| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Plötzlich Musik im Hintergrund, während Opera läuftWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
16.01.2011, 16:28
| #1 |
 |  Plötzlich Musik im Hintergrund, während Opera läuft Hallo zusammen! Seit einiger Zeit höre ich nach einiger Zeit eine Art.. Kampfmusik im Hintergrund, wenn ich Opera laufen habe. Antivir findet allerdings keine Schädlinge. Wie mir scheint, ist es genau das gleiche Problem, wie ein User in diesem Thread [http://www.trojaner-board.de/89080-m...ch-tun-2.html] berichtet hat. Ausserdem ist mir aufgefallen, dass mein PC in letzter Zeit ab und zu mal ohne Vorwarnung komplett hängenbleibt, was vorher nie der Fall war, beim Windows-Startbildschirm muss ich einige Sekunden warten, bis ich die Maus und Tastatur verwenden kann, und ich habe das Gefühl, dass mein Rechner etwas überhitzt. Könnte das evtl. zusammenhängen? Das sind die Werte meines PCs: Code:
ATTFilter Gesamter Systemspeicher: 6.00 GB RAM
Systemtyp: 64 Bit-Betriebssystem, Windows 7 Ultimate
Prozessor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
Grafikkartentyp: NVIDIA GeForce GTX 460
 Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5527
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
16.01.2011 16:14:43
mbam-log-2011-01-16 (16-14-43).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156856
Laufzeit: 42 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Und hier ist das HijackThis-Protokoll: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:16:52, on 16.01.2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe I:\Fraps\fraps.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe I:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Program Files (x86)\SpeedFan\speedfan.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - Startup: HP SimpleSave Monitor.lnk = Laura\AppData\Roaming\HP SimpleSave Application\StartHelper.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe O23 - Service: BackupService - ArcSoft, Inc. - C:\Users\Laura\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - I:\ASUS.SYS\config\DVMExportService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12492 bytes Schonmal vielen Dank im Voraus, Liebe Grüsse Laura. |
|
17.01.2011, 10:36
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Plötzlich Musik im Hintergrund, während Opera läuft Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
17.01.2011, 14:15
| #3 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Hier ist schonmal der Scan mit OTL, den Malwarebytes-Scan poste ich sobald ich ihn habe.
__________________Code:
ATTFilter OTL logfile created on: 17.01.2011 14:11:03 - Run 2 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Laura\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 67.00% Memory free 12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119.24 Gb Total Space | 55.69 Gb Free Space | 46.71% Space Free | Partition Type: NTFS Drive D: | 3.61 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 1863.01 Gb Total Space | 1329.85 Gb Free Space | 71.38% Space Free | Partition Type: NTFS Drive I: | 931.51 Gb Total Space | 701.70 Gb Free Space | 75.33% Space Free | Partition Type: NTFS Computer Name: LAURA-PC | User Name: Laura | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Laura\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe (Avira GmbH) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Users\Laura\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) PRC - C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe (ASUSTeK Computer Inc.) PRC - I:\Fraps\fraps.exe (Beepa P/L) PRC - I:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.) PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) ========== Modules (SafeList) ========== MOD - C:\Users\Laura\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - I:\Fraps\fraps32.dll (Beepa P/L) ========== Win32 Services (SafeList) ========== SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (BackupService) -- C:\Users\Laura\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe (ArcSoft, Inc.) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (BioWare) SRV - (DvmMDES) -- I:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.) SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe (ASUSTeK Computer Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation) DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation) DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation) DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (CLBStor) -- C:\Windows\SysNative\drivers\CLBStor.sys (Cyberlink Co.,Ltd.) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys () DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BF BC CD C7 7F AE CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== [2010.08.09 21:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\mozilla\Extensions [2010.08.09 21:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\mozilla\Extensions\kylo@hcrest.com O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivX Download Manager] File not found O4 - HKLM..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (CyberLink Corporation.) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [DriverScanner] File not found O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk = C:\Users\Laura\AppData\Roaming\HP SimpleSave Application\StartHelper.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.196.148.10 213.196.149.10 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.16 19:02:40 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ] O32 - AutoRun File - [2010.10.16 17:57:00 | 000,103,608 | R--- | M] () - D:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2010.10.16 19:01:01 | 000,001,041 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2010.10.21 19:25:43 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ] O32 - Unable to obtain root file information for disk E:\ O33 - MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun\AutoRun.exe O33 - MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\Shell - "" = AutoRun O33 - MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\Shell\AutoRun\command - "" = F:\HPLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.17 14:02:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe [2011.01.16 11:30:39 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2011.01.16 11:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2011.01.16 11:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan [2011.01.16 11:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.01.16 11:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.01.16 11:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.01.16 01:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2011.01.16 01:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2011.01.16 01:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2011.01.16 01:48:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.01.16 01:43:19 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Malwarebytes [2011.01.16 01:43:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.01.16 01:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.16 01:43:12 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.01.16 01:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.01.16 01:35:44 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.01.14 20:55:50 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reality Pump [2011.01.14 20:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump [2011.01.14 20:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reality Pump [2011.01.13 13:08:57 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Two Worlds II [2011.01.13 12:20:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2011.01.13 12:20:05 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2011.01.13 12:20:05 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2011.01.13 12:20:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2011.01.13 12:20:04 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2011.01.13 12:20:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2011.01.13 12:20:04 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2011.01.13 12:20:04 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2011.01.13 12:20:03 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2011.01.13 12:20:03 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2011.01.13 12:20:03 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2011.01.13 12:20:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2011.01.13 12:20:03 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2011.01.13 12:20:03 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2011.01.13 12:20:02 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2011.01.13 12:20:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2011.01.13 12:20:01 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2011.01.13 12:20:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2011.01.13 12:20:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2011.01.13 12:20:01 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2011.01.13 12:20:01 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2011.01.13 12:20:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2011.01.13 12:20:01 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2011.01.13 12:20:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2011.01.13 12:20:00 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2011.01.13 12:20:00 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2011.01.13 12:19:59 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2011.01.13 12:19:59 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2011.01.13 12:19:59 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2011.01.13 12:19:58 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2011.01.13 12:19:58 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2011.01.13 12:19:58 