Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 14.06.2012, 02:31   #1
EM2012
 
fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam - Beitrag

fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam



Hallo zusammen,
da ich aus dem Ausland (Polen) schreibe habe ich leider keine Umlate an meiner Tastatur.
Deshalb ist in den Logfails auch etwas in Polnisch, hoffe es kann mir trotzdam geholfen werden.

Zu meinem Problem: Gesten meldetet mir Antivir zwei funde eines Virus "TR/Black.Gen2" den ich (wie ich hoffe) geloescht habe Avir hangte sich einmall auf.

Dannach fiel mir auf das in manchen Vidos auf YouTube der Ton nicht geht in IE, aber in Firefox (Portable) ging. Habe an den Flashplayer deinstalier und wieder neu instalier da ich dachte das es daran liegt, leider ohne erfolg. Der Rechner wird von stunde zu sunde langsammer und unter der einsicht der laufenden Prozesse ist oft die iexplore.exe offen (mehrmalls).

was auch merkwurdig ist das ich das Programm gemer.exe nicht zum schluss durch laufen lassen koennte da es absturzt (das erste mall mit einen bluescreen) das zweite mall an der stelle "\Device\HarddiskVolumeShadowCopy1" deshalb kann ich auch kein Logfail hier zeigen.

Achso habe noch mein Antivir gegen Avast getauscht da ich dachte der koennt was finden da der Antivir sich aufheangte beim scannen.

