| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Proxyserver ? rechner läuft merkwürdig.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.05.2011, 07:14
| #1 |
 |  Proxyserver ? rechner läuft merkwürdig. hallo, irgendwas stimmt mit meinem rechner nicht. diverse internet anwendungen laufen nicht mehr. und in den browsern wurde irgendwas mit proxyserver verstellt. ausserdem gehen teilweise die online spiele nicht mehr. es scheint irgendwas manipuliert worden zu sein. regedit und taskmanager wurden vom administrator deaktiviert. ich konnte sie zwar die wieder aktivieren. aber ich denke hier liegt was im argen. bitte um schnelle info. muss ich das system neu aufsetzen? hier noch eine logfile von avira. ich denke nicht das es viel bringt :=) Code:
ATTFilter Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <System>
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q.old
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
C:\ProgramData\SecTaskMan\msmsgs.exe.q_Quarantine_116BAA02_q.q_Quarantine_AC9AA02_q
[FUND] Ist das Trojanische Pferd TR/Sasfis.axuc
C:\Users\BEAZMUSIX\AppData\Local\Temp\server.exe
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
C:\Users\BEAZMUSIX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7682016d-15a595f9
[0] Archivtyp: ZIP
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/ClassLoad.C
--> vload.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/ClassLoad.C
--> vmain.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Remote.C
Beginne mit der Suche in 'D:\' <Stuff>
Beginne mit der Suche in 'E:\' <Projekte>
Beginne mit der Suche in 'F:\' <System Reserved>
Beginne mit der Suche in 'G:\'
Der zu durchsuchende Pfad G:\ konnte nicht geöffnet werden!
Systemfehler [1]: Unzulässige Funktion.
Beginne mit der Suche in 'K:\'
Der zu durchsuchende Pfad K:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Desinfektion:
C:\Users\BEAZMUSIX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7682016d-15a595f9
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Remote.C
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a90a889.qua' verschoben!
C:\Users\BEAZMUSIX\AppData\Local\Temp\server.exe
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5249875d.qua' verschoben!
C:\ProgramData\SecTaskMan\msmsgs.exe.q_Quarantine_116BAA02_q.q_Quarantine_AC9AA02_q
[FUND] Ist das Trojanische Pferd TR/Sasfis.axuc
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '006ddd8b.qua' verschoben!
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q.old
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6647924f.qua' verschoben!
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '23c3bf71.qua' verschoben!
aus ein paar ähnlichen beiträgen konnt ich lesen das otl mal durchlaufen lassen soll. das mache ich gerade und hänge dann die logfiles mit an. gruß und danke edit: ich habe gerade gesehen das ich die logfiles lieber hätte als zip packen und anhängen sollen. vielleicht kann ein admin mein beiträge nochmal löschen ? dann lade ich sie als zip archiv hoch. danke. Geändert von beazmusix (17.05.2011 um 07:40 Uhr) |
|
17.05.2011, 07:30
| #2 |
| | Proxyserver ? rechner läuft merkwürdig. extras.txt
__________________Code:
ATTFilter OTL Extras logfile created on: 17.05.2011 08:08:52 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BEAZMUSIX\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 133,52 Gb Free Space | 44,81% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 764,23 Gb Free Space | 82,04% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 84,71 Gb Free Space | 36,37% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Computer Name: BEAZMUSIX-PC | User Name: BEAZMUSIX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{34BD24DF-3B6F-8661-D4F0-0EBCACA2C834}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{71BA69AD-9E60-4092-A497-D3BD54779D52}" = Max 5.1.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Profi Home 2010.SP3
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CACBDC26-D504-49ED-3FEC-0CDDB3700240}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D5A71F7F-8F69-4CE8-996D-9CF2ADFC285B}" = M-Audio Ozone Driver 6.0.2 (x64)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F86D9734-D358-4C5B-BC2B-6D90557FF05B}" = HP Officejet Pro 8500 A909 Series
"Automap Universal_is1" = Automap 3.7
"Cakewalk Rapture_is1" = Rapture 1.1
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 1.5
"Pen Tablet Driver" = Bamboo
"RealVNC_is1" = VNC Enterprise Edition E4.5.1
"Shop for HP Supplies" = Shop for HP Supplies
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D03DE2-D142-4A6C-B346-2FA7C8D76A57}" = BassStation
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1DE1B0F3-5897-4C66-BA18-F8A9E95FAE5C}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A2820DB-CB78-4C24-9F48-49E67B0337E1}" = Phoscyon 1.8.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3CD5832D-13D9-4751-8B22-3A7D3F4ACA42}" = Quake Live Mozilla Plugin
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3D843732-70CD-4DEF-A36F-AEFB87C80DC9}" = ProductContext
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D481F91-44BA-F0FE-CD07-8B3429A2A821}" = Catalyst Control Center Graphics Previews Common
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{543A0462-62A8-59CA-8EA7-B2173DA96DAC}" = CCC Help English
"{5461A74D-B169-4862-9F38-DB525CEA126B}" = Max Runtime 5.1.7
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5809A31C-32FB-35CA-E1D2-0B898119E15F}" = Catalyst Control Center InstallProxy
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69754D89-C21E-4851-83C0-399DE63C6579}" = 8500A909_Help
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A143FF0-BB9A-4A9C-A318-1688BA366BAE}" = Sorenson Squeeze 4.3
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F868980-FF49-011B-2C95-409F199B9C19}" = Catalyst Control Center Graphics Previews Vista
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{80C22308-DC4F-4F1E-BE7C-FB903B0AFCF8}" = The Bat! Professional v4.2.36.4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1" = V-Station 1.5.1
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}" = MPM
"{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9782762F-639B-499B-A23D-5EBEAFC160E6}" = Microsoft Tool Web Package:diskpart.exe
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A6F797DB-9D0C-4243-B15B-91CD21D7E980}" = 8500A909a
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A02E23-805C-4AAC-B408-D59A1D53AEA6}" = BPDSoftware
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC4E477E-BBD4-4C68-8D6C-D10C3BB658F3}" = BPD_DSWizards
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AD0AA962-111E-41D5-A705-0E3D9178A661}" = BPDSoftware_Ini
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B01DD5B7-9862-43D7-BCA3-7882A17E4328}" = PhotoTools 1.0 Professional Edition
"{B318D3D1-3421-4E2A-9C63-5D8FC2457B9C}" = 8500A909_eDocs
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF2FA20-6886-483C-8CC6-3310A1A636E5}" = ElastikVst
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6BE4630-75B2-43FC-98A8-51CE130534B8}" = Sorenson Squeeze 4.3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D3E72DA8-8467-4DAB-961F-A5B7989B09F0}" = Collage Maker
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2020 Musterbriefe" = 2020 Musterbriefe
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.6 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_826" = Adobe Acrobat 8.2.6 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia Prophet V VSTi RTAS_is1" = Arturia Prophet V VSTi RTAS v1.2.1
"AudioRealism" = AudioRealism Bass Line 2 (remove only)
"Automap Universal ReWire_is1" = Automap ReWire 1.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Brainworx BX DynEQ Bundle VST RTAS_is1" = Brainworx BX DynEQ Bundle VST RTAS v1.1
"Call of Duty Black Ops_is1" = Call of Duty Black Ops
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysonic SINDO v1.0 VST" = Crysonic SINDO v1.0 VST
"Dash Synthesis daAlfa2k.v1.54" = Dash Synthesis daAlfa2k.v1.54
"DelinvFile_is1" = DelinvFile - 4.04
"discoDSP Discovery Pro VSTi_is1" = discoDSP Discovery Pro VSTi v1.0 Release 2
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.30
"FileZilla Client" = FileZilla Client 3.3.5.1
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"JDownloader" = JDownloader
"Linplug Albino VSTi v2.01" = Linplug Albino VSTi v2.01
"Live 8.2.1" = Live 8.2.1
"Messenger Plus!" = Messenger Plus! 5
"MessengerDiscovery Live_is1" = MessengerDiscovery Live 1.5.0720
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Pro-53" = Native Instruments Pro-53
"Native Instruments Traktor DJ Studio v2..6.2.110" = Native Instruments Traktor DJ Studio v2..6.2.110
"nLite_is1" = nLite 1.4.9.1
"PDF-ShellTools_is1" = PDF-ShellTools 1.0.0.12 Trial
"Picasa 3" = Picasa 3
"Pro-sounds.Virus.Dream.Bank1" = Pro-sounds.Virus.Dream.Bank1
"PunkBusterSvc" = PunkBuster Services
"qiplus3_uninstall.exe" = Quite Imposing Plus 3 (Deutsch)
"Quake III Arena" = Quake III Arena
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Reason5_is1" = Reason 5.0
"reFX Vanguard_is1" = reFX Vanguard VSTi
"rgcAudio z3ta Plus v1.40" = rgcAudio z3ta Plus v1.40
"Rob Papen and LinPlug Albino Presets Addon" = Rob Papen and LinPlug Albino Presets Addon