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011.01.13 12:19:58 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2011.01.13 12:19:58 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2011.01.13 12:19:57 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2011.01.13 12:19:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2011.01.13 12:19:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2011.01.13 12:19:56 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2011.01.13 12:19:56 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2011.01.13 12:19:56 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2011.01.13 12:19:56 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2011.01.13 12:19:55 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2011.01.13 12:19:55 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2011.01.13 12:19:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2011.01.13 12:19:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2011.01.13 12:19:55 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2011.01.13 12:19:55 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011.01.13 12:19:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2011.01.13 12:19:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2011.01.13 12:19:54 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2011.01.13 12:19:54 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2011.01.13 12:19:54 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2011.01.13 12:19:54 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2011.01.13 12:19:53 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2011.01.13 12:19:53 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2011.01.13 12:19:53 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2011.01.13 12:19:53 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2011.01.13 12:19:53 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2011.01.13 12:19:53 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2011.01.13 12:19:52 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2011.01.13 12:19:52 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2011.01.13 12:19:52 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2011.01.13 12:19:52 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2011.01.13 01:08:13 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.01.13 01:08:13 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.01.13 01:08:13 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.01.13 01:08:13 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.01.13 01:08:13 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.01.13 01:08:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.01.13 01:08:12 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.01.13 01:08:12 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.01.13 01:08:12 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.01.13 01:08:12 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.01.13 01:08:12 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.01.13 01:08:12 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.01.13 01:08:12 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.01.13 01:08:12 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.01.13 01:08:12 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.01.13 01:08:12 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.01.13 01:08:12 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.01.13 01:08:12 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.01.13 01:08:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.01.13 01:08:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.01.13 01:08:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.01.13 01:08:12 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.01.13 01:08:12 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.01.13 01:08:12 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.01.13 01:08:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.01.13 01:08:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.01.13 01:08:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.01.13 01:08:07 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.01.13 01:08:07 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.01.04 01:21:50 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Local [2011.01.04 01:21:45 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\DivX [2011.01.04 01:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.01.04 01:21:39 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2011.01.04 01:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.01.04 01:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.12.22 19:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010.12.22 19:44:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.12.22 19:44:35 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.12.22 19:36:46 | 000,000,000 | ---D | C] -- C:\Users\Laura\Documents\Downloads [2010.12.22 19:36:40 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\GetRightToGo [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.17 14:10:47 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2011.01.17 14:08:39 | 000,010,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.17 14:08:39 | 000,010,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.17 14:07:11 | 001,644,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.01.17 14:07:11 | 000,707,908 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.01.17 14:07:11 | 000,661,504 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.01.17 14:07:11 | 000,153,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.01.17 14:07:11 | 000,125,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.01.17 14:02:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe [2011.01.17 14:00:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.17 14:00:31 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys [2011.01.16 11:30:38 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2011.01.16 01:49:01 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2011.01.14 20:48:31 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\Two Worlds II.lnk [2011.01.11 00:48:58 | 000,154,336 | ---- | M] () -- C:\Users\Laura\.recently-used.xbel [2011.01.06 22:07:04 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin [2011.01.05 16:46:02 | 001,621,332 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.16 11:30:38 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2011.01.16 01:49:01 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2011.01.14 20:48:31 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\Two Worlds II.lnk [2011.01.11 00:48:58 | 000,154,336 | ---- | C] () -- C:\Users\Laura\.recently-used.xbel [2011.01.06 22:07:04 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin [2010.11.04 23:37:22 | 000,000,093 | ---- | C] () -- C:\Users\Laura\AppData\Local\fusioncache.dat [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.10.06 02:22:18 | 001,621,332 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.09.25 18:38:44 | 000,002,528 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\$_hpcst$.hpc [2010.09.25 18:23:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.09.25 18:23:08 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2010.09.04 18:53:10 | 000,000,103 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat [2010.09.04 17:54:32 | 000,007,608 | ---- | C] () -- C:\Users\Laura\AppData\Local\Resmon.ResmonCfg [2010.08.10 15:49:30 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.08.09 21:50:53 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010.08.09 21:50:53 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010.08.09 21:50:50 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2010.08.09 21:50:50 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2010.08.09 21:43:44 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.08.09 21:43:42 | 000,031,959 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2008.12.01 17:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:EEDA5B17 < End of report > EDIT: Entschuldige, habe den zweiten OTL-Report vergessen. Wird sofort nachgeliefert... EDIT02: Hier ist er: Code:
ATTFilter OTL Extras logfile created on: 17.01.2011 15:06:12 - Run 3
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Laura\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.24 Gb Total Space | 55.88 Gb Free Space | 46.86% Space Free | Partition Type: NTFS
Drive D: | 3.61 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1863.01 Gb Total Space | 1329.85 Gb Free Space | 71.38% Space Free | Partition Type: NTFS
Drive I: | 931.51 Gb Total Space | 701.70 Gb Free Space | 75.33% Space Free | Partition Type: NTFS
Computer Name: LAURA-PC | User Name: Laura | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0914-000001000000}" = 7-Zip 9.14 (x64 edition)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}" = Rayman 3
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{23EA4F84-174A-4d13-B393-E9406CD51B3E}" = Der Orden - Oblivion Mod
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 23
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1" = Amnesia - The Dark Descent Demo
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{60CE924D-12CB-4A96-8B75-18F92CE1D585}" = CrazyTalk v6.21 SE
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{6B058703-226B-4A8C-9AA8-2E1AB44B7D46}" = tecra's Mod-Translator
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1BB69C-9BD7-491F-9ECB-EA2BCE1B1010}" = The Conformulator
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EB278E8-7FDA-4ED9-A429-C87A76F95087}_is1" = 1AVCapture Version 1.8.7.21
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92510C2A-30E3-4F8D-AE8A-93AB7B63EE8F}" = Gothic II Gold
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9E549410-E417-4672-96E1-607E061AE69D}" = Nero VisionXtra Trial
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow!