Haoffe Ihr koennt mir trotz dem das ich das Logfail des Gmer.txt nicht habe und bei mir die zwei anderen Logfails auch anderst heisen (OTL.txt und Extras.txt ) weiterhelfenOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 2012-06-14 02:11:12 - Run 1
OTL by OldTimer - Version 3.2.48.0     Folder = C:\Users\Hans Mustermanr\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,73% Memory free
7,21 Gb Paging File | 5,96 Gb Available in Paging File | 82,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 269,11 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive X: | 232,88 Gb Total Space | 105,33 Gb Free Space | 45,23% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: Hans Mustermanr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D7A6AAC-1E38-480F-B031-F78A6F8A5978}" = rport=138 | protocol=17 | dir=out | app=system | 
"{126EF979-6BC1-42CF-BEE6-234A2506AB10}" = lport=137 | protocol=17 | dir=in | app=system | 
"{160026E1-471C-4C0E-87AE-A8A65DD321FA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2568D4BB-A9E7-431A-B477-5394D6CB9C83}" = rport=445 | protocol=6 | dir=out | app=system | 
"{460B0836-EA7C-4E80-8B4D-9B75545BB24A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4D4E5823-BF59-410F-97A5-43C9CBA6C700}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011b\rpcagentsrv.exe | 
"{6F77AE9B-2ECD-4F90-8D1B-A3C937758A4A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{81470DD7-AF51-460E-AEF6-68DFA51A9A50}" = rport=139 | protocol=6 | dir=out | app=system | 
"{9C41F5AC-96B0-42E6-A956-1B304453797A}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C4BF6498-59E8-4A08-B841-31E030DD0DB1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011b\wnt500x86\rpcsandrasrv.exe | 
"{D7881188-91AB-4F04-A386-1762A0D7BB69}" = lport=139 | protocol=6 | dir=in | app=system | 
"{F3135D05-90FD-4FE7-A6CA-BD5F715DCA9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05F4CA72-86CB-447A-819E-7E798BFAF56C}" = protocol=17 | dir=in | app=x:\steam\steamapps\common\portal 2\portal2.exe | 
"{0DD83DE5-4973-4108-B325-C52F9006B29D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{1031870E-5019-4A4A-B95D-25258E04F3EC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{13F2B7BE-235D-4C1C-8B9F-CB3AFA200183}" = protocol=6 | dir=in | app=x:\steam\steamapps\luxusmarke\counter-strike source\hl2.exe | 
"{20228784-C97E-4950-AEE5-CAB6CD3164DF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe | 
"{2C284228-7E15-4F62-ACD4-B904A992C2A8}" = protocol=6 | dir=in | app=x:\steam\steamapps\common\counter-strike go - intro trailer\smp.exe | 
"{2C5C0BB7-59EF-417C-8C0D-4A6C8942BA4A}" = protocol=17 | dir=in | app=x:\steam\steamapps\common\counter-strike go - intro trailer\smp.exe | 
"{2E344596-CA19-4B57-B0C9-6A51709BFCA5}" = protocol=17 | dir=in | app=x:\steam\steamapps\common\stronghold kingdoms trailer\smp.exe | 
"{3C7EBC20-B90D-45A5-BDD8-6BBBF62BC63F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{40D59F4C-6B29-436F-8AF8-88D171EA1545}" = protocol=17 | dir=in | app=x:\steam\steamapps\common\bangbangracingdemo\bangbangracing.exe | 
"{44AAAB67-630C-475E-BC0C-7A74BEC4F405}" = protocol=17 | dir=in | app=x:\steam\steamapps\luxusmarke\counter-strike source\hl2.exe | 
"{4C119F9A-864D-4086-AC52-A723A9DBA9F6}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{5B9D1379-CB39-46DA-A7FD-B8168A4AD851}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{62C2E42A-10C6-4971-897E-E1C32A8B0FDB}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{63E64E8A-5627-4439-A281-90AE01539AB2}" = protocol=6 | dir=in | app=x:\steam\steamapps\common\portal 2\portal2.exe | 
"{75243548-E1F5-44ED-83A7-6BA611BFA2BE}" = protocol=6 | dir=in | app=x:\steam\steamapps\common\bangbangracingdemo\bangbangracing.exe | 
"{78F658B4-7F16-440B-A8C1-F3F71AE80D9F}" = protocol=6 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"{7CDE2EFE-6DB5-4C51-A0D9-B4D9C3D45A3F}" = protocol=6 | dir=in | app=x:\steam\steamapps\common\stronghold kingdoms trailer\smp.exe | 
"{81F6208C-42AF-43C9-A731-17599287C867}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{8B930176-7FE4-4D11-AD39-2E358AF93941}" = protocol=17 | dir=in | app=c:\program files\diablo iii beta\diablo iii.exe | 
"{8FDD70D0-969D-45E6-BDAF-F21076888F49}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{95541117-D74A-4FCC-8A7D-F48FCACD4334}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{97F0CE23-1A61-4BD0-9106-05D9666B1239}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{A05F5773-EDB7-4CE4-AE2E-C090EE6636B3}" = protocol=17 | dir=in | app=x:\steam\steam.exe | 
"{A4CE1F92-837E-4789-A971-ADE130B1F427}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe | 
"{AEC359D1-5383-426E-AABD-A83A984C5ECD}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{B25946AA-9D3D-486F-B911-535F3E7E0712}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{B49EE41E-6568-4414-9489-392A55E07631}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{D30FF302-38E3-4871-B28F-093DF5045EAC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F3E6B3DA-B6A6-48F9-B914-5499B21A6A19}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FA43D155-1778-4F99-BEDC-25CDA8D55E78}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{FC830803-BB47-4170-B3E0-94401DA264F6}" = protocol=6 | dir=in | app=x:\steam\steam.exe | 
"{FFCF8CEA-9D6B-4A74-8552-362DF2290C75}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{2B59080F-E6A5-434B-B383-590830C651D2}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{30F72C50-35C9-450D-B454-360862C2F292}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | 
"TCP Query User{38D57D77-EF5B-4A71-BBD3-6AD3E94EC0DB}X:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=x:\program files\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{8D4DE4E5-B45C-49E6-A3AD-0F943C6C4D8D}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | 
"TCP Query User{9D47A747-3724-4254-8AAD-C9DD76941D4E}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe | 
"UDP Query User{04BAA45D-BE8B-46B9-B3E6-2238D23C8C05}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{04DE4F63-2D5F-46C2-806E-2A2D1EF9E444}X:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=x:\program files\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{164611B6-4397-49D5-8177-7E5F5D758643}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe | 
"UDP Query User{6EEA8CE2-449A-4582-BFB5-CFB3C9136A88}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | 
"UDP Query User{B8F18B8B-8C02-4820-9A24-4FB10C05848C}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011b
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio-Systemsteuerung
"avast" = avast! Free Antivirus
"BearPaw 2448CU Pro v1.1" = BearPaw 2448CU Pro v1.1
"CCleaner" = CCleaner
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster
"Gadu-Gadu 10" = Gadu-Gadu 10
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full)
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"MozBackup" = MozBackup 1.4.10
"Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl)
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Skype_is1" = Skype 3.1
"Steam App 207970" = Bang Bang Racing Demo
"Steam App 2100" = Dark Messiah Might and Magic Single Player
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 620" = Portal 2
"WaveStudio 7" = Creative WaveStudio 7
"WinRAR archiver" = Archiwizator WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2012-06-13 11:10:43 | Computer Name = Hunder | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 2012-06-13 11:10:50 | Computer Name = Hunder | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 2012-06-13 11:10:58 | Computer Name = Hunder | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 2012-06-13 11:11:10 | Computer Name = Hunder | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 2012-06-13 11:11:32 | Computer Name = Hunder | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 2012-06-13 11:27:41 | Computer Name = Hunder | Source = ESENT | ID = 467
Description = Windows (3392) Windows: Baza danych C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
 Indeks Microsoft_IE_Title415 tabeli SystemIndex_0A jest uszkodzony (0).
 