"Security Task Manager" = Security Task Manager 1.8
"SL MkII Editor_is1" = SL MkII Editor
"SpeedFan" = SpeedFan (remove only)
"Synology Assistant" = Synology Assistant (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Trilogy_is1" = Trilogy
"UltraISO_is1" = UltraISO Premium V9.35
"VLC media player" = VLC media player 1.1.7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WaveLabPro" = WaveLab 6
"WBFS Manager 3.0" = WBFS Manager 3.0
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.9
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3571790099.d.seesmic.com" = Seesmic Desktop 2
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.05.2011 03:24:16 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm League of Legends.exe, Version 1.0.0.118 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1818 Startzeit: 01cc0fac4d785647 Endzeit: 59 Anwendungspfad:
C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.44\deploy\League
of Legends.exe Berichts-ID:
Error - 11.05.2011 03:50:50 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm League of Legends.exe, Version 1.0.0.118 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1550 Startzeit: 01cc0faff2f54fa5 Endzeit: 56 Anwendungspfad:
C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.44\deploy\League
of Legends.exe Berichts-ID:
Error - 11.05.2011 12:44:27 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
Zeitstempel: 0x4baad460 Name des fehlerhaften Moduls: NeSplitter.ax, Version: 7.0.16.5,
Zeitstempel: 0x4ba0aec0 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00018631 ID des fehlerhaften
Prozesses: 0x1188 Startzeit der fehlerhaften Anwendung: 0x01cc0ff3c207b615 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\SMC\NeSplitter.ax
Berichtskennung:
ee9d31e4-7bed-11e0-9f8f-e0cb4e1f1846
Error - 11.05.2011 13:00:38 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
Zeitstempel: 0x4baad460 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
Zeitstempel: 0x4cc7ab86 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000420a2 ID des fehlerhaften
Prozesses: 0x1818 Startzeit der fehlerhaften Anwendung: 0x01cc0ffbc2eae159 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 31cbb30c-7bf0-11e0-9f8f-e0cb4e1f1846
Error - 11.05.2011 13:02:54 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16768 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: ebc Startzeit: 01cc0fa5c69b1ce9 Endzeit: 241 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: 7d9b652a-7bf0-11e0-9f8f-e0cb4e1f1846
Error - 11.05.2011 13:11:12 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
Zeitstempel: 0x4baad460 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
Zeitstempel: 0x4cc7ab86 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00061c1d ID des fehlerhaften
Prozesses: 0xdac Startzeit der fehlerhaften Anwendung: 0x01cc0ffd66a6db83 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: ab6fe9ee-7bf1-11e0-9f8f-e0cb4e1f1846
Error - 11.05.2011 21:01:50 | Computer Name = BEAZMUSIX-PC | Source = Windows Search Service | ID = 3007
Description =
Error - 13.05.2011 04:21:39 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
VMware kbd. System Error: Das System kann die angegebene Datei nicht finden. .
Error - 13.05.2011 17:04:10 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
VMware kbd. System Error: Das System kann die angegebene Datei nicht finden. .
Error - 16.05.2011 17:39:44 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768,
Zeitstempel: 0x4d688122 Name des fehlerhaften Moduls: wwanapi.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5be0a8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000333eb
ID
des fehlerhaften Prozesses: 0x7b0 Startzeit der fehlerhaften Anwendung: 0x01cc1411814988c3
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\system32\wwanapi.dll Berichtskennung: 031003c5-8005-11e0-804b-e0cb4e1f1846
[ Spybot - Search & Destroy Events ]
Error - 11.05.2011 03:24:16 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
Error - 11.05.2011 03:50:50 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
Error - 11.05.2011 12:44:27 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
Error - 11.05.2011 13:00:38 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
Error - 11.05.2011 13:02:54 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
Error - 11.05.2011 13:11:12 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
Error - 11.05.2011 21:01:50 | Computer Name = BEAZMUSIX-PC | Source = Windows Search Service | ID = 3007
Description =
Error - 13.05.2011 04:21:39 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description =
Error - 13.05.2011 17:04:10 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description =
Error - 16.05.2011 17:39:44 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
[ System Events ]
Error - 16.05.2011 17:35:20 | Computer Name = BEAZMUSIX-PC | Source = DCOM | ID = 10005
Description =
Error - 16.05.2011 17:35:21 | Computer Name = BEAZMUSIX-PC | Source = DCOM | ID = 10005
Description =
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 16.05.2011 17:38:30 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
VNC Server Version 4 erreicht.
Error - 16.05.2011 17:54:35 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Net.Msmq-Listeneradapter" ist von folgendem Dienst abhängig:
msmq. Dieser Dienst ist eventuell nicht installiert.
< End of report >
|
|
17.05.2011, 07:31
| #3 |
| | Proxyserver ? rechner läuft merkwürdig. otl.txt
__________________Code:
ATTFilter OTL logfile created on: 17.05.2011 08:08:51 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BEAZMUSIX\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 133,52 Gb Free Space | 44,81% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 764,23 Gb Free Space | 82,04% Space Free | Partition Type: NTFS Drive E: | 232,88 Gb Total Space | 84,71 Gb Free Space | 36,37% Space Free | Partition Type: NTFS Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS Drive Y: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS Drive Z: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS Computer Name: BEAZMUSIX-PC | User Name: BEAZMUSIX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\BEAZMUSIX\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Novation\Automap\MidiAutomapClient.exe () PRC - C:\Program Files (x86)\Novation\Automap\AutomapServer.exe (Novation DMS Ltd.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\The Bat!\thebat.exe (Ritlabs S.R.L.) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) PRC - C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Razer Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\BEAZMUSIX\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:64bit: - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_3f211bc.dll () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (SynoDrService) -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe () SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe () SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Profi Home 2010.SP3\RpcAgentSrv.exe (SiSoftware) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) SRV - (Adobe Version Cue CS3) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (Ltn_stk7070P_64) -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys (LITEON) DRV:64bit: - (Ltn_stkrc_64) -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys (LITEON) DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.) DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (automap) -- C:\Windows\SysNative\drivers\automap.sys (Novation Digital Music Systems Limited) DRV:64bit: - (LVUVC64) Logitech QuickCam Pro 5000(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.) DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (MADFUOZONE) -- C:\Windows\SysNative\drivers\MAudioOzone_DFU.sys (M-Audio) DRV:64bit: - (MAUSBOZONE) -- C:\Windows\SysNative\drivers\MAudioOzone.sys (Avid Technology, Inc.) DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (scramby_out) -- C:\Windows\SysNative\drivers\scramby_out.sys (RapidSolution Software AG) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (scramby) -- C:\Windows\SysNative\drivers\scramby.sys (RapidSolution Software AG) DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Profi Home 2010.SP3\WNt500x64\sandra.sys (SiSoftware) DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D3 69 DC 6B C7 6A CB 01 [binary data] IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:4470 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "foxsearch" FF - prefs.js..browser.search.order.1: "foxsearch" FF - prefs.js..browser.search.selectedEngine: "foxsearch" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: webcamsvideochatplugin@wsmanagement.com:3.2.0.2 FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.search.selectedEngine: "foxsearch" FF - user.js..browser.search.order.1: "foxsearch" FF - user.js..browser.search.defaultenginename: "foxsearch" FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.19 14:01:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.10.20 15:53:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 11:41:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.30 11:41:05 | 000,000,000 | ---D | M] [2010.09.19 11:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Extensions [2011.05.11 17:37:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions [2011.03.10 11:55:24 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef} [2011.03.12 15:29:52 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2011.05.11 17:37:47 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\fb_add_on@avm.de [2011.04.18 10:26:54 | 000,000,000 | ---D | M] (WebcamsVideoChatPlugIn) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\webcamsvideochatplugin@wsmanagement.com [2011.04.30 11:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- [2010.10.20 15:53:24 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9} () (No name found) -- C:\USERS\BEAZMUSIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LXNIFGUS.