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE74D039-45D7-44E9-BF95-B9CFB015964F_P1}_is1" = ArcaniA - Gothic 4 Patch
"{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1" = ArcaniA - Gothic 4 Hotfix
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Minen Von Moria v02.01.03.4020
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArcaniA" = ArcaniA - Gothic 4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Blender" = Blender (remove only)
"BlenderNIFScripts" = Blender NIF Scripts (remove only)
"CyberPower Audio Editing Lab_is1" = CyberPower Audio Editing Lab 14.0.1
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.9.17
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"iriver Firmware Updater" = iriver Firmware Updater (remove only)
"Ivellon_is1" = Ivellon 1.0
"JDownloader" = JDownloader
"Kylo Browser" = Kylo Browser
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Movie Converter" = Movie Converter (remove only)
"NifSkope" = NifSkope (remove only)
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.9
"Pen Tablet Driver" = Bamboo
"PyFFI" = PyFFI 2.1.4
"PyFFI-py2.5" = Python 2.5 PyFFI-2.1.4
"PyFFI-py2.6" = Python 2.6 PyFFI-2.1.4
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SimPE_is1" = SimPE 0.68 (alpha)
"SpeedFan" = SpeedFan (remove only)
"SpellForce" = SpellForce
"Two Worlds II" = Two Worlds II
"vReveal" = vReveal
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wondershare Video Studio Express_is1" = Wondershare Video Studio Express(Build 1.2.0.6)
"ZOTAC FireStorm" = ZOTAC FireStorm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"XBMC" = XBMC
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.01.2011 14:32:18 | Computer Name = Laura-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.01.2011 14:52:17 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Name des fehlerhaften Moduls: XAudio2SoundEngine.dll, Version:
0.0.0.0, Zeitstempel: 0x4d074763 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004ae9b
ID
des fehlerhaften Prozesses: 0x15b0 Startzeit der fehlerhaften Anwendung: 0x01cbb4e27b00f6cc
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Reality Pump\Two Worlds II\XAudio2SoundEngine.dll
Berichtskennung:
92c5d76d-20d8-11e0-8921-485b3949ef22
Error - 15.01.2011 15:39:09 | Computer Name = Laura-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "I:\Python26\Lib\distutils\command\wininst-8_d.exe".
Die
abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.01.2011 06:00:41 | Computer Name = Laura-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.01.2011 12:42:50 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Name des fehlerhaften Moduls: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Ausnahmecode: 0xc0000005 Fehleroffset: 0x006d1226 ID des fehlerhaften
Prozesses: 0x1144 Startzeit der fehlerhaften Anwendung: 0x01cbb59c298c467a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Berichtskennung:
a72f5572-218f-11e0-984a-485b3949ef22
Error - 16.01.2011 13:49:58 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Name des fehlerhaften Moduls: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0072f548 ID des fehlerhaften
Prozesses: 0xc94 Startzeit der fehlerhaften Anwendung: 0x01cbb59c770adc78 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Berichtskennung:
08a56074-2199-11e0-984a-485b3949ef22
Error - 16.01.2011 14:05:58 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Name des fehlerhaften Moduls: XAudio2SoundEngine.dll, Version:
0.0.0.0, Zeitstempel: 0x4d074763 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004ae9b
ID
des fehlerhaften Prozesses: 0x7f4 Startzeit der fehlerhaften Anwendung: 0x01cbb5a5ce3501b7
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Reality Pump\Two Worlds II\XAudio2SoundEngine.dll
Berichtskennung:
44d67872-219b-11e0-984a-485b3949ef22
Error - 16.01.2011 15:56:10 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TwoWorlds2.exe, Version: 1.1.0.0,
Zeitstempel: 0x4d093148 Name des fehlerhaften Moduls: XAudio2SoundEngine.dll, Version:
0.0.0.0, Zeitstempel: 0x4d074763 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004ae9b
ID
des fehlerhaften Prozesses: 0x1438 Startzeit der fehlerhaften Anwendung: 0x01cbb5a8f48b2bae
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Reality Pump\Two Worlds II\TwoWorlds2.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Reality Pump\Two Worlds II\XAudio2SoundEngine.dll
Berichtskennung:
a9e4853c-21aa-11e0-984a-485b3949ef22
Error - 16.01.2011 18:40:30 | Computer Name = Laura-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Dwm.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc541 Name des fehlerhaften Moduls: fraps64.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4af24185 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000006357e04a
ID
des fehlerhaften Prozesses: 0xb94 Startzeit der fehlerhaften Anwendung: 0x01cbb5640bf9604c
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\Dwm.exe Pfad des fehlerhaften Moduls:
fraps64.dll Berichtskennung: 9eebaf5d-21c1-11e0-984a-485b3949ef22
