Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.10.2010, 16:33   #1
blackshadow3
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



Hallo beisammen,

Ich wollte heute einen alternativen xvid-encoder installieren. Bei der Installation schlug direkt mein McAfee alarm und stoppte eine ominöse "server.exe". Da dachte ich mir schon O_O was hab ich mir denn da grad runtergeladen. Offenbar hat diese jedoch ihr Zerstörungswerk bereits verrichtet. Die server.exe ist zwar deaktiviert und isoliert, jedoch habe ich weder auf CMD, noch TaskManager und viele andere Sachen mehr im System Zugriff. Mir wäre nun wichtig zu wissen wie ich meine CMD und meinen Taskmanager wieder aktivieren kann. Denn ich muss unbedingt nachvollziehen was da passiert. (RegEdit habe ich bereits reaktiviert.)

Anbei noch eine HijackThis log. Danke!

Gruß Nem

Edit: McAfee nennt das Ding: "Generic.dx!vu"

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:31, on Do. 07.10.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\BisonCam\BisonHK.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\MyProgramms\StartRun\StartRun.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Tools\CryptLoad\CryptLoad.exe
C:\Program Files (x86)\ProcessExplorer\procexp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://127.0.0.1/masterpage2/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 9.0 Helper - {E31CE47F-C268-41ba-897B-B415E613947D} - C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: Miranda.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe
O4 - Startup: StartRun.exe - Verknüpfung.lnk = C:\MyProgramms\StartRun\StartRun.exe
O4 - Startup: Termine.txt - Verknüpfung.lnk = C:\Users\Nemcija\Desktop\Termine.txt
O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {de_DE}  (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: madCodeHook service demo (madDllInjectServiceDemo) - Unknown owner - C:\Users\Nemcija\AppData\Local\Temp\MCHDemos\MCHDemos\system wide\HookProcessTermination\InjectService.exe (file missing)
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11243 bytes
         
edit 2:

Mittels folgender Registery Keys lassen sich genannte Sachen wieder reaktivieren.
Code:
ATTFilter
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegedit
HKCU\Software\Policies\Microsoft\Windows\System\DisableCMD
         
Zur sicherheit habe ich nun eine einfache Routenverfolgung gemacht um zu prüfen ob ein Proxy zwischengehängt wurde.
Code:
ATTFilter
Routenverfolgung zu web.de [213.165.64.75] über maximal 30 Abschnitte:

  1    <1 ms     1 ms    <1 ms  fritz.box [192.168.178.1]
  2    44 ms    43 ms    43 ms  217.0.117.19
  3    45 ms    44 ms    45 ms  217.0.81.214
  4    67 ms    57 ms    58 ms  ka-ea2-i.KA.DE.NET.DTAG.DE [62.154.74.34]
  5    57 ms    57 ms    57 ms  dtag.bb-c.bs.kae.de.oneandone.net [80.156.160.54]
  6    58 ms    58 ms    57 ms  ae-3.gw-distg-b.bs.ka.oneandone.net [212.227.121.215]
  7    58 ms    57 ms    57 ms  web.de [213.165.64.75]
         

Geändert von blackshadow3 (07.10.2010 um 16:57 Uhr)

Alt 07.10.2010, 20:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 08.10.2010, 12:52   #3
blackshadow3
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



Hier erst mal Malware Bytes

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4773

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

Fr. 08.10.2010 13:12:59
mbam-log-2010-10-08 (13-12-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|H:\|)
Durchsuchte Objekte: 739563
Laufzeit: 2 Stunde(n), 11 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
edit und hier die 2. Log:
Code:
ATTFilter
OTL logfile created on: Fr. 08.10.2010 13:53:02 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = E:\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: ddd. dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 47,00% Memory free
16,00 Gb Paging File | 12,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,37 Gb Total Space | 128,90 Gb Free Space | 54,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 596,17 Gb Total Space | 239,88 Gb Free Space | 40,24% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 931,51 Gb Total Space | 81,69 Gb Free Space | 8,77% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive P: | 465,76 Gb Total Space | 92,28 Gb Free Space | 19,81% Space Free | Partition Type: NTFS
 