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.09.19 14:41:57 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001..\Run: [Data Replicator 3] C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe (Synology Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta () O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} hxxp://192.168.1.110/IPCamPluginMJPEG.cab (IPCamPlugIn Control) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.12.03 14:08:04 | 000,000,685 | ---- | M] () - E:\automap-License-2010-12-03.fnlf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe_ID0EYTHM - hkey= - key= - C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AVMFBoxMonitor - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Bing Bar - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Cpu Level Up help - hkey= - key= - C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe () MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\BEAZMUSIX\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: HDAudDeck - hkey= - key= - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - File not found MsConfig:64bit - StartUpReg: M-Audio Taskbar Icon - hkey= - key= - C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) MsConfig:64bit - StartUpReg: QFan Help - hkey= - key= - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe () MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Windows SecurityAgent - hkey= - key= - File not found MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PEVSystemStart - Service SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: procexp90.Sys - Driver SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PEVSystemStart - Service SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: procexp90.Sys - Driver SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {AEC40118-CADC-D991-F168-4C3D8214FE4F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.05.17 08:07:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\BEAZMUSIX\Desktop\OTL.exe [2011.05.17 07:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.05.16 23:52:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices [2011.05.16 23:52:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices [2011.05.16 23:52:40 | 000,000,000 | ---D | C] -- C:\inetpub [2011.05.16 23:12:25 | 000,000,000 | ---D | C] -- C:\Riot Games [2011.05.16 23:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.05.16 22:20:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0CB36CA0-4650-4543-B629-8596BBA05BF1} [2011.05.16 19:27:14 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\LeagueOfLegends [2011.05.16 18:19:10 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.05.16 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% [2011.05.16 18:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2011.05.16 17:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Franzis [2011.05.16 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\backup_tanja [2011.05.16 10:19:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C223B861-18DF-4D7A-AAE0-21374D4D8758} [2011.05.15 22:19:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C838CF81-B701-469C-BFEB-9E7719B5E9A8} [2011.05.15 11:32:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\05 - Bravo Black Hits Vol.24 [2011.05.15 10:18:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{A56B7FDC-6657-4683-A8CE-36E9557F3694} [2011.05.15 10:09:42 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\US_TOP40_Single_Charts_14_05_2011-MCG [2011.05.14 22:18:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EDE30EAD-6F5A-4B9F-BD4A-52AFDF62CA40} [2011.05.14 18:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.05.14 10:18:13 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{A597DFFD-8751-4580-AAAB-2EC395AD64FB} [2011.05.13 22:17:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EFD0933E-8ED0-4BE8-9C02-1667D5551753} [2011.05.13 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B84DC6B8-67B4-4852-A2AD-AB9193C7E104} [2011.05.13 10:17:05 | 000,472,368 | ---- | C] (AVM Berlin) -- C:\Windows\install.dex [2011.05.12 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{E573E63F-09EA-455A-A20D-79DD688659CB} [2011.05.12 13:00:21 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited [2011.05.12 13:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2011.05.12 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Documents\Xilisoft DVD Creator 6 [2011.05.12 10:19:59 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\Xilisoft [2011.05.12 10:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft [2011.05.12 10:16:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D5264A9D-ECC6-4FE9-ABC3-4832B8C55212} [2011.05.12 10:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.05.12 10:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5 [2011.05.11 22:15:55 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{62375FE8-D884-46BB-8FB6-213E9F0A2C66} [2011.05.11 17:08:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Documents\football1 [2011.05.11 17:08:22 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1 [2011.05.11 10:15:33 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{45CB7FBC-5647-463B-AF35-B201B9324E88} [2011.05.11 08:46:00 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.05.11 08:45:58 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.05.11 08:45:57 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.05.11 08:45:50 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2011.05.11 08:45:49 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2011.05.10 22:14:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D991EEE2-27EA-4722-B443-273C1EB1D09A} [2011.05.10 10:14:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EC50BD16-1C10-49DE-8ABE-4CE8DF7CB1DE} [2011.05.09 22:14:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{FF75994D-90D1-4EC7-AE20-33FFF0DDD226} [2011.05.09 10:13:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{780E09BD-DA6B-413E-AA9E-8A3E42CA8D70} [2011.05.08 22:13:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{68FE5C3A-5B0F-4DB5-8B18-ED6CB1376557} [2011.05.08 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5013E77F-4A2F-458A-9076-D7629C68D17A} [2011.05.07 22:12:31 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{375FA578-BD19-4F90-A849-62E8F9DA0FC4} [2011.05.07 10:12:09 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{3CED6E3B-5474-4763-A7C2-40B4A9851E77} [2011.05.06 22:11:47 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{6D03D63C-F0FC-4725-A284-7B274F36FF85} [2011.05.06 16:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011.05.06 10:11:25 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{AF94CDD5-ED68-4D32-89F5-E5AEEBA00AD7} [2011.05.05 22:11:02 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{4DCCD072-81D2-4397-B5E9-994921EA8758} [2011.05.05 10:10:40 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{37E7B5CF-F365-4872-A6EE-DF590FF63C09} [2011.05.04 22:10:03 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B0049B62-E77A-4156-9FFA-B7E9D4C6A079} [2011.05.04 10:09:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C1A59263-A388-42AC-8419-AF36C807A622} [2011.05.03 19:24:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C4FFAE00-E995-4F05-91EA-967399105FB5} [2011.05.03 18:08:48 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar [2011.05.03 18:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mediAvatar [2011.05.03 17:57:37 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft [2011.05.03 17:57:20 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo [2011.05.03 07:24:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{863CD3F5-D806-4564-ABC6-11F18A1FF92D} [2011.05.02 19:23:47 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{26E4FC99-4234-4E4E-B7CB-0FD5B4D19EF4} [2011.05.02 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{1D626F77-8EB7-48D1-B4F6-A4A9FC5EF37E} [2011.05.01 19:23:03 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B6D2679B-B482-409E-BD90-D812AB467136} [2011.05.01 07:22:41 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{26AE4BC8-B3F6-4598-905F-4E126E985720} [2011.04.30 20:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.04.30 20:55:30 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.04.30 20:55:29 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.04.30 20:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.04.30 20:53:33 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.04.30 