Error - 17.01.2011 09:02:23 | Computer Name = Laura-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 06.01.2011 10:38:44 | Computer Name = Laura-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 07.01.2011 11:08:14 | Computer Name = Laura-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 07.01.2011 11:08:27 | Computer Name = Laura-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 08.01.2011 13:23:14 | Computer Name = Laura-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 08.01.2011 13:23:27 | Computer Name = Laura-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 09.01.2011 10:50:20 | Computer Name = Laura-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 09.01.2011 10:50:33 | Computer Name = Laura-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 10.01.2011 00:07:56 | Computer Name = Laura-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 10.01.2011 00:08:09 | Computer Name = Laura-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 10.01.2011 12:43:44 | Computer Name = Laura-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
< End of report >
Geändert von Lenore (17.01.2011 um 15:12 Uhr) |
|
17.01.2011, 16:41
| #4 |
| | Plötzlich Musik im Hintergrund, während Opera läuft So, der Malwarebytes-Komplettscan ist jetzt auch fertig, entschuldige, hat ein wenig gedauert... EDIT: Ich habe leider nur diesen einzigen vollständigen Scan, da ich Malwarebytes erst seit gestern installiert habe... Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5537
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
17.01.2011 16:39:32
mbam-log-2011-01-17 (16-39-32).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|H:\|I:\|J:\|K:\|)
Durchsuchte Objekte: 1148601
Laufzeit: 2 Stunde(n), 21 Minute(n), 7 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Geändert von Lenore (17.01.2011 um 16:53 Uhr) |
|
17.01.2011, 19:07
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Plötzlich Musik im Hintergrund, während Opera läuft Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl ()
O4 - HKLM..\Run: [DivX Download Manager] File not found#
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKCU..\Run: [DriverScanner] File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.16 19:02:40 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.10.16 17:57:00 | 000,103,608 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.10.16 19:01:01 | 000,001,041 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.10.21 19:25:43 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk E:\
O33 - MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun\AutoRun.exe
O33 - MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\Shell - "" = AutoRun
O33 - MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\Shell\AutoRun\command - "" = F:\HPLauncher.exe
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:EEDA5B17
:Files
C:\Windows\CLBUDF.tbl
C:\dvmexp.idx
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2011, 20:11
| #6 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Vielen Dank für deine Hilfe! Hat alles soweit geklappt, der Rechner hat sich neu gestartet... und hier ist der Report von OTL, der sich nach dem Neustart geöffnet hat. Dummerweise habe ich vergessen, Fraps und Avira Antivir zu beenden, da diese beiden Programme bei mir immer minimiert laufen... soll ich das ganze nochmal machen oder macht das nichts? Code:
ATTFilter All processes killed
========== OTL ==========
Error: Unable to stop service CLBUDF!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CLBUDF deleted successfully.
C:\Windows\CLBUDF.tbl moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivX Download Manager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DriverScanner deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
File not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2e19786e-a3d2-11df-916e-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e19786e-a3d2-11df-916e-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2e19786e-a3d2-11df-916e-806e6f6e6963}\ not found.
File D:\AutoRun\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f424c93b-a45f-11df-bd24-485b3949ef22}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f424c93b-a45f-11df-bd24-485b3949ef22}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f424c93b-a45f-11df-bd24-485b3949ef22}\ not found.
File F:\HPLauncher.exe not found.
ADS C:\ProgramData\Temp:EEDA5B17 deleted successfully.
========== FILES ==========
File\Folder C:\Windows\CLBUDF.tbl not found.
C:\dvmexp.idx moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Laura
->Temp folder emptied: 1498522 bytes
->Temporary Internet Files folder emptied: 2777795 bytes
->Java cache emptied: 7140 bytes
->Opera cache emptied: 240 bytes
->Flash cache emptied: 2983 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 913408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3732 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 5.00 mb
OTL by OldTimer - Version 3.2.20.2 log created on 01172011_200223
Files\Folders moved on Reboot...
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
C:\Users\Laura\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
|
|
17.01.2011, 20:44
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Plötzlich Musik im Hintergrund, während Opera läuft Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2011, 21:25
| #8 |
| | Plötzlich Musik im Hintergrund, während Opera läuft So, alles erledigt. Hier ist der ComboFix-Report: Code:
ATTFilter ComboFix 11-01-16.04 - Laura 17.01.2011 21:19:13.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.41.1031.18.6135.4780 [GMT 1:00]
ausgeführt von:: c:\users\Laura\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((( Dateien erstellt von 2010-12-17 bis 2011-01-17 ))))))))))))))))))))))))))))))
.