Computer Name: NEM7
Current User Name: blackshadow
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010/10/08 13:52:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
PRC - [2010/09/27 18:40:56 | 000,814,176 | ---- | M] ( ) -- C:\Program Files (x86)\Miranda IM\miranda32.exe
PRC - [2010/09/24 19:54:32 | 001,786,168 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\CCleaner\CCleaner.exe
PRC - [2010/09/17 03:15:51 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/07/11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/09 16:55:53 | 003,328,960 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010/03/05 20:59:50 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/12/20 01:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\xampp\mysql\bin\mysqld.exe
PRC - [2009/12/20 01:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2009/12/10 11:00:32 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009/10/09 17:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2009/10/06 18:31:38 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
PRC - [2009/10/06 17:54:20 | 002,409,984 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2009/10/05 16:06:26 | 000,077,824 | ---- | M] (mychat) -- C:\Program Files (x86)\BisonCam\BisonHK.exe
PRC - [2009/08/31 21:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2009/08/31 21:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2009/08/25 17:24:47 | 000,713,037 | ---- | M] () -- C:\MyProgramms\StartRun\StartRun.exe
PRC - [2009/07/20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009/06/17 13:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/01/30 00:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008/09/24 15:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/03/14 05:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2008/03/14 05:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2008/03/14 05:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
PRC - [2008/01/22 19:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2006/10/26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/10/08 13:52:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
MOD - [2010/02/04 20:17:27 | 000,129,984 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp1.dll
MOD - [2009/07/20 05:00:00 | 000,057,344 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\GameHook.dll
MOD - [2009/07/20 05:00:00 | 000,038,912 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\x86\lgscroll.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2009/08/31 21:07:00 | 000,079,504 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/11/07 10:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/05 20:59:50 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/01/26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/12/25 20:10:54 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/20 01:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009/12/20 01:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/10/09 17:07:20 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/10/06 18:31:38 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2009/08/31 21:07:00 | 000,178,920 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe -- (McShield)
SRV - [2009/08/31 21:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2009/08/31 21:07:00 | 000,019,720 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe -- (McAfeeEngineService)
SRV - [2009/07/20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/09/24 15:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/03/14 05:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2008/01/22 19:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/03/20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/10/26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010/06/09 17:10:16 | 000,046,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nm3.sys -- (nm3)
DRV:64bit: - [2010/03/09 00:24:11 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010/02/24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010/01/21 15:54:26 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010/01/01 19:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/12/30 12:31:40 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009/12/30 12:31:30 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009/12/30 12:31:30 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009/12/25 05:22:44 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/10/20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/10/09 16:50:48 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2009/10/07 10:44:00 | 000,138,896 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2009/09/08 11:54:38 | 001,178,352 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607)
DRV:64bit: - [2009/08/31 21:07:00 | 000,469,144 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/08/31 21:07:00 | 000,119,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/08/31 21:07:00 | 000,097,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2009/08/31 21:07:00 | 000,083,784 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/08/31 21:07:00 | 000,077,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2009/08/25 19:18:56 | 000,052,736 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/27 04:59:32 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009/07/20 13:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/06/17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/06/17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 16:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/14 02:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/03/09 17:58:00 | 000,060,416 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/01/13 20:14:58 | 000,057,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2009/01/13 20:14:50 | 000,015,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2009/01/13 20:14:22 | 000,022,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2008/11/30 16:45:26 | 001,203,200 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV:64bit: - [2007/02/16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2010/03/09 00:24:11 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/07/13 17:57:04 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\sysWOW64\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2007/09/04 17:53:34 | 000,071,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\x64\VSPerfDrv90.sys -- (VSPerfDrv90)
DRV - [2007/02/16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://127.0.0.1/masterpage2/index.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 27 70 69 04 CB 87 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.5
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: trackmenot@mrl.nyu.edu:0.6.291
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/02/26 16:14:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/06 08:26:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/06 08:26:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/10/06 20:31:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/02/26 16:14:54 | 000,000,000 | ---D | M]
 