19:22:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{78462F6F-C2E0-4571-B244-EBBE1BE22348} [2011.04.30 07:22:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{CB703196-F34E-4D13-9AF0-8731DF06925A} [2011.04.29 08:22:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{556A643E-DF9C-42F2-AB0A-3F2764E58298} [2011.04.28 20:22:16 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{905DA88E-9B5D-4F18-8C9A-4D78D9E6A07C} [2011.04.28 08:21:54 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{593AC823-3C08-4BD3-B079-7CB6C036A1DA} [2011.04.27 21:34:50 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.04.27 21:34:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011.04.27 21:34:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.04.27 21:34:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.04.27 21:34:25 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011.04.27 21:34:25 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011.04.27 21:34:25 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011.04.27 21:34:24 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011.04.27 21:34:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011.04.27 21:34:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011.04.27 21:34:24 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011.04.27 21:34:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011.04.27 21:34:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011.04.27 20:21:19 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EB7F1D81-6802-44B7-8004-68B1CDAB1056} [2011.04.27 19:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3Merge [2011.04.27 08:20:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{4BE2BAE0-0B84-43E9-9553-D969DE3D8F27} [2011.04.26 20:20:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{08337B58-CF15-490D-AF88-7C670F1BA296} [2011.04.26 08:20:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{3C647CDA-B2DE-4F87-9736-05727C69C3D1} [2011.04.25 20:19:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5E482E35-C22B-450F-B4B9-B38A922D9176} [2011.04.25 08:19:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{AC83F541-085F-4BD4-95AD-52D1F173A671} [2011.04.24 20:19:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{F23D7FE4-E1DA-4F67-AB75-7DF0009116C9} [2011.04.24 08:18:44 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{49703AEB-01CF-41AE-A551-D2DAF4DCBE50} [2011.04.23 20:18:23 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{67918346-28D6-4CA8-909E-89619D646F71} [2011.04.23 08:18:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5FCE2615-587E-49ED-9D63-81579EC3900C} [2011.04.21 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite [2011.04.21 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\nLite [2011.04.21 19:36:10 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{90B6BA6C-21FD-4D8D-ADC9-8D31395EF013} [2011.04.20 23:01:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0013A474-5266-484E-8216-7DCD88D45D68} [2011.04.20 11:00:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{31111E06-2DA0-493E-9FE8-8EFB0E0B3620} [2011.04.19 23:00:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{1209C721-8C1D-4200-969B-E9BDB8898C37} [2011.04.19 11:00:05 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{CF792FE1-97AF-497D-B672-ECDCD0782F5C} [2011.04.18 22:59:43 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0037529B-0FF4-493F-AC1F-B2B00A97462D} [2011.04.18 10:59:21 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{74581150-9D3E-480E-B0E9-D71D94EC7909} [2011.04.17 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D2D3AF3D-A4E6-4471-869B-2A6CFA36D840} [2011.04.17 10:58:23 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{E79A9758-9CC6-4666-8900-C157305A1D16} [2011.04.17 09:02:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\mukke [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.05.17 08:07:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BEAZMUSIX\Desktop\OTL.exe [2011.05.17 07:37:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001UA.job [2011.05.16 23:58:55 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.16 23:58:55 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.16 23:54:16 | 001,830,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.05.16 23:54:16 | 000,789,736 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.05.16 23:54:16 | 000,729,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.05.16 23:54:16 | 000,182,046 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.05.16 23:54:16 | 000,148,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.05.16 23:54:06 | 001,734,800 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.16 23:37:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.16 23:37:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2011.05.16 23:37:33 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys [2011.05.16 23:18:01 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.05.16 21:04:53 | 000,000,850 | RHS- | M] () -- C:\Users\BEAZMUSIX\ntuser.pol [2011.05.16 18:19:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.05.16 17:45:06 | 000,028,501 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\UserTile.png [2011.05.16 16:42:53 | 000,002,322 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\video_marlixxx.lnk [2011.05.16 13:29:58 | 000,001,456 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2011.05.16 12:37:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001Core.job [2011.05.16 12:17:10 | 000,000,600 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\winscp.rnd [2011.05.15 19:27:09 | 000,073,728 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\chrtmp [2011.05.14 08:31:34 | 005,758,920 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\VID_20110513_232947.m4v [2011.05.11 19:11:04 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011.05.11 17:41:01 | 014,072,789 | ---- | M] () -- C:\Users\BEAZMUSIX\Documents\football1.ncor [2011.05.10 15:09:22 | 000,000,132 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.05.09 09:00:12 | 000,027,648 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.04 21:09:37 | 004,153,134 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\Version_1.psd [2011.05.04 21:09:34 | 002,824,321 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\flub.psd [2011.05.01 14:06:36 | 000,001,189 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\diamonds_dolls.lnk [2011.04.30 11:39:10 | 000,000,600 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\PUTTY.RND [2011.04.28 03:22:53 | 005,279,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.26 17:05:32 | 000,001,154 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\jungtiere.lnk [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.16 23:18:01 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.05.16 18:01:47 | 000,073,728 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\chrtmp [2011.05.16 17:45:06 | 000,028,501 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\UserTile.png [2011.05.14 08:31:34 | 005,758,920 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\VID_20110513_232947.m4v [2011.05.11 17:08:49 | 014,072,789 | ---- | C] () -- C:\Users\BEAZMUSIX\Documents\football1.ncor [2011.05.04 19:56:32 | 002,824,321 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\flub.psd [2011.05.04 19:47:58 | 004,153,134 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\Version_1.psd [2011.05.01 14:06:36 | 000,001,189 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\diamonds_dolls.lnk [2011.04.30 11:41:08 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.04.26 17:05:32 | 000,001,154 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\jungtiere.lnk [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.02.11 09:24:30 | 000,000,306 | ---- | C] () -- C:\Windows\gttb64.ini [2011.01.16 17:55:19 | 001,734,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.08 10:42:55 | 000,000,000 | -H-- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\.536854402C7AD373.sys [2010.11.22 18:36:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.11.17 23:58:08 | 000,149,216 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010.11.17 20:24:59 | 000,000,524 | ---- | C] () -- C:\Windows\QIII.INI [2010.11.08 20:27:34 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2010.11.03 08:50:16 | 013,942,784 | ---- | C] () -- C:\ProgramData\sandra.mda [2010.10.31 09:32:51 | 000,000,101 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2010.10.22 10:20:51 | 000,000,116 | ---- | C] () -- C:\Windows\TrusV2.dll [2010.10.13 10:21:15 | 000,000,132 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010.10.10 00:51:16 | 000,000,000 | -H-- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\.5368544057A0E5FA.sys [2010.10.09 12:46:46 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys [2010.10.09 12:45:56 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg [2010.10.05 09:07:36 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll [2010.10.05 08:59:26 | 000,319,487 | ---- | C] () -- C:\Windows\LOOP.exe [2010.09.28 13:37:14 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll [2010.09.24 15:49:04 | 000,000,600 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\winscp.rnd [2010.09.24 14:43:31 | 000,000,600 