2011-01-17 20:21 . 2011-01-17 20:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-17 19:02 . 2011-01-17 19:02 -------- d-----w- C:\_OTL
2011-01-16 10:30 . 2011-01-16 20:44 -------- d-----w- c:\program files (x86)\SpeedFan
2011-01-16 10:26 . 2011-01-17 20:03 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-01-16 10:26 . 2011-01-17 19:03 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-01-16 00:48 . 2011-01-16 00:48 -------- d-----w- c:\program files (x86)\Ask.com
2011-01-16 00:48 . 2011-01-16 00:48 -------- d-----w- c:\program files (x86)\Foxit Software
2011-01-16 00:43 . 2011-01-16 00:43 -------- d-----w- c:\users\Laura\AppData\Roaming\Malwarebytes
2011-01-16 00:43 . 2011-01-16 00:43 -------- d-----w- c:\programdata\Malwarebytes
2011-01-16 00:43 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-16 00:43 . 2011-01-16 00:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-16 00:43 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 00:35 . 2011-01-17 20:01 -------- d-----w- c:\program files\CCleaner
2011-01-15 16:11 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C086BCCD-81E6-4089-A53C-B67DEB89103C}\mpengine.dll
2011-01-14 19:44 . 2011-01-14 19:44 -------- d-----w- c:\program files (x86)\Reality Pump
2011-01-13 12:08 . 2011-01-15 01:43 -------- d-----w- c:\users\Laura\AppData\Local\Two Worlds II
2011-01-13 11:19 . 2009-09-04 16:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll
2011-01-13 00:08 . 2010-11-02 05:12 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-01-06 21:07 . 2011-01-06 21:07 1 ----a-w- c:\windows\SysWow64\SI.bin
2011-01-04 00:21 . 2011-01-04 00:23 -------- d-----w- c:\users\Laura\AppData\Roaming\DivX
2011-01-04 00:21 . 2011-01-04 00:24 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-04 00:21 . 2011-01-04 00:24 -------- d-----w- c:\program files\DivX
2011-01-04 00:20 . 2011-01-04 00:24 -------- d-----w- c:\program files (x86)\DivX
2011-01-04 00:19 . 2011-01-04 00:24 -------- d-----w- c:\programdata\DivX
2010-12-22 18:44 . 2010-12-22 18:44 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-22 18:44 . 2010-12-22 18:44 -------- d-----r- c:\program files (x86)\Skype
2010-12-22 18:36 . 2010-12-22 18:37 -------- d-----w- c:\users\Laura\AppData\Roaming\GetRightToGo
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-13 10:13 . 2010-12-15 18:31 73728 ----a-w- c:\windows\SysWow64\TOverlay.ax
2010-12-03 16:12 . 2010-12-03 16:12 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-03 16:12 . 2010-12-03 16:12 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-03 16:12 . 2010-12-03 16:12 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-03 16:12 . 2010-12-03 16:12 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-11-22 17:25 . 2010-08-31 19:49 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-12 17:53 . 2010-08-12 06:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-11-04 06:35 . 2010-12-15 17:16 1194496 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 06:31 . 2010-12-15 17:16 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 05:52 . 2010-12-15 17:16 978944 ----a-w- c:\windows\SysWow64\wininet.dll
2010-11-04 05:48 . 2010-12-15 17:16 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16 . 2010-12-15 17:16 482816 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:41 . 2010-12-15 17:16 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-11-04 04:35 . 2010-12-15 17:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-04 04:08 . 2010-12-15 17:16 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18 . 2010-12-15 17:16 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 05:17 . 2010-12-15 17:16 473600 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 05:17 . 2010-12-15 17:16 1169408 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 05:16 . 2010-12-15 17:16 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-15 17:16 464384 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 05:10 . 2010-12-15 17:16 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:40 . 2010-12-15 17:16 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-11-02 04:40 . 2010-12-15 17:16 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34 . 2010-12-15 17:16 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-11-02 04:34 . 2010-12-15 17:16 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-27 05:06 . 2010-12-15 17:16 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-27 04:32 . 2010-12-15 17:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-10-20 05:20 . 2010-12-15 17:16 46080 ----a-w- c:\windows\system32\atmlib.dll
2010-10-20 04:54 . 2010-12-15 17:16 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2010-10-20 03:09 . 2010-12-15 17:16 3124224 ----a-w- c:\windows\system32\win32k.sys
2010-10-20 03:05 . 2010-12-15 17:16 367104 ----a-w- c:\windows\system32\atmfd.dll
2010-10-20 02:58 . 2010-12-15 17:16 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2008-08-28 681256]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"P2Go_Menu"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2008-08-21 210216]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2008-08-04 91432]
"RemoteControl"="c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe" [2008-07-21 87336]
"LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe" [2008-05-14 62760]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]
"iTunesHelper"="i:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
c:\users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HP SimpleSave Monitor.lnk - c:\users\Laura\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2010-10-29 481176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
R2 BackupService;BackupService;c:\users\Laura\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2009-12-14 16392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-19 50688]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-09-15 18288]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-10 1255736]
S0 CLBStor;CLBStor;c:\windows\system32\DRIVERS\CLBStor.sys [2008-07-02 24560]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2009-12-25 297512]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-04 135336]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe [2009-08-19 90112]
S2 DvmMDES;DeviceVM Meta Data Export Service;i:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-09-21 5788016]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-09-21 484720]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-03-10 86120]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-2605656181-123979568-1454977066-1000\Software\SecuROM\License information*]