Error - 2012-06-13 12:44:33 | Computer Name = Hunder | Source = Application Hang | ID = 1002
Description = Program avscan.exe w wersji 12.3.0.15 zatrzymał interakcję z systemem
 Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
 dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
 i rozwiązaniami problemów.  Identyfikator procesu: 1140  Godzina rozpoczęcia: 01cd497f269485fe
Godzina
 zakończenia: 0
 
Error - 2012-06-13 19:34:09 | Computer Name = Hunder | Source = Application Hang | ID = 1002
Description = Program AdAware.exe w wersji 10.1.211.3382 zatrzymał interakcję z 
systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
 dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
 i rozwiązaniami problemów.  Identyfikator procesu: e90  Godzina rozpoczęcia: 01cd49bc309ad029
Godzina
 zakończenia: 29
 
Error - 2012-06-13 19:40:27 | Computer Name = Hunder | Source = Application Hang | ID = 1002
Description = Program Taskmgr.exe w wersji 6.0.6001.18000 zatrzymał interakcję z
 systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
 dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
 i rozwiązaniami problemów.  Identyfikator procesu: 17d0  Godzina rozpoczęcia: 01cd49bcabc01cb9
Godzina
 zakończenia: 3
 
Error - 2012-06-13 19:41:20 | Computer Name = Hunder | Source = Application Hang | ID = 1002
Description = Program AdAware.exe w wersji 10.1.211.3382 zatrzymał interakcję z 
systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
 dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
 i rozwiązaniami problemów.  Identyfikator procesu: 175c  Godzina rozpoczęcia: 01cd49bd0f65c179
Godzina
 zakończenia: 9
 
[ System Events ]
Error - 2012-06-12 21:00:08 | Computer Name = Hunder | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 2012-06-12 21:00:08 | Computer Name = Hunder | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 2012-06-13 10:00:56 | Computer Name = Hunder | Source = Dhcp | ID = 1002
Description = Serwer DHCP 192.168.1.1 odmówił dzierżawy adresu IP 192.168.1.2 dla
 karty sieciowej o adresie 0016E6D8A285. (Serwer DHCP wysłał komunikat DHCPNACK).
 
Error - 2012-06-13 11:43:18 | Computer Name = Hunder | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 2012-06-13 13:01:47 | Computer Name = Hunder | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 19:00:38 na 2012-06-13 było nieoczekiwane.
 
Error - 2012-06-13 13:03:33 | Computer Name = Hunder | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 2012-06-13 19:27:22 | Computer Name = Hunder | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 01:26:11 na 2012-06-14 było nieoczekiwane.
 