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\PUTTY.RND [2010.09.22 19:43:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.09.22 14:17:16 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.09.20 09:48:34 | 000,001,456 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2010.09.20 07:57:51 | 000,266,400 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.20 07:57:49 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.20 07:57:49 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.19 19:34:31 | 000,027,648 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.19 18:23:50 | 000,007,602 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\Resmon.ResmonCfg [2010.09.19 16:14:59 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010.09.19 13:57:44 | 000,266,578 | ---- | C] () -- C:\Windows\hpwins22.dat [2010.09.19 13:57:44 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat [2010.09.19 10:42:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.09.19 10:37:03 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010.09.19 10:37:03 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010.09.19 10:30:49 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2002.10.03 15:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini ========== LOP Check ========== [2011.01.04 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Ableton [2010.10.05 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Antares [2010.09.25 15:19:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Bioshock2 [2011.03.01 00:08:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\BOM [2011.05.12 13:00:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited [2010.10.27 13:45:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.12.03 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Cycling '74 [2010.09.19 14:39:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DAEMON Tools Lite [2010.10.20 14:24:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DelinvFile [2010.10.16 08:47:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Dropbox [2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FileZilla [2011.01.24 14:35:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FRITZ! [2011.01.08 10:59:26 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FXpansion [2011.05.03 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo [2010.11.10 12:27:59 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze [2011.05.16 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ICQ [2010.09.19 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Leadertech [2011.02.17 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\LolClient [2011.05.03 18:08:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar [2010.10.22 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nik Software [2011.03.22 08:20:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\onOne Software [2010.12.03 19:54:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\PACE Anti-Piracy [2010.10.09 15:09:32 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Propellerhead Software [2011.02.06 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Quite [2011.05.11 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1 [2010.09.19 12:42:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SorensonMedia [2010.10.14 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.12.09 00:28:56 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TeamViewer [2011.05.17 07:26:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\The Bat! [2010.09.24 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend [2011.03.30 10:29:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Trellian [2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TS3Client [2010.12.26 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TuneUp Software [2010.10.19 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTouch [2011.05.12 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft [2010.12.15 11:50:12 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.01.04 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Ableton [2011.01.17 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe [2010.10.14 18:47:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe Mini Bridge CS5 [2010.10.05 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Antares [2011.04.15 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Apple Computer [2010.09.19 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ATI [2010.10.01 14:29:04 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\atitray [2010.09.20 08:31:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Avira [2010.09.25 15:19:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Bioshock2 [2011.03.01 00:08:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\BOM [2011.05.12 13:00:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited [2010.10.27 13:45:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.12.03 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Cycling '74 [2010.09.19 14:39:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DAEMON Tools Lite [2010.10.20 14:24:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DelinvFile [2010.10.16 08:47:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Dropbox [2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FileZilla [2011.01.24 14:35:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FRITZ! [2011.01.08 10:59:26 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FXpansion [2011.05.03 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo [2010.11.10 12:27:59 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze [2010.09.22 09:32:04 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\HP [2010.10.31 09:06:12 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\HpUpdate [2011.05.16 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ICQ [2010.09.19 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Identities [2010.09.19 10:34:10 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\InstallShield [2010.09.19 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Leadertech [2010.10.04 14:52:18 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Logitech [2011.02.17 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\LolClient [2010.09.20 08:46:06 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Macromedia [2010.11.16 14:39:17 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Malwarebytes [2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Media Center Programs [2011.05.03 18:08:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar [2011.05.16 17:31:39 | 000,000,000 | --SD | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Microsoft [2011.05.03 16:24:44 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mIRC [2010.09.19 11:23:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Mozilla [2010.09.19 18:05:02 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nero [2010.10.22 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nik Software [2011.03.22 08:20:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\onOne Software [2010.12.03 19:54:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\PACE Anti-Piracy [2010.10.09 15:09:32 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Propellerhead Software [2011.02.06 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Quite [2011.05.11 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1 [2010.09.22 14:35:15 | 000,000,000 | RH-D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SecuROM [2011.05.17 08:08:57 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Skype [2010.12.22 19:19:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\skypePM [2010.09.19 12:42:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SorensonMedia [2010.10.14 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.12.09 00:28:56 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TeamViewer [2011.05.17 07:26:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\The Bat! [2010.09.24 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend [2011.03.30 10:29:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Trellian [2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TS3Client [2010.12.26 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TuneUp Software [2011.05.10 19:36:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\vlc [2011.05.13 10:18:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\VMware [2010.09.19 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WinRAR [2010.10.19 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTablet [2010.10.19 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTouch [2011.05.12 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft [2010.09.19 15:32:27 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2010.06.10 15:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze\uninstall.exe [2011.05.16 23:51:51 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\BEAZMUSIX\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2011.05.03 18:35:08 | 034,698,487 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar\iPad Software Suite\mvc-ipad-software-suite.exe [2010.09.19 14:55:07 | 000,010,134 | R--- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe [2007.06.29 14:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\IoctlSvc.exe [2010.03.25 10:50:52 | 000,176,128 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\JFSW2Launch.exe [2010.03.25 10:50:48 | 000,049,152 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\PLIoctlInstaller.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe [2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 1290 bytes -> C:\Users\BEAZMUSIX\AppData\Local\Temp:LmuUAy5TwVfsWUsdN @Alternate Data Stream - 1215 bytes -> C:\ProgramData\Microsoft:kcVcqHnTe3XFisoBBGlI1FUOGo9sMO @Alternate Data Stream - 1201 bytes -> C:\ProgramData\Microsoft:PkTlsSfjSKFkXoOx5oAXufdQ @Alternate Data Stream - 1197 bytes -> C:\Program Files (x86)\Common Files\System:iKeUT1yDizA5spqhZkIq @Alternate Data Stream - 1162 bytes -> C:\ProgramData\Microsoft:beRpKOOaydh2CmTGjWbJ @Alternate Data Stream - 1159 bytes -> C:\Users\BEAZMUSIX\AppData\Local\kJ8J20TU44SC:cquGjBFO6IVJmp239aYmeL6a7 @Alternate Data Stream - 1106 bytes -> C:\ProgramData\Microsoft:PwWJ9Z1gpzaGM6qCtCrjGfGgJ < End of report > |