[2009/12/25 05:33:12 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Extensions
[2009/12/25 05:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/10/08 00:26:45 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions
[2010/04/27 16:19:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/15 14:34:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/25 15:50:32 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010/08/18 19:58:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/05/06 23:20:51 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\firebug@software.joehewitt.com
[2010/03/20 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\eaws36mq.default\extensions\trackmenot@mrl.nyu.edu
[2009/12/25 05:23:30 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions
[2009/12/25 05:15:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/25 05:15:30 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/12/25 05:15:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/12/25 05:15:31 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions\firebug@software.joehewitt.com
[2009/12/25 05:15:30 | 000,000,000 | ---D | M] -- C:\Users\blackshadow\AppData\Roaming\mozilla\Firefox\Profiles\ywyw2zdn.default\extensions\trackmenot@mrl.nyu.edu
[2008/07/10 14:07:28 | 000,000,944 | ---- | M] () -- C:\Users\blackshadow\AppData\Roaming\Mozilla\FireFox\Profiles\ywyw2zdn.default\searchplugins\icqplugin.xml
[2010/10/08 00:26:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/29 19:40:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/14 09:48:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010/07/23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/07/23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/07/23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/07/23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/07/23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010/09/23 01:40:49 | 000,381,649 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1     static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1     ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1     orbitservice.ubi.com
O1 - Hosts: 127.0.0.1    gosredirector.ea.com
O1 - Hosts: 127.0.0.1    blazeserver.blazeemu.org
O1 - Hosts: 127.0.0.1    gosgvaprod-qos01.ea.com
O1 - Hosts: 127.0.0.1    gosiadprod-qos01.ea.com
O1 - Hosts: 127.0.0.1    gossjcprod-qos01.ea.com
O1 - Hosts: 127.0.0.1    demangler.ea.com
O1 - Hosts: 127.0.0.1    vmp.tools.gos.ea.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-domains-registrations.com
O1 - Hosts: 13147 more lines...
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Microsoft Web Test Recorder 9.0 Helper) - {E31CE47F-C268-41ba-897B-B415E613947D} - C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll (Microsoft Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BisonHK] C:\Program Files (x86)\BisonCam\BisonHK.exe (mychat)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\blackshadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Users\blackshadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StartRun.exe - Verknüpfung.lnk = C:\MyProgramms\StartRun\StartRun.exe ()
O4 - Startup: C:\Users\blackshadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Termine.txt - Verknüpfung.lnk = C:\Users\blackshadow\Desktop\Termine.txt ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\psfus: DllName - Reg Error: Key error. - C:\Programme\Protector Suite\psqlpwd.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/15 13:32:24 | 000,000,028 | RH-- | M] () - H:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{46af307c-f0f1-11de-abc4-0090f5980ec6}\Shell - "" = AutoRun
O33 - MountPoints2\{46af307c-f0f1-11de-abc4-0090f5980ec6}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/10/08 00:42:53 | 000,000,000 | ---D | C] -- C:\Users\blackshadow\AppData\Roaming\Malwarebytes
[2010/10/08 00:42:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/10/08 00:42:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/08 00:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/08 00:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/08 00:37:48 | 000,000,000 | ---D | C] -- C:\Programme\TortoiseSVN
[2010/10/08 00:37:48 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\TortoiseOverlays
[2010/10/07 11:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/10/06 08:28:03 | 000,839,680 | ---- | C] (hxxp://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2010/10/06 08:28:03 | 000,287,744 | ---- | C] (Kristal StudioDFileDescription) -- C:\Windows\SysWow64\divxa32.acm
[2010/10/06 08:28:02 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2010/10/06 08:28:02 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2010/10/06 08:28:02 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\I263_32.drv
[2010/10/06 08:28:02 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2010/10/06 08:28:02 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2010/10/06 08:28:02 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2010/10/06 08:28:02 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll
[2010/10/05 00:53:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2010/10/05 00:53:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2010/09/23 13:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/09/23 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010/09/23 01:51:44 | 000,000,000 | ---D | C] -- C:\Users\blackshadow\AppData\Roaming\Kalypso Media
[2010/09/23 01:20:38 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010/09/23 01:20:38 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010/09/23 01:20:38 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010/09/23 01:20:38 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010/09/23 01:20:38 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010/09/23 01:20:38 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010/09/23 01:20:38 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010/09/23 01:20:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010/09/23 01:20:37 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010/09/23 01:20:37 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010/09/23 01:20:37 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010/09/23 01:20:37 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010/09/23 01:20:37 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010/09/23 01:20:37 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010/09/23 01:20:37 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010/09/23 01:20:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010/09/23 01:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2010/09/23 01:18:29 | 000,000,000 | ---D | C] -- C:\Users\blackshadow\AppData\Roaming\ProtectDISC