"datasecu"=hex:5f,b4,5f,28,7f,99,41,b6,58,50,8c,2e,de,7a,a5,9a,f0,8e,ea,27,00,
eb,2c,0d,d6,f6,40,91,5c,cb,1c,0d,cb,d7,67,fb,8b,e6,14,1d,5a,11,4a,1b,41,d1,\
"rkeysecu"=hex:b2,ce,31,15,b2,ac,40,2e,d7,2e,22,89,fe,50,38,18
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-01-17 21:22:17
ComboFix-quarantined-files.txt 2011-01-17 20:22
ComboFix2.txt 2011-01-17 20:13
Vor Suchlauf: 18 Verzeichnis(se), 63'077'588'992 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 63'019'147'264 Bytes frei
- - End Of File - - 95FD23DC09BA948A19D4B4C61426E69A
|
|
17.01.2011, 22:20
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Plötzlich Musik im Hintergrund, während Opera läuft Bitte nun Logs mit GMER und mbrcheck erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg Anleitung zu mbrcheck: Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2011, 00:38
| #10 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Ich habe mein System mit GMER gecheckt, allerdings gabs am Ende keinen Log...  ...nur die Meldung, dass sich nichts Schädliches auf meinem Rechner befindet. Ich habe noch den Scan mit MBRCheck gemacht und hier ist der Report:Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000007dc
Kernel Drivers (total 208):
0x0321E000 \SystemRoot\system32\ntoskrnl.exe
0x037FA000 \SystemRoot\system32\hal.dll
0x00BCF000 \SystemRoot\system32\kdcom.dll
0x00C8D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CD1000 \SystemRoot\system32\PSHED.dll
0x00CE5000 \SystemRoot\system32\CLFS.SYS
0x00E8D000 \SystemRoot\system32\CI.dll
0x00F4D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00FF1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E57000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E60000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00D43000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E6A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E77000 \SystemRoot\System32\drivers\partmgr.sys
0x00D76000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D8B000 \SystemRoot\System32\drivers\volmgrx.sys
0x00DE7000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00DEE000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
0x0100E000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0112A000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01133000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0115D000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01168000 \SystemRoot\system32\DRIVERS\mv91xx.sys
0x00C1A000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x011F4000 \SystemRoot\system32\DRIVERS\mvxxmm.sys
0x01000000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01248000 \SystemRoot\system32\drivers\fltmgr.sys
0x01294000 \SystemRoot\system32\drivers\fileinfo.sys
0x012A8000 \SystemRoot\system32\DRIVERS\CLBStor.sys
0x01446000 \SystemRoot\System32\Drivers\Ntfs.sys
0x012B2000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01310000 \SystemRoot\System32\Drivers\cng.sys
0x0141A000 \SystemRoot\System32\drivers\pcw.sys
0x0142B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0162B000 \SystemRoot\system32\drivers\ndis.sys
0x0171D000 \SystemRoot\system32\drivers\NETIO.SYS
0x0177D000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01800000 \SystemRoot\System32\drivers\tcpip.sys
0x017A8000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01600000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x01383000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01610000 \SystemRoot\System32\Drivers\spldr.sys
0x01618000 \SystemRoot\SysWOW64\speedfan.sys
0x01200000 \SystemRoot\System32\drivers\rdyboost.sys
0x015E9000 \SystemRoot\System32\Drivers\mup.sys
0x0161F000 \SystemRoot\System32\drivers\hwpolicy.sys
0x00C49000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x013CF000 \SystemRoot\system32\DRIVERS\disk.sys
0x01A5C000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01BC9000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01BF3000 \SystemRoot\System32\Drivers\Null.SYS
0x01A00000 \SystemRoot\System32\Drivers\Beep.SYS
0x01A07000 \SystemRoot\System32\drivers\vga.sys
0x01A15000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01A3A000 \SystemRoot\System32\drivers\watchdog.sys
0x01A4A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01A53000 \SystemRoot\system32\drivers\rdpencdd.sys
0x017F2000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01435000 \SystemRoot\System32\Drivers\Msfs.SYS
0x013E5000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02EFA000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02F18000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02F25000 \SystemRoot\system32\drivers\afd.sys
0x02FAF000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02FF4000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02E00000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02E26000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02E3C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02E4B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02E66000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02E7A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02ECB000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02ED7000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02EE2000 \SystemRoot\System32\drivers\discache.sys
0x0421F000 \SystemRoot\system32\drivers\csc.sys
0x042A2000 \SystemRoot\System32\Drivers\dfsc.sys
0x042C0000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x042D1000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x042F3000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x042F9000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0431F000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04335000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x04365000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x100C3000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x10D55000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x0460C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04700000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04746000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x0476A000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04777000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x047CD000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x10D57000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x04A7A000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04A00000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04A0D000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x04A4B000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x04A53000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04A60000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04A69000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x04BF7000 \SystemRoot\system32\DRIVERS\wacomvhid.sys