|
17.05.2011, 07:32
| #4 |
| | Proxyserver ? rechner läuft merkwürdig. hjtscanlist.txt Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7600]
C:
17.05.2011 08:21 C:\Program Files (x86) --------- 40960
17.05.2011 08:11 C:\System Volume Information --------- 28672
17.05.2011 07:55 C:\Windows --------- 28672
17.05.2011 07:51 C:\PurgeIE --------- 4096
16.05.2011 23:52 C:\inetpub --------- 0
16.05.2011 23:52 C:\Config.Msi --------- 0
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
16.05.2011 23:12 C:\Riot Games --------- 0
13.05.2011 10:18 C:\Program Files --------- 12288
12.05.2011 13:00 C:\ProgramData --------- 20480
11.02.2011 09:24 C:\PDOXUSRS.NET --------- 13030
16.01.2011 18:57 C:\.rnd --------- 1024
16.11.2010 14:29 C:\32788R22FWJFW --------- 49152
16.11.2010 11:42 C:\aaw7boot.cmd --------- 106
19.09.2010 17:08 C:\BOOTSECT.BAK --------- 8192
19.09.2010 17:08 C:\Boot --------- 4096
19.09.2010 17:00 C:\MSOCache --------- 0
19.09.2010 16:21 C:\$Recycle.Bin --------- 0
19.09.2010 16:21 C:\Users --------- 4096
19.09.2010 16:20 C:\w7ldr --------- 171136
19.09.2010 16:19 C:\Recovery --------- 0
19.09.2010 16:19 C:\Programme --------- 0
19.09.2010 16:19 C:\Dokumente und Einstellungen --------- 0
14.07.2009 07:08 C:\Documents and Settings --------- 0
14.07.2009 05:20 C:\PerfLogs --------- 0
14.07.2009 03:38 C:\bootmgr --------- 383562
----------------------------------------
C:\Windows
17.05.2011 08:00 C:\Windows\WindowsUpdate.log --------- 1879418
16.05.2011 23:37 C:\Windows\bootstat.dat --------- 67584
11.05.2011 19:11 C:\Windows\NeroDigital.ini --------- 69
26.02.2011 08:23 C:\Windows\explorer.exe --------- 2870272
11.02.2011 09:24 C:\Windows\gttb64.ini --------- 306
11.02.2011 09:22 C:\Windows\Mubri2002 --------- 22
10.12.2010 13:03 C:\Windows\SurCode.INI --------- 21
17.11.2010 20:24 C:\Windows\QIII.INI --------- 524
16.11.2010 10:03 C:\Windows\Lic.xxx --------- 54
02.11.2010 10:48 C:\Windows\DUMPf5ca.DMP --------- 262144
22.10.2010 11:16 C:\Windows\gktemp.wat --------- 30001
22.10.2010 10:20 C:\Windows\TrusV2.dll --------- 116
19.09.2010 17:26 C:\Windows\win.ini --------- 513
19.09.2010 14:04 C:\Windows\hpwins22.dat --------- 266578
19.09.2010 13:00 C:\Windows\Language_trs.ini --------- 1769
19.09.2010 10:42 C:\Windows\ativpsrm.bin --------- 0
19.09.2010 10:31 C:\Windows\difxapi.dll --------- 414632
12.08.2010 17:12 C:\Windows\atiogl.xml --------- 22190
28.07.2010 07:21 C:\Windows\hpwmdl22.dat --------- 2850
14.07.2009 06:54 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 03:39 C:\Windows\write.exe --------- 10240
14.07.2009 03:39 C:\Windows\splwow64.exe --------- 61952
14.07.2009 03:39 C:\Windows\regedit.exe --------- 427008
14.07.2009 03:39 C:\Windows\notepad.exe --------- 193536
14.07.2009 03:39 C:\Windows\HelpPane.exe --------- 733696
14.07.2009 03:39 C:\Windows\hh.exe --------- 16896
14.07.2009 03:39 C:\Windows\fveupdate.exe --------- 15360
14.07.2009 03:38 C:\Windows\bfsvc.exe --------- 71168
14.07.2009 03:16 C:\Windows\twain_32.dll --------- 51200
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 01:06 C:\Windows\mib.bin --------- 43131
06.07.2009 03:00 C:\Windows\install.dex --------- 472368
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:08 C:\Windows\system.ini --------- 219
10.06.2009 22:52 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 22:36 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 22:31 C:\Windows\Ultimate.xml --------- 51867
10.06.2009 22:31 C:\Windows\Starter.xml --------- 48201
02.06.2007 16:20 C:\Windows\ST5UNST.EXE --------- 71680
16.02.2004 02:45 C:\Windows\LOOP.exe --------- 319487
03.10.2002 15:42 C:\Windows\Q3version.ini --------- 34
17.12.1999 11:13 C:\Windows\unvise32.exe --------- 86016
17.11.1998 14:44 C:\Windows\IsUn0407.exe --------- 328704
29.10.1998 16:45 C:\Windows\IsUninst.exe --------- 306688
----------------------------------------
C:\Windows\System
----------------------------------------
C:\Windows\System32
17.05.2011 04:56 C:\Windows\system32\config --------- 24576
16.05.2011 23:58 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 16944
16.05.2011 23:58 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 16944
16.05.2011 23:54 C:\Windows\system32\perfh009.dat --------- 729950
16.05.2011 23:54 C:\Windows\system32\perfc009.dat --------- 148600
16.05.2011 23:54 C:\Windows\system32\perfh007.dat --------- 789736
16.05.2011 23:54 C:\Windows\system32\perfc007.dat --------- 182046
16.05.2011 23:54 C:\Windows\system32\PerfStringBackup.INI --------- 1830514
16.05.2011 23:52 C:\Windows\system32\de-DE --------- 327680
16.05.2011 23:52 C:\Windows\system32\migration --------- 0
16.05.2011 23:52 C:\Windows\system32\inetsrv --------- 8192
16.05.2011 23:52 C:\Windows\system32\BestPractices --------- 0
14.05.2011 18:44 C:\Windows\system32\Tasks --------- 4096
13.05.2011 10:20 C:\Windows\system32\GroupPolicyUsers --------- 0
13.05.2011 10:20 C:\Windows\system32\catroot --------- 4096
13.05.2011 10:20 C:\Windows\system32\DriverStore --------- 4096
13.05.2011 10:20 C:\Windows\system32\drivers --------- 65536
12.05.2011 03:02 C:\Windows\system32\MRT.exe --------- 44548040
11.05.2011 08:45 C:\Windows\system32\catroot2 --------- 20480
28.04.2011 03:22 C:\Windows\system32\FNTCACHE.DAT --------- 5279736
26.04.2011 12:25 C:\Windows\system32\lvcoinst.log --------- 17742
14.04.2011 19:03 C:\Windows\system32\DRVSTORE --------- 0
14.04.2011 06:56 C:\Windows\system32\Boot --------- 0
09.04.2011 08:45 C:\Windows\system32\ntoskrnl.exe --------- 5509504
06.04.2011 16:26 C:\Windows\system32\dns-sd.exe --------- 119584
06.04.2011 16:26 C:\Windows\system32\jdns_sd.dll --------- 69408
06.04.2011 16:26 C:\Windows\system32\dnssdX.dll --------- 237856
06.04.2011 16:26 C:\Windows\system32\dnssd.dll --------- 96544
12.03.2011 14:03 C:\Windows\system32\XpsPrint.dll --------- 662528
11.03.2011 08:19 C:\Windows\system32\mfc42u.dll --------- 1359872
11.03.2011 08:19 C:\Windows\system32\mfc42.dll --------- 1395712
11.03.2011 08:18 C:\Windows\system32\esent.dll --------- 2566144
11.03.2011 08:15 C:\Windows\system32\fsutil.exe --------- 96768
08.03.2011 08:14 C:\Windows\system32\inetcomm.dll --------- 976896
03.03.2011 08:17 C:\Windows\system32\dnsrslvr.dll --------- 182272
03.03.2011 08:17 C:\Windows\system32\dnsapi.dll --------- 356352
03.03.2011 08:14 C:\Windows\system32\dnscacheugc.exe --------- 30208
03.03.2011 05:58 C:\Windows\system32\win32k.sys --------- 3133440
24.02.2011 08:30 C:\Windows\system32\XpsGdiConverter.dll --------- 476160
24.02.2011 08:29 C:\Windows\system32\wininet.dll --------- 1197056
24.02.2011 08:28 C:\Windows\system32\urlmon.dll --------- 1499136
24.02.2011 08:25 C:\Windows\system32\mstime.dll --------- 1026560
24.02.2011 08:25 C:\Windows\system32\mshtmled.dll --------- 97280
24.02.2011 08:25 C:\Windows\system32\mshtml.dll --------- 9311744
24.02.2011 08:25 C:\Windows\system32\msfeedsbs.dll --------- 82944
24.02.2011 08:25 C:\Windows\system32\msfeeds.dll --------- 703488
24.02.2011 08:24 C:\Windows\system32\licmgr10.dll --------- 57856
24.02.2011 08:24 C:\Windows\system32\jsproxy.dll --------- 64512
24.02.2011 08:24 C:\Windows\system32\ieui.dll --------- 247808
24.02.2011 08:24 C:\Windows\system32\iertutil.dll --------- 2447872
24.02.2011 08:24 C:\Windows\system32\iepeers.dll --------- 256000
24.02.2011 08:24 C:\Windows\system32\ieframe.dll --------- 12369408
24.02.2011 08:24 C:\Windows\system32\iedkcs32.dll --------- 445952
24.02.2011 08:21 C:\Windows\system32\msfeedssync.exe --------- 12288
24.02.2011 07:05 C:\Windows\system32\html.iec --------- 482816
24.02.2011 06:24 C:\Windows\system32\mshtml.tlb --------- 1638912
19.02.2011 08:37 C:\Windows\system32\FntCache.dll --------- 1135104
19.02.2011 08:37 C:\Windows\system32\DWrite.dll --------- 1540608
19.02.2011 08:36 C:\Windows\system32\d2d1.dll --------- 902656
19.02.2011 08:36 C:\Windows\system32\atmlib.dll --------- 46080
19.02.2011 06:13 C:\Windows\system32\atmfd.dll --------- 367104
18.02.2011 16:36 C:\Windows\system32\usbaaplrc.dll --------- 4184352
18.02.2011 08:37 C:\Windows\system32\vbscript.dll --------- 612352
18.02.2011 08:36 C:\Windows\system32\jscript.dll --------- 852480
18.02.2011 08:33 C:\Windows\system32\prevhost.exe --------- 31232