[2010/09/22 03:28:21 | 000,000,000 | ---D | C] -- C:\Users\blackshadow\Documents\Network Monitor 3
[2010/09/22 03:27:51 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Network Monitor 3
[2010/09/16 22:48:29 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/16 22:48:29 | 002,058,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2010/09/16 22:47:45 | 000,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolsv.exe
[2010/09/15 13:10:04 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Users\blackshadow\Documents\msvcr80.dll
[2010/09/14 09:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/09/14 09:48:34 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/09/14 09:48:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/09/14 09:48:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/08/13 14:03:15 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2010/08/13 14:03:15 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/08/13 14:03:12 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2010/08/13 14:03:06 | 003,122,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32k.sys
[2010/08/13 14:03:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/09 03:28:41 | 014,162,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2010/06/04 21:41:59 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010/06/04 21:41:59 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010/06/04 21:41:59 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010/06/04 21:41:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010/04/23 22:57:38 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/04/23 22:57:37 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/03/18 09:36:02 | 000,057,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp100.dll
[2010/02/10 19:46:15 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010/02/10 19:46:10 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/02/10 19:46:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2009/12/25 17:13:53 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2009/12/25 17:13:53 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2009/12/25 17:13:50 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2009/12/25 17:13:50 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2009/12/25 17:13:50 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2009/12/25 17:13:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2009/12/25 17:13:49 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2009/12/25 17:13:49 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2009/12/25 17:13:48 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2009/12/25 17:13:48 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2009/12/25 17:13:48 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2009/12/25 17:13:48 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2009/12/25 17:13:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2009/12/25 17:13:46 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2009/12/25 17:13:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2009/12/25 17:13:46 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2009/12/25 17:13:46 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2009/12/25 17:13:45 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2009/12/25 17:13:45 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2009/12/25 17:13:44 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2009/12/25 17:13:43 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2009/12/25 17:13:42 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2009/12/25 17:13:41 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2009/12/25 17:13:41 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2009/12/25 17:13:40 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2009/12/25 17:13:39 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2009/12/25 17:13:38 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2009/12/25 17:13:38 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2009/12/25 17:13:37 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2009/12/25 17:13:37 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2009/12/25 17:13:36 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2009/12/25 17:13:36 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2009/12/25 17:13:35 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2009/12/25 17:13:35 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2009/12/25 17:13:35 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2009/12/25 17:13:31 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2009/12/25 17:13:31 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2009/12/25 04:02:08 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/12/25 04:02:07 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/12/24 22:19:24 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2009/12/24 22:19:24 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2009/12/24 22:19:24 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2009/12/24 22:19:24 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2009/12/24 22:19:23 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2009/12/24 22:19:23 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2009/12/24 22:19:22 | 000,417,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2009/12/24 22:19:21 | 001,603,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2009/12/24 22:19:20 | 001,393,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2009/12/24 22:19:16 | 001,167,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2009/12/24 22:19:16 | 000,611,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2009/12/24 22:19:15 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2009/12/24 22:19:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2009/12/24 22:19:14 | 000,063,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2009/12/24 22:14:46 | 000,585,728 | ---- | C] (Motorola Inc.) -- C:\Windows\SysNative\sm56co85.dll
[2009/12/03 10:27:28 | 000,104,480 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2009/11/23 14:50:06 | 001,533,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01007.dll
[2009/10/20 20:19:58 | 000,369,168 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2009/07/14 05:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-TW
[2009/07/14 05:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-HK
[2009/07/14 05:20:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-CN
