk.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error - 16.04.2012 09:10:00 | Computer Name = Anwender-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?16.?04.?2012 um 15:08:51 unerwartet heruntergefahren. Error - 16.04.2012 09:10:12 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht. Error - 16.04.2012 09:10:12 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 16.04.2012 09:10:15 | Computer Name = Anwender-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: ISODisk %0 Geändert von thilo (16.04.2012 um 14:26 Uhr) |
|
16.04.2012, 14:38
| #10 | ||||||
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware?Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
► Läuft dein System stabil? Hast du sonst noch Probleme?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
16.04.2012, 21:23
| #11 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Eigentlich war der Code in einem Code-Tag und ich habe nach etwas darunter geschrieben. Klappt auch einfach garnichts... __________ Überflüssige Antivirenprogramme Deistalliert; iExplorer geupdatet. Mein System läuft ein wenig flüssiger als am Anfang, Danke Jedoch ist das Problem mit den Herunterfahren immer noch vorhanden. Gruß! |
|
17.04.2012, 09:21
| #12 |
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware? am Anfang hast Du kein AV-Programm installiert gehabt? inzwischen hast Du Avast installiert..richtig? lade Dir HijackThis 2.0.4 von *von hier* herunter Rechtsklick drauf-> "Als Administrator ausführen" wählen HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen"
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
17.04.2012, 19:52
| #13 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira. Bevor ich mich hier gemeldet habe, hatte ich Avira Free Antivirus auf meinem Computer installiert. Ich habe mich dann entschieden, den Computer aufzuräumen. Dabei habe ich auch Avira gelöscht. Also lief der Computer nur während der Scanns ohne Antiviren Programm. Gruß! HijackThis Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:51:07, on 17.04.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anwender\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Anmeldeinformationsverwaltung (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 8669 bytes |
|
17.04.2012, 20:47
| #14 |
| /// Helfer-Team | Computer deutlich langsamer; wirklich ein Virus/Malware? 1. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! ► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen... ► Besteht dein Problem nach wie vor?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
17.04.2012, 21:22
| #15 |
| | Computer deutlich langsamer; wirklich ein Virus/Malware? Hey Kira, Danke, aber leider wurde das Problem nicht behoben! Gruß! Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:20:57, on 17.04.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Anwender\Desktop\Programme\AntiVirus\On-Demand Scanner\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O8 - Extra context menu item: Free YouTube Download - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anwender\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Anmeldeinformationsverwaltung (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 7645 bytes Geändert von thilo (17.04.2012 um 21:32 Uhr) |
|
| Themen zu Computer deutlich langsamer; wirklich ein Virus/Malware? |
| adobe, antivirus, avira, bonjour, computer, converter, defender, dll, einstellungen, explorer, firefox, flash player, google, helper, herunterfahren, home, mozilla, mp3, plug-in, realtek, rundll, stick, svchost.exe, system, usb, windows, windows 7 home |
.
Linear-Darstellung