Error - 2012-06-13 19:30:40 | Computer Name = Hunder | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 2012-06-13 19:48:13 | Computer Name = Hunder | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 01:46:11 na 2012-06-14 było nieoczekiwane.
 
Error - 2012-06-13 19:51:22 | Computer Name = Hunder | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2012-06-14 02:11:12 - Run 1
OTL by OldTimer - Version 3.2.48.0     Folder = C:\Users\Hans Mustermanr\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,73% Memory free
7,21 Gb Paging File | 5,96 Gb Available in Paging File | 82,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 269,11 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive X: | 232,88 Gb Total Space | 105,33 Gb Free Space | 45,23% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: Hans Mustermanr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012-06-14 02:09:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Hans Mustermanr\Desktop\OTL.exe
PRC - [2012-06-13 17:33:45 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-01-04 21:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-10-21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2010-12-13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-11-18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012-06-13 16:06:18 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012-06-13 03:02:43 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012-06-13 03:02:33 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012-05-09 17:54:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-09 17:53:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012-05-09 17:53:50 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012-05-09 17:52:18 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012-05-09 17:50:28 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012-05-09 17:49:51 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012-03-06 02:42:46 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:46 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:46 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:46 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2012-03-06 02:42:46 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2012-03-06 02:42:46 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2012-03-06 02:42:46 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2012-03-06 02:42:45 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:45 | 000,692,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:45 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:45 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:45 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:45 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:45 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:45 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:44 | 001,036,288 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:44 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:44 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:44 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:44 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,798,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,675,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012-03-06 02:42:43 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012-03-06 02:42:43 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012-03-06 02:42:42 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012-03-06 02:42:42 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012-03-06 02:42:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012-03-06 02:42:42 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012-03-06 02:42:42 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012-03-06 02:42:42 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012-03-06 02:42:42 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012-03-06 02:42:41 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012-03-06 02:42:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012-03-06 02:42:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012-03-06 02:42:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012-03-06 02:42:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012-03-06 02:42:38 | 000,544,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012-03-06 02:42:38 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2012-03-06 02:42:38 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012-03-06 02:42:38 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012-03-06 02:42:38 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012-03-06 02:42:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012-03-06 02:42:38 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012-03-06 02:42:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012-03-06 02:42:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012-03-06 02:42:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012-03-06 02:42:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012-03-06 02:42:38 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012-03-06 02:42:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2012-03-06 02:42:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012-03-06 02:42:38 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012-03-06 02:42:38 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012-03-06 02:42:38 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012-03-06 02:42:37 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012-03-06 02:42:37 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012-03-06 02:42:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2012-03-06 02:42:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2012-03-06 02:42:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012-03-06 02:42:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012-03-06 02:42:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012-03-06 02:42:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012-03-06 02:42:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010-02-11 07:30:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009-11-24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009-03-31 20:05:12 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009-03-31 20:05:12 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-03-31 20:05:12 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2009-03-26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2009-02-06 18:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
MOD - [2006-09-14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012-06-13 17:33:45 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-01 04:04:29 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012-05-29 23:46:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012-05-20 04:39:08 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-12-13 15:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009-08-10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008-11-18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-03-07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-03-07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-12-13 15:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010-02-11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-08-08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009-04-21 13:58:06 | 001,147,392 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.facebook.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/
IE - HKCU\..\SearchScopes,DefaultScope = {78CA38BF-5DA8-40DC-B0F4-03D417CEAE4C}
IE - HKCU\..\SearchScopes\{78CA38BF-5DA8-40DC-B0F4-03D417CEAE4C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-03-06 03:41:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2012-03-06 03:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdzisław Hunder\AppData\Roaming\mozilla\Extensions
File not found (No name found) -- C:\USERS\ZDZISĹ‚AW HUNDER\APPDATA\ROAMING\THUNDERBIRD\PROFILES\QI5C1SE4.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI
 