[2009/07/14 02:47:50 | 004,835,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsrchvw.exe
[2009/07/14 02:45:40 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2009/07/14 02:42:43 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2009/07/14 02:42:07 | 001,576,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpssvcs.dll
[2009/07/14 02:41:27 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2009/07/14 02:39:38 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsFilt.dll
[2009/07/14 02:38:01 | 000,706,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XPSSHHDR.dll
[2009/07/14 02:37:19 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2009/07/14 02:37:05 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2009/07/14 02:29:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2009/07/14 02:20:06 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XInput9_1_0.dll
[2009/07/14 02:08:30 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlprovi.dll
[2009/07/14 02:07:03 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xwizards.dll
[2009/07/14 02:06:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xwizard.exe
[2009/07/14 02:06:57 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xwtpdui.dll
[2009/07/14 02:06:56 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xwtpw32.dll
[2009/07/14 02:06:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xwreg.dll
[2009/07/14 01:59:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xolehlp.dll
[2009/07/14 01:56:15 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2009/07/14 01:25:32 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xcopy.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/10/08 00:42:33 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 09:12:45 | 000,011,052 | ---- | C] () -- C:\Users\blackshadow\Documents\cc_20101007_091243.reg
[2010/10/06 08:28:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/10/06 08:28:03 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2010/10/06 08:28:02 | 002,931,712 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2010/10/06 08:28:02 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/10/06 08:28:02 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/10/06 08:28:01 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/10/06 08:28:01 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010/09/23 01:18:34 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00001726.LCS
[2010/09/22 03:27:53 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
[2010/09/18 13:25:56 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Ultima Online 2D Client.lnk
[2010/09/10 00:16:47 | 000,001,191 | ---- | C] () -- C:\Windows\SysNative\Aeris_Gainsborough Elf Final_Fantasy_XI Fran James_Cameron's_Avatar Marvel Mass_effect Na'vi Skrull Twi'lek Vulcan World_of_Warcraft asari blood_elf draenei final_fantasy night_elf orc star_trek.jpg.lnk
[2010/08/23 17:00:58 | 000,000,466 | ---- | C] () -- C:\Windows\Swish.INI
[2010/08/19 05:05:50 | 000,000,571 | ---- | C] () -- C:\Users\blackshadow\AppData\Roaming\MPQEditor.ini
[2010/07/27 04:06:35 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\libsndfile-1.dll
[2010/06/29 20:54:18 | 000,000,129 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/06/10 15:00:32 | 000,000,095 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\fusioncache.dat
[2010/06/09 21:31:27 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/05/26 16:04:12 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/05/26 16:04:12 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/05/26 16:04:12 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/05/03 14:43:36 | 000,000,028 | ---- | C] () -- C:\Windows\SysNative\settings.xml
[2010/03/15 21:36:59 | 000,000,000 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\debuggee.mdmp
[2010/03/12 20:07:05 | 000,000,019 | ---- | C] () -- C:\Windows\settings.ini
[2010/02/25 14:15:21 | 000,001,534 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\formula1.yap
[2010/02/22 02:25:50 | 000,000,543 | ---- | C] () -- C:\Users\blackshadow\AppData\Roaming\AutoGK.ini
[2010/02/15 21:42:39 | 000,001,148 | ---- | C] () -- C:\Windows\SysWow64\game.ini
[2010/02/15 21:42:24 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2010/02/06 20:11:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/02/06 20:08:12 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/01/05 20:13:58 | 000,000,161 | ---- | C] () -- C:\Windows\Sam9_E.INI
[2010/01/05 20:11:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010/01/05 20:11:14 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/12/30 16:08:16 | 000,007,168 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/26 21:03:56 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009/12/26 14:52:49 | 000,007,602 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\Resmon.ResmonCfg
[2009/12/26 05:56:57 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/12/26 05:55:08 | 002,685,280 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/25 14:05:30 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\muangsys.dll
[2009/12/25 14:05:30 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\muadisp.dll
[2009/12/25 13:30:03 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009/12/24 23:40:45 | 000,021,203 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\backup.vtp
[2009/12/24 22:57:09 | 000,000,227 | R--- | C] () -- C:\Windows\OEM.ini
[2009/12/24 22:57:08 | 000,015,190 | ---- | C] () -- C:\Windows\M3000Twn.ini
[2009/12/24 22:09:53 | 004,659,645 | -H-- | C] () -- C:\Users\blackshadow\AppData\Local\IconCache.db
[2009/12/24 22:06:12 | 000,098,384 | ---- | C] () -- C:\Users\blackshadow\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/03 10:27:28 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 06:54:24 | 000,000,174 | -HS- | C] () -- C:\Programme\desktop.ini
[2009/07/14 06:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:03:31 | 000,004,041 | ---- | C] () -- C:\Windows\SysNative\xwizard.dtd
[2009/06/10 22:31:09 | 000,076,060 | ---- | C] () -- C:\Windows\SysNative\xpsrchvw.xml
[2006/08/16 16:13:34 | 001,382,280 | ---- | C] () -- C:\Windows\SysWow64\fftw3.dll
[2006/06/06 10:04:54 | 000,131,072 | --S- | C] () -- C:\Windows\SysWow64\LIBBZ2.dll
[2004/12/15 01:09:20 | 000,237,568 | --S- | C] () -- C:\Windows\SysWow64\SDL.dll
[2002/10/16 00:54:04 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
========== Files - Unicode (All) ==========
[2010/03/29 03:31:02 | 000,067,072 | ---- | C] ()(C:\Windows\2D??????2nd.mid) -- C:\Windows\2D格闘ツクール2nd.mid
< End of report >
         