12.02.2011 08:14 C:\Windows\system32\FXSCOVER.exe --------- 267776
05.02.2011 14:41 C:\Windows\system32\winresume.efi --------- 556928
05.02.2011 14:41 C:\Windows\system32\winload.efi --------- 640896
05.02.2011 14:41 C:\Windows\system32\kd1394.dll --------- 19328
05.02.2011 14:41 C:\Windows\system32\kdusb.dll --------- 20352
05.02.2011 14:41 C:\Windows\system32\kdcom.dll --------- 17792
05.02.2011 14:39 C:\Windows\system32\winresume.exe --------- 518160
05.02.2011 14:39 C:\Windows\system32\winload.exe --------- 603976
02.02.2011 18:11 C:\Windows\system32\MpSigStub.exe --------- 270720
28.01.2011 10:25 C:\Windows\system32\GroupPolicy --------- 0
26.01.2011 08:31 C:\Windows\system32\cdd.dll --------- 144384
20.01.2011 09:21 C:\Windows\system32\wdi --------- 4096
07.01.2011 15:02 C:\Windows\system32\mfcm100u.dll --------- 91472
07.01.2011 15:02 C:\Windows\system32\mfc100ita.dll --------- 62288
07.01.2011 15:02 C:\Windows\system32\vcomp100.dll --------- 57168
07.01.2011 15:02 C:\Windows\system32\mfcm100.dll --------- 91472
07.01.2011 15:02 C:\Windows\system32\mfc100fra.dll --------- 64336
07.01.2011 15:02 C:\Windows\system32\mfc100esn.dll --------- 63824
07.01.2011 15:02 C:\Windows\system32\msvcr100.dll --------- 827728
07.01.2011 15:02 C:\Windows\system32\mfc100enu.dll --------- 55120
07.01.2011 15:02 C:\Windows\system32\mfc100deu.dll --------- 64336
07.01.2011 15:02 C:\Windows\system32\mfc100cht.dll --------- 36176
07.01.2011 15:02 C:\Windows\system32\mfc100rus.dll --------- 60752
07.01.2011 15:02 C:\Windows\system32\mfc100jpn.dll --------- 43856
07.01.2011 15:02 C:\Windows\system32\mfc100kor.dll --------- 43344
07.01.2011 15:02 C:\Windows\system32\mfc100u.dll --------- 5523280
07.01.2011 15:02 C:\Windows\system32\mfc100chs.dll --------- 36176
07.01.2011 15:02 C:\Windows\system32\msvcp100.dll --------- 608080
07.01.2011 15:02 C:\Windows\system32\mfc100.dll --------- 5493576
07.01.2011 15:02 C:\Windows\system32\atl100.dll --------- 158536
23.12.2010 08:07 C:\Windows\system32\sbe.dll --------- 1118720
23.12.2010 08:07 C:\Windows\system32\EncDec.dll --------- 723968
23.12.2010 08:07 C:\Windows\system32\CPFilters.dll --------- 961024
23.12.2010 08:02 C:\Windows\system32\mpg2splt.ax --------- 259072
21.12.2010 08:16 C:\Windows\system32\wscsvc.dll --------- 97280
----------------------------------------
C:\Windows\Prefetch
17.05.2011 08:34 C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 15156
17.05.2011 08:34 C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 20430
17.05.2011 08:33 C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 129482
17.05.2011 08:33 C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf --------- 146226
17.05.2011 08:33 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 16658
17.05.2011 08:33 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 125518
17.05.2011 08:33 C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 19662
17.05.2011 08:33 C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 100394
17.05.2011 08:32 C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf --------- 72682
17.05.2011 08:31 C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 74134
17.05.2011 08:28 C:\Windows\Prefetch\MBAM.EXE-80210E2F.pf --------- 87056
17.05.2011 08:28 C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf --------- 43546
17.05.2011 08:28 C:\Windows\Prefetch\MBAMGUI.EXE-1CA97248.pf --------- 15882
17.05.2011 08:28 C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf --------- 21084
17.05.2011 08:28 C:\Windows\Prefetch\MBAM-SETUP.TMP-61B82A64.pf --------- 34924
17.05.2011 08:28 C:\Windows\Prefetch\MBAM-SETUP.EXE-387B5C9E.pf --------- 24220
17.05.2011 08:24 C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 363276
17.05.2011 08:22 C:\Windows\Prefetch\SDSCAN.EXE-8BEA0233.pf --------- 118104
17.05.2011 08:22 C:\Windows\Prefetch\SDWELCOME.EXE-0FFFA5CE.pf --------- 77746
17.05.2011 08:22 C:\Windows\Prefetch\SDWSCSVC.EXE-B6A161F7.pf --------- 14526
17.05.2011 08:22 C:\Windows\Prefetch\SDMONSVC.EXE-1DCD22F0.pf --------- 58828
17.05.2011 08:22 C:\Windows\Prefetch\SDFWSVC.EXE-3145E78F.pf --------- 56122
17.05.2011 08:22 C:\Windows\Prefetch\SDFSSVC.EXE-D6B29DDB.pf --------- 92474
17.05.2011 08:22 C:\Windows\Prefetch\SDUPDSVC.EXE-22FCB87B.pf --------- 70482
17.05.2011 08:21 C:\Windows\Prefetch\SPYBOTSD-2.0.3-BETA1.TMP-DBF406D3.pf --------- 34220
17.05.2011 08:21 C:\Windows\Prefetch\SPYBOTSD-2.0.3-BETA1.EXE-4A73FA8F.pf --------- 24570
17.05.2011 08:20 C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf --------- 104118
17.05.2011 08:18 C:\Windows\Prefetch\WLCOMM.EXE-324C9362.pf --------- 54720
17.05.2011 08:18 C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf --------- 42236
17.05.2011 08:18 C:\Windows\Prefetch\MSNMSGR.EXE-D22CE80C.pf --------- 171954
17.05.2011 08:18 C:\Windows\Prefetch\LVPRCSRV.EXE-A94CF8D0.pf --------- 11984
17.05.2011 08:14 C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf --------- 77510
17.05.2011 08:13 C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf --------- 174084
17.05.2011 08:11 C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 21916
17.05.2011 08:11 C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 108246
17.05.2011 08:11 C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf --------- 30820
17.05.2011 08:11 C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 64656
17.05.2011 08:07 C:\Windows\Prefetch\OTL.EXE-DEE536B2.pf --------- 43144
17.05.2011 08:04 C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf --------- 336664
17.05.2011 08:04 C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf --------- 74380
17.05.2011 08:03 C:\Windows\Prefetch\VDS.EXE-6E7946F9.pf --------- 32654
17.05.2011 08:03 C:\Windows\Prefetch\WBENGINE.EXE-28FD7E8B.pf --------- 24770
17.05.2011 08:03 C:\Windows\Prefetch\RSTRUI.EXE-2D50C58D.pf --------- 60086
17.05.2011 08:03 C:\Windows\Prefetch\VDSLDR.EXE-6B089E8B.pf --------- 19346
17.05.2011 08:03 C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf --------- 26770
17.05.2011 08:03 C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf --------- 16606
17.05.2011 08:01 C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 91040
17.05.2011 08:01 C:\Windows\Prefetch\MSASCUI.EXE-07E0123F.pf --------- 37206
17.05.2011 08:01 C:\Windows\Prefetch\CHROME.EXE-C674C164.pf --------- 208694
17.05.2011 08:00 C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf --------- 29928
17.05.2011 07:59 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2289776
17.05.2011 07:59 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 892003
17.05.2011 07:59 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 6895860
17.05.2011 07:59 C:\Windows\Prefetch\AgRobust.db --------- 804456
17.05.2011 07:51 C:\Windows\Prefetch\TASKMAN.EXE-37FA792A.pf --------- 66408
17.05.2011 07:51 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1294757140-3442182510-2919184659-1001.db --------- 1135422
17.05.2011 07:51 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1294757140-3442182510-2919184659-1001.db --------- 2446283
17.05.2011 07:51 C:\Windows\Prefetch\DELINVFILE.EXE-62FC1FBA.pf --------- 56648
17.05.2011 07:50 C:\Windows\Prefetch\CCLEANER64.EXE-7BB3E865.pf --------- 66640
17.05.2011 07:50 C:\Windows\Prefetch\PING.EXE-371F41E2.pf --------- 18826
17.05.2011 07:50 C:\Windows\Prefetch\CCSETUP306.EXE-9C6A76FF.pf --------- 49500
17.05.2011 07:49 C:\Windows\Prefetch\CCLEANER.EXE-72C9B7B3.pf --------- 17666
17.05.2011 07:49 C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 19614
17.05.2011 07:48 C:\Windows\Prefetch\SKYPE.EXE-E71BF59F.pf --------- 109488
17.05.2011 07:48 C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf --------- 112234
17.05.2011 07:48 C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf --------- 22702
17.05.2011 07:48 C:\Windows\Prefetch\WORDPAD.EXE-10B569CF.pf --------- 58168
17.05.2011 07:37 C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 371480
17.05.2011 07:37 C:\Windows\Prefetch\GOOGLEUPDATE.EXE-3AA2037F.pf --------- 43400
17.05.2011 07:26 C:\Windows\Prefetch\THEBAT.EXE-E94C54EE.pf --------- 151388
17.05.2011 07:10 C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf --------- 2552
17.05.2011 06:19 C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 24254
17.05.2011 04:46 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 159818
17.05.2011 04:40 C:\Windows\Prefetch\Layout.ini --------- 934826
17.05.2011 03:53 C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf --------- 44456
17.05.2011 03:46 C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 86452
17.05.2011 03:45 C:\Windows\Prefetch\AITAGENT.EXE-DA3E7689.pf --------- 2240
17.05.2011 02:17 C:\Windows\Prefetch\ReadyBoot --------- 0
17.05.2011 01:00 C:\Windows\Prefetch\SC.EXE-945D79AE.pf --------- 71922
16.05.2011 23:55 C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 22780
16.05.2011 23:54 C:\Windows\Prefetch\LOLCLIENT.EXE-D236C479.pf --------- 181384
16.05.2011 23:54 C:\Windows\Prefetch\LOLLAUNCHER.EXE-BEFF6BC4.pf --------- 118874
16.05.2011 23:54 C:\Windows\Prefetch\RADS_USER_KERNEL.EXE-9DAAF573.pf --------- 111872
16.05.2011 23:54 C:\Windows\Prefetch\PMB.EXE-3F581971.pf --------- 70168
16.05.2011 23:53 C:\Windows\Prefetch\LOL.LAUNCHER.EXE-4C860503.pf --------- 28568