O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [Steam] X:\Steam\steam.exe (Valve Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5A6239C-26B7-4E29-917E-CFEE69A9F821}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5A6239C-26B7-4E29-917E-CFEE69A9F821}: NameServer = 194.204.152.34,194.204.159.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Best_HD_Wallpapers_2560x1600_wallpaperhere.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Best_HD_Wallpapers_2560x1600_wallpaperhere.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012-06-14 02:09:55 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Hans Mustermanr\Desktop\OTL.exe
[2012-06-14 02:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012-06-14 02:04:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-06-13 19:20:27 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Local\adaware
[2012-06-13 19:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012-06-13 19:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012-06-13 19:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012-06-13 19:10:19 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Roaming\Ad-Aware Antivirus
[2012-06-13 18:54:18 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012-06-13 18:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-06-13 18:54:17 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012-06-13 18:54:02 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012-06-13 18:54:00 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012-06-13 18:53:57 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012-06-13 18:53:06 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012-06-13 18:51:44 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-06-13 18:51:42 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012-06-13 18:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-06-13 18:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-06-13 17:43:18 | 000,000,000 | ---D | C] -- C:\_OTM
[2012-06-13 17:26:01 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-06-13 17:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012-06-13 17:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012-06-13 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012-06-13 16:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-06-13 16:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-06-13 16:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-06-13 16:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-06-13 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012-06-13 16:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-06-12 21:06:45 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Local\Risen2
[2012-06-12 21:06:44 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Local\SKIDROW
[2012-06-12 20:07:18 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\Documents\Syndicate
[2012-06-12 19:15:06 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Roaming\DAEMON Tools Lite
[2012-06-12 19:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-06-10 17:34:58 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Roaming\WinRAR
[2012-06-07 18:51:25 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\AppData\Roaming\Babylon
[2012-06-07 18:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-05-30 14:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012-05-29 23:46:57 | 002,873,820 | ---- | C] (Creative) -- C:\Windows\System32\Sens_oal.dll
[2012-05-29 23:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012-05-29 23:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2012-05-29 23:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012-05-29 23:44:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DATA
[2012-05-29 23:43:43 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012-05-29 23:43:29 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-05-16 20:48:25 | 000,000,000 | ---D | C] -- C:\Users\Hans Mustermanr\Documents\My Games
[2012-05-16 20:46:34 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2012-05-16 20:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012-06-14 02:09:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Hans Mustermanr\Desktop\OTL.exe
[2012-06-14 02:07:05 | 000,000,000 | ---- | M] () -- C:\Users\Hans Mustermanr\defogger_reenable
[2012-06-14 02:05:44 | 000,050,477 | ---- | M] () -- C:\Users\Hans Mustermanr\Desktop\Defogger.exe
[2012-06-14 02:00:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-14 01:55:23 | 000,671,902 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-06-14 01:55:23 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-06-14 01:55:23 | 000,130,310 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-06-14 01:55:23 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-06-14 01:48:29 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-14 01:48:28 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-14 01:48:24 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-14 01:48:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-14 01:48:05 | 3756,515,328 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-14 01:27:35 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-13 18:54:19 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-13 18:53:06 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-06-13 17:45:00 | 000,255,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-06-13 17:23:24 | 000,683,733 | ---- | M] () -- C:\Users\Hans Mustermanr\Desktop\spielplan.pdf
[2012-06-13 17:05:19 | 000,070,144 | ---- | M] () -- C:\Users\Hans Mustermanr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-13 16:55:18 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-06-07 18:57:41 | 000,000,828 | ---- | M] () -- C:\Users\Hans Mustermanr\Desktop\JDownloader.lnk
[2012-06-07 18:51:42 | 000,001,530 | ---- | M] () -- C:\user.js
[2012-05-29 23:44:49 | 000,000,087 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012-05-16 20:46:34 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012-06-14 02:07:05 | 000,000,000 | ---- | C] () -- C:\Users\Hans Mustermanr\defogger_reenable
[2012-06-14 02:05:44 | 000,050,477 | ---- | C] () -- C:\Users\Hans Mustermanr\Desktop\Defogger.exe
[2012-06-13 18:54:19 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-13 17:33:47 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-13 17:25:57 | 000,000,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012-06-13 17:23:24 | 000,683,733 | ---- | C] () -- C:\Users\Hans Musterman\Desktop\spielplan.pdf
[2012-06-13 16:55:18 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-06-07 18:57:41 | 000,000,828 | ---- | C] () -- C:\Users\Hans Mustermanr\Desktop\JDownloader.lnk
[2012-06-07 18:57:39 | 000,000,792 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012-06-07 18:57:39 | 000,000,752 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012-06-07 18:57:39 | 000,000,737 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012-06-07 18:51:38 | 000,001,530 | ---- | C] () -- C:\user.js
[2012-05-29 23:49:56 | 004,174,814 | ---- | C] () -- C:\Windows\System32\CT4MGM.SF2
[2012-05-29 23:49:56 | 002,167,684 | ---- | C] () -- C:\Windows\System32\CT2MGM.SF2
[2012-05-29 23:49:46 | 000,007,062 | ---- | C] () -- C:\Windows\System32\audiopid.vxd
[2012-05-29 23:44:49 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012-05-29 23:44:49 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012-05-29 23:44:49 | 000,000,087 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012-03-15 02:49:52 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-03-13 19:17:14 | 000,118,784 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2012-03-13 19:17:13 | 000,338,944 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2012-03-09 21:55:39 | 010,948,608 | ---- | C] () -- C:\ProgramData\sandra.mda
[2012-03-07 19:24:38 | 000,229,376 | ---- | C] () -- C:\Windows\System32\MKCoInstaller.dll
[2012-03-06 02:46:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-03-05 23:38:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012-03-05 23:38:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012-03-05 23:38:07 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012-03-05 23:01:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012-03-05 18:07:09 | 000,070,144 | ---- | C] () -- C:\Users\Hans Mustermanr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-05 17:39:54 | 000,001,356 | ---- | C] () -- C:\Users\Hans Mustermanr\AppData\Local\d3d9caps.dat
 