__________________

Geändert von blackshadow3 (08.10.2010 um 13:07 Uhr)

Alt 08.10.2010, 13:13   #4
blackshadow3
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



und hier noch eine log:

Code:
ATTFilter
OTL Extras logfile created on: Fr. 08.10.2010 13:53:02 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = E:\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: ddd. dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 47,00% Memory free
16,00 Gb Paging File | 12,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,37 Gb Total Space | 128,90 Gb Free Space | 54,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 596,17 Gb Total Space | 239,88 Gb Free Space | 40,24% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 931,51 Gb Total Space | 81,69 Gb Free Space | 8,77% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive P: | 465,76 Gb Total Space | 92,28 Gb Free Space | 19,81% Space Free | Partition Type: NTFS
 
Computer Name: NEM7
Current User Name: blackshadow
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe" = C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video Cleaner -- File not found
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe" = C:\Program Files\River Past\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video Cleaner -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{2ABC3A5A-CDC9-4251-A525-F49D6340FBC8}" = Sun VirtualBox
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{4322C618-94E5-3EB0-8BA5-4675C4803C34}" = Microsoft Visual Studio 2008 Performance Collection Tools - ENU
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55C09FC1-D2D8-495A-BD80-D6725F0DCA58}" = Logitech GamePanel Software 3.04.137
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{8753DF4D-64B0-474E-9A97-0AB5585D9A53}" = Logitech Gaming Software 5.04
"{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}" = Microsoft Network Monitor 3.4
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{963E5FEB-1367-46B9-851D-A957F1A3747F}" = Microsoft Network Monitor: NetworkMonitor Parsers 3.4
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC2512D4-ED8A-4015-BF87-92478483C171}" = TortoiseSVN 1.6.6.17493 (64 bit)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CB974C3D-D101-4411-8F54-DCDC58DED815}" = Protector Suite 2009
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"Defraggler" = Defraggler
"Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SMSERIAL" = Motorola SM56 Data Fax Modem
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F25F02B-854E-49B3-8F68-6D27CE4D477E}" = Ultima Online 2D Client
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.0021
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1A5E0E3D-0BAA-4F8B-9403-BF2579E53712}" = db4o 7.12
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}" = Cisco AnyConnect VPN Client
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43bc2dde-9df9-4e48-a39f-38cc97514fcf}" = Nero 9
"{481C9A00-91AC-4065-870C-BD4E28186E5A}" = PC Connectivity Solution
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = BisonCam
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 6.2.3
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{734E3BAE-5661-55D6-8BC0-7ABA7238F712}" = db4o 7.12
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{80C06CCD-7D07-3DB6-86CD-B57B3F0614D8}" = Microsoft Visual Studio Team System 2008 Team Suite - ENU
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A638557B-1F13-40A0-9627-C892FBCA6960}" = McAfee Agent
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AE75AF6A-22AC-4497-AE20-9FA4F4B10033}" = Netviewer Support
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C72BE4ED-E500-4F84-A1B0-C679D7DE0C43}" = ObjectManager Enterprise for Visual Studio 2008
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EF901A4B-A25A-4962-83C6-C6691D062ED9}" = Nero Mega Plugin Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Any Video Converter_is1" = Any Video Converter 3.0.7
"AnyDVD" = AnyDVD
"ArtMoney SE_is1" = ArtMoney SE v7.32
"AutoGK" = Auto Gordian Knot 2.55
"AutoItv3" = AutoIt v3.3.6.1
"AviSynth" = AviSynth 2.5
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"DE Decompiler Lite_is1" = DE Decompiler Lite 1.3
"Defraggler" = Defraggler
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"dlanconf" = devolo dLAN-Konfigurationsassistent
"Drakensang_TRoT_is1" = Drakensang - Am Fluss der Zeit
"dslmon" = devolo Informer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GoogleBooks" = Google Books Download
"HijackThis" = HijackThis 2.0.2
"IBM Installation Manager" = IBM Installation Manager
"IDA Pro Advanced v5.5 with Hex-Rays Decompiler v1.1_is1" = IDA Pro Advanced v5.5 with Hex-Rays Decompiler v1.1
"Inkscape" = Inkscape 0.47
"InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.0021
"Jagged Alliance 2" = Jagged Alliance 2
"JFNLIMJCJBMMIIOH" = •ÛŒ’‘̈ç
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microangelo 5.0" = Microangelo 5.5
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio Team System 2008 Team Suite - ENU" = Microsoft Visual Studio Team System 2008 Team Suite - ENU
"Miranda IM" = Miranda IM 0.9.4
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Nokia Ovi Suite" = Nokia Ovi Suite
"PE Explorer_is1" = PE Explorer 1.99 R6
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"Samplitude SE No.9 US" = Samplitude SE No.9 9.1.1.1 (US)
"SciTE4AutoIt3" = SciTE4AutoIt3 31-10-2009
"SQLyog" = SQLyog 8.22 
"Steam App 10" = Counter-Strike
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Trillian" = Trillian
"UltraISO_is1" = UltraISO Premium V9.33
"VirtualCloneDrive" = VirtualCloneDrive
"VisiPics_is1" = VisiPics V1.30
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinPcapInst" = WinPcap 4.1.1
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"Wireshark" = Wireshark 1.2.5
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"XviD4PSP5" = XviD4PSP 5.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Winamp Detect" = Winamp Anwendungserkennung
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         