0x047DE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x047F7000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x10DBC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x10DD2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04600000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x10000000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x1002F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x1004A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x1006B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x10085000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x10090000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x1009F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04BFA000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04367000 \SystemRoot\system32\DRIVERS\ks.sys
0x100AE000 \SystemRoot\system32\DRIVERS\umbus.sys
0x043AA000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05021000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0507B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05088000 \SystemRoot\system32\DRIVERS\wacommousefilter.sys
0x05090000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x050A5000 \SystemRoot\system32\drivers\nvhda64v.sys
0x050BE000 \SystemRoot\system32\drivers\portcls.sys
0x050FB000 \SystemRoot\system32\drivers\drmk.sys
0x0511D000 \SystemRoot\system32\drivers\ksthunk.sys
0x05C4A000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x05E71000 \SystemRoot\System32\drivers\Dxapi.sys
0x05E7D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00510000 \SystemRoot\System32\TSDDD.dll
0x007B0000 \SystemRoot\System32\cdd.dll
0x05E8B000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x05EA8000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x00800000 \SystemRoot\System32\ATMFD.DLL
0x05EC3000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x05EE0000 \SystemRoot\system32\drivers\luafv.sys
0x05F03000 \SystemRoot\system32\drivers\WudfPf.sys
0x05F24000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05F39000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05F8C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x05F9F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x05123000 \SystemRoot\system32\drivers\HTTP.sys
0x05FB7000 \SystemRoot\system32\DRIVERS\bowser.sys
0x05FD5000 \SystemRoot\System32\drivers\mpsdrv.sys
0x05C00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x01A8C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x043C2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x01ADA000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x05C2D000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x06CAC000 \SystemRoot\system32\drivers\peauth.sys
0x06D52000 \SystemRoot\System32\Drivers\secdrv.SYS
0x06D5D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x06D8A000 \SystemRoot\System32\drivers\tcpipreg.sys
0x06D9C000 \??\C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
0x06C00000 \SystemRoot\System32\DRIVERS\srv2.sys
0x01B29000 \SystemRoot\System32\DRIVERS\srv.sys
0x06C67000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x06C75000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06C92000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x06C9C000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x06DC1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x074C4000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x075E0000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x07400000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x074A2000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x074AD000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x76F80000 \Windows\System32\ntdll.dll
0x47B70000 \Windows\System32\smss.exe
0xFF2A0000 \Windows\System32\apisetschema.dll
0xFF7E0000 \Windows\System32\autochk.exe
0x77150000 \Windows\System32\psapi.dll
0xFF280000 \Windows\System32\lpk.dll
0xFF1A0000 \Windows\System32\advapi32.dll
0xFF170000 \Windows\System32\imm32.dll
0xFF100000 \Windows\System32\gdi32.dll
0xFEFF0000 \Windows\System32\msctf.dll
0xFEF50000 \Windows\System32\clbcatq.dll
0xFEF30000 \Windows\System32\sechost.dll
0xFEE90000 \Windows\System32\msvcrt.dll
0x76E80000 \Windows\System32\user32.dll
0x77140000 \Windows\System32\normaliz.dll
0xFED60000 \Windows\System32\rpcrt4.dll
0xFEB00000 \Windows\System32\iertutil.dll
0xFEA20000 \Windows\System32\oleaut32.dll
0xFE840000 \Windows\System32\setupapi.dll
0xFDAB0000 \Windows\System32\shell32.dll
0xFDA60000 \Windows\System32\Wldap32.dll
0xFD9E0000 \Windows\System32\shlwapi.dll
0xFD860000 \Windows\System32\urlmon.dll
0x76D60000 \Windows\System32\kernel32.dll
0xFD7E0000 \Windows\System32\difxapi.dll
0xFD710000 \Windows\System32\usp10.dll
0xFD6C0000 \Windows\System32\ws2_32.dll
0xFD620000 \Windows\System32\comdlg32.dll
0xFD610000 \Windows\System32\nsi.dll
0xFD400000 \Windows\System32\ole32.dll
0xFD3E0000 \Windows\System32\imagehlp.dll
0xFD2B0000 \Windows\System32\wininet.dll
0xFD140000 \Windows\System32\crypt32.dll
0xFD0D0000 \Windows\System32\KernelBase.dll
0xFD030000 \Windows\System32\comctl32.dll
0xFCFF0000 \Windows\System32\cfgmgr32.dll
0xFCFB0000 \Windows\System32\wintrust.dll
0xFCF90000 \Windows\System32\devobj.dll
0xFCF80000 \Windows\System32\msasn1.dll
0x75890000 \Windows\SysWOW64\normaliz.dll
Processes (total 75):
0 System Idle Process
4 System
336 C:\Windows\System32\smss.exe
492 csrss.exe
576 C:\Windows\System32\wininit.exe
584 csrss.exe
632 C:\Windows\System32\services.exe
652 C:\Windows\System32\lsass.exe
660 C:\Windows\System32\lsm.exe
696 C:\Windows\System32\winlogon.exe
800 C:\Windows\System32\svchost.exe
860 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
900 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
908 C:\Windows\System32\conhost.exe
160 C:\Windows\System32\nvvsvc.exe
504 C:\Windows\System32\svchost.exe
1032 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\svchost.exe
1088 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\svchost.exe