16.05.2011 23:39 C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 37032
16.05.2011 23:33 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584
16.05.2011 21:43 C:\Windows\Prefetch\WMPLAYER.EXE-26C72A86.pf --------- 197132
16.05.2011 18:43 C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf --------- 98432
16.05.2011 12:19 C:\Windows\Prefetch\CS5SERVICEMANAGER.EXE-8B1F9E8A.pf --------- 34732
11.05.2011 08:37 C:\Windows\Prefetch\AgCx_SC4.db --------- 367188
20.01.2011 11:22 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 4422632
19.09.2010 16:10 C:\Windows\Prefetch\AgAppLaunch.db --------- 334168
----------------------------------------
C:\Windows\Tasks
17.05.2011 07:37 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001UA.job --------- 1136
16.05.2011 23:37 C:\Windows\Tasks\SA.DAT --------- 6
16.05.2011 12:37 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001Core.job --------- 1084
15.12.2010 11:50 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632
----------------------------------------
C:\Windows\Temp
17.05.2011 08:22 C:\Windows\Temp\Cookies --------- 0
17.05.2011 07:56 C:\Windows\Temp\History --------- 0
17.05.2011 07:56 C:\Windows\Temp\Temporary Internet Files --------- 0
C:\Windows\Temp\HPSLPSVC0068.log ---------
16.05.2011 23:37 C:\Windows\Temp\logishrd --------- 0
----------------------------------------
C:\Users\BEAZMU~1\AppData\Local\Temp
17.05.2011 08:28 C:\Users\BEAZMU~1\AppData\Local\Temp\~DF0FA9F9B7A37F1659.TMP --------- 81920
17.05.2011 08:22 C:\Users\BEAZMU~1\AppData\Local\Temp\is-8QG4I.tmp --------- 0
17.05.2011 08:20 C:\Users\BEAZMU~1\AppData\Local\Temp\plugtmp --------- 0
17.05.2011 08:22 C:\Users\BEAZMU~1\AppData\Local\Temp\MessengerCache --------- 53248
17.05.2011 08:22 C:\Users\BEAZMU~1\AppData\Local\Temp\de-de --------- 0
17.05.2011 08:22 C:\Users\BEAZMU~1\AppData\Local\Temp\en-us --------- 0
16.05.2011 23:18 C:\Users\BEAZMU~1\AppData\Local\Temp\{853917C7-184D-43CC-A444-727AFFCE5DFC} --------- 4096
27.02.2011 21:11 C:\Users\BEAZMU~1\AppData\Local\Temp\TeamViewer --------- 0
22.11.2010 17:38 C:\Users\BEAZMU~1\AppData\Local\Temp\Low --------- 0
16.11.2010 13:46 C:\Users\BEAZMU~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
----------------------------------------
C:\Program Files
30.04.2011 20:56 C:\Program Files\iTunes --------- 4096
30.04.2011 20:55 C:\Program Files\iPod --------- 0
30.04.2011 20:53 C:\Program Files\Bonjour --------- 0
14.04.2011 19:00 C:\Program Files\Common Files --------- 4096
14.04.2011 06:57 C:\Program Files\Internet Explorer --------- 4096
24.01.2011 14:41 C:\Program Files\FRITZDSL --------- 8192
15.12.2010 11:48 C:\Program Files\Windows Mail --------- 4096
05.12.2010 10:30 C:\Program Files\Novation --------- 0
28.11.2010 16:23 C:\Program Files\7-Zip --------- 4096
05.11.2010 17:07 C:\Program Files\Core Temp --------- 4096
03.11.2010 08:50 C:\Program Files\SiSoftware --------- 0
31.10.2010 10:57 C:\Program Files\ATI Technologies --------- 0
29.10.2010 20:42 C:\Program Files\WBFS --------- 0
29.10.2010 19:30 C:\Program Files\WinRAR --------- 8192
19.10.2010 21:24 C:\Program Files\Tablet --------- 4096
19.10.2010 21:24 C:\Program Files\WTouch --------- 4096
14.10.2010 03:25 C:\Program Files\Windows Media Player --------- 4096
05.10.2010 09:11 C:\Program Files\Cakewalk --------- 0
27.09.2010 20:29 C:\Program Files\PlayReady --------- 4096
20.09.2010 08:41 C:\Program Files\RealVNC --------- 0
20.09.2010 07:42 C:\Program Files\Adobe --------- 4096
19.09.2010 23:48 C:\Program Files\CPUID --------- 0
19.09.2010 17:03 C:\Program Files\Microsoft Office --------- 0
19.09.2010 16:19 C:\Program Files\Windows NT --------- 4096
19.09.2010 16:19 C:\Program Files\Gemeinsame Dateien --------- 0
19.09.2010 11:26 C:\Program Files\M-Audio --------- 0
19.09.2010 11:25 C:\Program Files\Logitech --------- 0
19.09.2010 10:38 C:\Program Files\ATI --------- 0
14.07.2009 20:18 C:\Program Files\DVD Maker --------- 4096
14.07.2009 20:18 C:\Program Files\Windows Journal --------- 4096
14.07.2009 20:18 C:\Program Files\Microsoft Games --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Sidebar --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Photo Viewer --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Defender --------- 4096
14.07.2009 07:32 C:\Program Files\Windows Portable Devices --------- 0
14.07.2009 07:32 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 07:32 C:\Program Files\MSBuild --------- 0
14.07.2009 07:09 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:54 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
BEAZMUSIX
Public
Default
Default User
All Users
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 5.960 K
smss.exe 296 Services 0 1.236 K
csrss.exe 392 Services 0 5.920 K
wininit.exe 468 Services 0 4.544 K
csrss.exe 492 Console 1 10.452 K
services.exe 524 Services 0 10.560 K
lsass.exe 540 Services 0 14.472 K
lsm.exe 548 Services 0 4.772 K
winlogon.exe 616 Console 1 7.484 K
svchost.exe 700 Services 0 10.720 K
svchost.exe 816 Services 0 9.916 K
atiesrxx.exe 884 Services 0 4.424 K
svchost.exe 948 Services 0 25.768 K
svchost.exe 984 Services 0 202.760 K
svchost.exe 124 Services 0 46.188 K
svchost.exe 832 Services 0 18.420 K
Pen_TouchService.exe 1112 Services 0 4.980 K
atieclxx.exe 1196 Console 1 6.228 K
wisptis.exe 1216 Console 1 8.812 K
svchost.exe 1300 Services 0 33.056 K
spoolsv.exe 1432 Services 0 20.696 K
sched.exe 1460 Services 0 2.340 K
svchost.exe 1544 Services 0 19.844 K
svchost.exe 1664 Services 0 14.600 K
avguard.exe 1684 Services 0 21.936 K
AppleMobileDeviceService. 1732 Services 0 7.504 K
taskhost.exe 1864 Console 1 11.200 K
wisptis.exe 1904 Console 1 11.884 K
TabTip.exe 2000 Console 1 14.752 K
Pen_TouchUser.exe 2028 Console 1 11.964 K
dwm.exe 1136 Console 1 40.980 K
avshadow.exe 1172 Services 0 8.180 K
TabTip32.exe 1816 Console 1 2.876 K
conhost.exe 2104 Services 0 2.800 K
AsSysCtrlService.exe 2144 Services 0 3.276 K
mDNSResponder.exe 2172 Services 0 5.792 K
svchost.exe 2208 Services 0 41.624 K
svchost.exe 2232 Services 0 11.168 K
LVPrcSrv.exe 2264 Services 0 6.460 K
svchost.exe 2296 Services 0 3.964 K
PassThruSvr.exe 2340 Services 0 3.376 K
LVPrS64H.exe 2408 Services 0 4.504 K
svchost.exe 2520 Services 0 4.632 K
PnkBstrA.exe 2544 Services 0 4.204 K
StarWindServiceAE.exe 2596 Services 0 6.072 K
svchost.exe 2620 Services 0 7.636 K
Pen_Tablet.exe 2648 Services 0 10.896 K
Pen_TabletUser.exe 2768 Console 1 6.260 K
Pen_Tablet.exe 2832 Console 1 23.608 K
Backup.exe 2996 Console 1 22.356 K
hpqtra08.exe 2112 Console 1 18.876 K
AutomapServer.exe 1796 Console 1 14.248 K
LWS.exe 2684 Console 1 17.840 K
avgnt.exe 2744 Console 1 2.672 K
razerhid.exe 2740 Console 1 7.188 K
iTunesHelper.exe 1004 Console 1 13.280 K
MOM.exe 3344 Console 1 9.628 K
razerofa.exe 3444 Console 1 4.116 K
MidiAutomapClient.exe 3468 Console 1 7.208 K
WLIDSVC.EXE 3488 Services 0 17.844 K
CCC.exe 3684 Console 1 19.048 K
SynoDrServicex64.exe 3924 Services 0 4.748 K
COCIManager.exe 3964 Console 1 7.444 K
WLIDSVCM.EXE 3320 Services 0 3.520 K
SearchIndexer.exe 1916 Services 0 44.536 K
iPodService.exe 4268 Services 0 7.632 K
svchost.exe 4468 Services 0 8.760 K
svchost.exe 4536 Services 0 6.136 K
wmpnetwk.exe 3416 Services 0 11.464 K
hpqste08.exe 4676 Console 1 11.280 K
hpqbam08.exe 4600 Console 1 6.200 K
hpqgpc01.exe 3280 Console 1 10.636 K
explorer.exe 2960 Console 1 78.152 K
InputPersonalization.exe 3892 Console 1 528 K
svchost.exe 1644 Services 0 8.160 K
NASvc.exe 5648 Services 0 5.924 K
svchost.exe 5724 Services 0 43.872 K
svchost.exe 4752 Services 0 8.916 K
svchost.exe 4744 Services 0 9.872 K
SMSvcHost.exe 3912 Services 0 25.180 K
svchost.exe 348 Services 0 4.228 K
firefox.exe 5368 Console 1 172.024 K
plugin-container.exe 5244 Console 1 29.516 K
SDUpdSvc.exe 4664 Services 0 14.472 K
SDFSSvc.exe 4236 Services 0 34.000 K
SDFWSvc.exe 2356 Services 0 18.944 K
SDMonSvc.exe 2392 Services 0 20.328 K
SDWSCSvc.exe 1860 Services 0 8.564 K
SDScan.exe 4816 Console 1 336.028 K
mbam.exe 5700 Console 1 99.056 K
notepad.exe 4112 Console 1 7.832 K
notepad.exe 3036 Console 1 8.184 K
taskhost.exe 4284 Console 1 7.600 K
SearchFilterHost.exe 2940 Services 0 6.972 K
svchost.exe 5956 Services 0 2.904 K
cmd.exe 4280 Console 1 3.876 K
conhost.exe 4276 Console 1 6.376 K
dllhost.exe 5844 Console 1 6.308 K
tasklist.exe 1768 Console 1 5.664 K
WmiPrvSE.exe 644 Services 0 6.284 K
SearchProtocolHost.exe 1620 Services 0 5.228 K
***** Ende des Scans 17.05.2011 um 8:34:25,27 ***
|
|
17.05.2011, 09:33
| #5 |
| | Proxyserver ? rechner läuft merkwürdig. hier jetzt alle logfile nocheinmal zusammengefasst. also die otl logs die spybot s&d logs die malwarbytes logs und die hjtscanlist log vielen dank im vorraus Geändert von beazmusix (17.05.2011 um 09:41 Uhr) |
|
17.05.2011, 15:09
| #6 |
| | Proxyserver ? rechner läuft merkwürdig. so ich habe noch ein wenig weiter gelesen und nun combofix durchlaufen lassen. |
|
| Themen zu Proxyserver ? rechner läuft merkwürdig. |
| administrator, anwendungen, appdata, aufsetzen, browser, cache, code, dateien, diverse, internet, java, logfile, logfiles, merkwürdig, namen, neu, neu aufsetzen, online, rechner, regedit, spiele, suche, system, system neu, system neu aufsetzen, taskmanager, temp, trojanische pferd |
Linear-Darstellung