Alt 08.10.2010, 18:10   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



Gibt es noch weitere Logs von Malwarebytes? Wäre sehr sinnfrei, wenn Du das ohne Funde gepostet hättest

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.10.2010, 01:09   #6
blackshadow3
 
'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Standard

'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?



gibt keine weiteren Logs. Ich nehm mal an dass mein Rechner sauber ist. Zumindest funkt nichts nach außen und in den logs hier sehe ich ansich auch nichts ungewöhnliches was mir nun ins auge fallen würde.

Vielen Dank dennoch.

Antwort

Themen zu 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?
adobe, alternative, bho, bonjour, desktop, explorer, firefox, generic.dx, google, hijack, hijackthis, hotkey, installation, internet, internet explorer, local\temp, logfile, lsass.exe, maximal, microsoft, mozilla, nvidia, server.exe, skype.exe, software, studio, system, syswow64, taskmanager, temp, visual studio, web.de, windows



Ähnliche Themen: 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?


  1. Einzeiler beschert Adminrechte unter Mac OS X 10.10
    Nachrichten - 23.07.2015 (0)
  2. Microsoft entzieht Indischer CA das Vertrauen
    Nachrichten - 11.07.2014 (0)
  3. Malwarebytes 2.0 Fehlalarm ohne Adminrechte?
    Log-Analyse und Auswertung - 01.04.2014 (7)
  4. Rechte eingeschränkt, Fake Zertifikate,Trusted Installer GROOVEEX.DLL und Server auf dem Rechner eingerichtet
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (9)
  5. Habe keine Adminrechte mehr win xp home
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (15)
  6. GVU Trojaner auf Notebook ohne Adminrechte
    Plagegeister aller Art und deren Bekämpfung - 09.08.2012 (2)
  7. Adminrechte weg
    Plagegeister aller Art und deren Bekämpfung - 27.09.2011 (0)
  8. Adminrechte weg
    Alles rund um Windows - 27.09.2011 (3)
  9. Adminrechte nach Softwareinstallation weg
    Plagegeister aller Art und deren Bekämpfung - 23.08.2011 (12)
  10. Remoteprozeduraufruf+keine Adminrechte
    Alles rund um Windows - 09.01.2011 (1)
  11. Keine Adminrechte mehr HJT Log-File
    Log-Analyse und Auswertung - 06.11.2010 (1)
  12. Windows Vista volle Adminrechte
    Alles rund um Windows - 30.06.2009 (1)
  13. Trojaner? / Adminrechte weg
    Log-Analyse und Auswertung - 28.12.2008 (1)
  14. XP - keine Adminrechte mehr uvm.
    Log-Analyse und Auswertung - 03.05.2008 (6)
  15. fehlende Adminrechte
    Plagegeister aller Art und deren Bekämpfung - 29.03.2007 (3)
  16. Keine Adminrechte mehr
    Alles rund um Windows - 15.01.2007 (3)
  17. Adminrechte weg ???
    Plagegeister aller Art und deren Bekämpfung - 13.02.2006 (42)

Zum Thema 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? - Hallo beisammen, Ich wollte heute einen alternativen xvid-encoder installieren. Bei der Installation schlug direkt mein McAfee alarm und stoppte eine ominöse "server.exe". Da dachte ich mir schon O_O was hab - 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte?...
Archiv
Du betrachtest: 'server.exe' entzieht adminrechte - Wiederherstellen der Rechte? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.