========== LOP Check ==========
 
[2012-06-14 02:04:00 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Ad-Aware Antivirus
[2012-06-07 18:51:25 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Babylon
[2012-03-07 19:30:57 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Canneverbe Limited
[2012-06-13 17:26:01 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-06-13 16:58:39 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\DAEMON Tools Lite
[2012-03-22 00:36:24 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Firefly Studios
[2012-03-09 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Gadu-Gadu 10
[2012-03-06 03:51:58 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\IrfanView
[2012-03-07 19:30:43 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\OpenCandy
[2012-03-14 03:24:10 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\OpenOffice.org
[2012-03-10 19:19:57 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\TeamViewer
[2012-06-13 18:41:38 | 000,000,000 | ---D | M] -- C:\Users\Hans Mustermanr\AppData\Roaming\Thunderbird
[2012-06-14 01:27:35 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---




danke im voraus fur eure Hilfe und Tipps
wie ich damit umgehen soll weiter


aus Polen - EM2012

Geändert von EM2012 (14.06.2012 um 02:55 Uhr)

Alt 14.06.2012, 16:09   #2
kira
/// Helfer-Team
 
fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam - Standard

fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du oder durch [X] oder Sternchen (*) ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Deinstalliere unter "Start > Systemsteuerung > Programme deinstallieren" :
Zitat:
Avira SearchFree Toolbar plus Web Protection Ask.com
Avira SearchFree Toolbar plus Web Protection Updater Ask.com
2.
Deinstalliere:
Code:
ATTFilter
"Ad-Aware Free": jetzt läuft mit Anti-Viren-Schutz!
         
kann es zu einem Systemabsturz kommen!
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!

3.
Windows Defender:
Parallel zu ein AV-Programm nicht Empfehlenswert aktiv laufen lassen, weil dadurch können sich in die Quere kommen. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender
Windows Defender komplett deaktivieren

Start => Systemsteuerung => Klassische Ansicht => Windows Defender oder
Windows Defender starten (C:\Programme\Windows Defender\MSASCui.exe)

Extras => Optionen => Automatische Überprüfung => Haken bei "Computer automatisch überprüfen" entfernen.
Extras => Optionen => Echtzeitschutz => Haken bei "Echtzeitschutz aktivieren" entfernen.
Extras => Optionen => Administrator => Haken bei "Dieses Programm verwenden" entfernen.