1376 C:\Program Files\Tablet\Pen\Pen_TouchService.exe
1396 C:\Windows\System32\nvvsvc.exe
1448 C:\Windows\System32\wisptis.exe
1560 C:\Windows\System32\svchost.exe
1788 C:\Windows\System32\spoolsv.exe
1816 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1836 C:\Windows\System32\svchost.exe
1984 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2004 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
1140 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1580 I:\ASUS.SYS\config\DVMExportService.exe
1188 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2068 C:\Program Files\Tablet\Pen\Pen_Tablet.exe
2128 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2208 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2528 C:\Windows\System32\SearchIndexer.exe
2676 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2788 C:\Windows\System32\svchost.exe
2728 WUDFHost.exe
2096 C:\Windows\System32\wisptis.exe
3056 C:\Windows\System32\taskeng.exe
2832 C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2856 C:\Windows\System32\dwm.exe
2092 C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
1472 C:\Windows\System32\taskhost.exe
3088 C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
3096 C:\Windows\explorer.exe
3216 C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
3428 C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
3520 C:\Program Files\Tablet\Pen\Pen_Tablet.exe
3824 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3832 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3840 C:\Program Files\Microsoft IntelliType Pro\itype.exe
3968 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
4008 C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
4064 C:\Program Files (x86)\CyberLink\Shared files\brs.exe
3200 C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
2820 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2116 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3508 I:\Program Files (x86)\iTunes\iTunesHelper.exe
3516 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
3716 C:\Program Files\iPod\bin\iPodService.exe
4092 C:\Program Files\Windows Media Player\wmpnetwk.exe
3320 C:\Windows\System32\svchost.exe
4240 C:\Windows\System32\svchost.exe
4600 dllhost.exe
1640 C:\Program Files (x86)\Nero\Update\NASvc.exe
4392 C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
4412 C:\Windows\System32\svchost.exe
596 C:\Program Files (x86)\Opera\opera.exe
1828 C:\Windows\System32\SearchProtocolHost.exe
1616 C:\Windows\System32\SearchFilterHost.exe
4668 C:\Windows\System32\dllhost.exe
4948 C:\Users\Laura\Desktop\MBRCheck.exe
740 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00100000 (NTFS)
\\.\I: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
PhysicalDrive0 Model Number: KINGSTONSNVP325S2128GB, Rev: AGYA0201
PhysicalDrive2 Model Number: WDExt HDD 1021, Rev: 2002
PhysicalDrive1 Model Number: SAMSUNGHD103SJ, Rev: 1AJ10001
Size Device Name MBR Status
--------------------------------------------
119 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
1863 GB \\.\PhysicalDrive2 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
931 GB \\.\PhysicalDrive1 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
|
18.01.2011, 11:08
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Plötzlich Musik im Hintergrund, während Opera läuft Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2011, 01:26
| #12 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Ich habe gerade einige Zeit probehalber Opera im Hintergrund laufen lassen, und die Musik war leider wieder da.  Ich mache jetzt noch die zwei verlangten Scans und poste dann das Ergebnis. |
|
19.01.2011, 15:40
| #13 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Hier scheint alles ok zu sein: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5551
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
19.01.2011 07:29:05
mbam-log-2011-01-19 (07-29-05).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|I:\|)
Durchsuchte Objekte: 1151212
Laufzeit: 2 Stunde(n), 58 Minute(n), 9 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Das andere Programm hat zwei tracking cookies gefunden. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 01/19/2011 at 06:57 AM
Application Version : 4.48.1000
Core Rules Database Version : 6229
Trace Rules Database Version: 4041
Scan type : Complete Scan
Total Scan Time : 05:25:02
Memory items scanned : 662
Memory threats detected : 0
Registry items scanned : 14498
Registry threats detected : 0
File items scanned : 993163
File threats detected : 2
Adware.Tracking Cookie
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\laura@atdmt[2].txt
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\laura@atdmt.combing[2].txt
Ich habe vor diesen beiden Scans die Internetspuren mal nicht gelöscht. Normalerweise mache ich das immer, bevor ich Opera beende. Aber da während meinem Test die Musik wieder kam, habe ich dieses Mal nichts gelöscht und es wurde beim Scan tatsächlich was gefunden. Ich vermute mal, dass diese beiden cookies oder eines davon diese Musik auslösen, oder? Da ich aber normalerweise die Internetspuren lösche, müssten diese cookies eigentlich auch jedesmal gelöscht werden, kommen aber offenbar immer wieder....? |
|
19.01.2011, 16:11
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Plötzlich Musik im Hintergrund, während Opera läuft Ist die Hintergrundmusik nur bei Opera? Evtl ist Opera manipuliert oder die Ursache ist keine Infektion. Firefox mal probiert?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2011, 20:27
| #15 |
| | Plötzlich Musik im Hintergrund, während Opera läuft Ich hab mir Firefox vor ein paar Stunden installiert und seitdem lasse ich den Browser zum testen im Hintergrund laufen. Bis jetzt keine Musik. Ich habe auch versucht, eine saubere Neuinstallation von Opera zu machen, allerdings war da wieder diese Musik. Anscheinend liegt es tatsächlich an Opera selbst. Schade, ich mochte diesen Browser eigentlich. Ich warte noch ein wenig ab, ob nicht doch noch was kommt. Aber bis jetzt ist alles in Ordnung. Vielen Dank für deine Hilfe!  |
|
| Themen zu Plötzlich Musik im Hintergrund, während Opera läuft |
| antivir, antivir guard, avg, avira, bho, bildschirm, bonjour, computer, cpu, desktop, driverscanner, explorer, geforce, geforce gtx, hijack, logfile, maus, musik, nvidia, opera, pando media booster, pdf creator, plug-in, problem, scan, sekunden, senden, software, syswow64, tastatur, usb, usb 3.0 |
Hybrid-Darstellung