Start => services.msc ins Suchfeld eingeben.
Es öffnet sich das Fenster der Dienste
Doppelklick auf den Dienst "Windows Defender"
Starttyp auf "Manuell" umstellen.
Dienststatus beenden, falls der Dienst noch gestartet ist.
► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen
► Unter Dienste:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

4.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner herunter
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

5.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira
__________________

__________________

Antwort

Themen zu fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam
absturz, ad-aware, antivir, avira, avira searchfree toolbar, battle.net, bho, bluescreen, browser, error, firefox, flash player, google, iexplore.exe, install.exe, jdownloader, langsam, logfile, object, picasa, problem, programm, realtek, rechner sehr langsam, registry, scan, searchscopes, security, sehr langsam, software, tr/black.gen2, version=1.0, virus, vista, wallpapers



Ähnliche Themen: fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam


  1. Windows bzw. ganzer Rechner läuft sehr sehr langsam.....
    Plagegeister aller Art und deren Bekämpfung - 28.09.2015 (11)
  2. Windows 7 : Benutzung jeglicher Browser macht alle Prozesse sehr langsam
    Log-Analyse und Auswertung - 03.08.2015 (12)
  3. Vista - viele iexplore.exe-Prozesse, Rechner wird langsam
    Log-Analyse und Auswertung - 27.08.2014 (26)
  4. Computer sehr langsam, keine Reaktion, Prozesse müssen oft beendet werden
    Log-Analyse und Auswertung - 12.06.2014 (17)
  5. Windows 7: merkwürdiges Verhalten (Prozesse beenden sehr langsam, Bildschirmflackern, seltsame Internetverbindung)
    Log-Analyse und Auswertung - 22.11.2013 (7)
  6. Virusverdacht: PC, insbes. Firefox und Flashplayer sehr langsam z.T. instabil
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (24)
  7. Hilfe ich habe mehrere IEXPLORER Prozesse und Explorer ist langsam PC ständig überlastet
    Log-Analyse und Auswertung - 02.07.2012 (28)
  8. Zweimal rundll32.exe / Rechner langsam (obwohl gerade neu aufgesetzt)/viele Ports offen
    Log-Analyse und Auswertung - 30.01.2012 (36)
  9. PC plötzlich sehr, sehr langsam - evtl. neues update Adobe Flashplayer? kein Virus gefunden...
    Log-Analyse und Auswertung - 05.10.2011 (15)
  10. Prozesse doppelt, PC sehr sehr langsam, hängt sich auf, noch zu retten?
    Log-Analyse und Auswertung - 29.06.2010 (2)
  11. Internet sehr langsam / PC hängt sich auf / Prozesse
    Log-Analyse und Auswertung - 29.10.2009 (4)
  12. Mein rechner ist seit eine viren attake sehr sehr langsam
    Log-Analyse und Auswertung - 09.02.2009 (0)
  13. 2 Iexplorer offen!
    Mülltonne - 22.11.2008 (0)
  14. Browser öffnen selbstständig, Herunterfahren sehr langsam, viele neue Prozesse
    Log-Analyse und Auswertung - 15.11.2008 (3)
  15. Firefox spinnt rum, Rechner langsam, IExplorer öffnet sich
    Log-Analyse und Auswertung - 21.06.2008 (2)
  16. iexplorer.exe 2 mal offen :(
    Log-Analyse und Auswertung - 10.10.2007 (10)
  17. IExplorer startet sehr langsam
    Log-Analyse und Auswertung - 23.11.2006 (1)

Zum Thema fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam - Hallo zusammen, da ich aus dem Ausland (Polen) schreibe habe ich leider keine Umlate an meiner Tastatur. Deshalb ist in den Logfails auch etwas in Polnisch, hoffe es kann mir - fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam...
Archiv
Du betrachtest: fehlerhafter flashplayer in IE ,iexplorer.exe mehrmalls offen in prozesse, rechner sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.