| Metallsau | 18.03.2012 06:49 |
System Check Virus. Nach Trojaner Entfernung immer noch geblockt!
Hey,
leider habe ich mir trotz Anti-Vir Pro einen Trojaner eingefangen ...
der sogenannte System-Check Virus.
habe mir dann die Testversion von Trojan-Killer besorgt und durchlaufen lassen.
hat auf anhieb 6 Files gefunden die auch von der Namensgebung schon gepasst hätten.
Leider ist auch nach der Entferung noch immer alle meine Daten auf der Windows-Partition versteckt ....
danach MB 3x drüber laufen lassen 2x was gefunden und immer noch das selbe problem...
hier die geforderten quellen
und schonmal tausend dank | Malwarebytes Anti-Malware (Test) 1.60.1.1000 | | www.malwarebytes.org | | Datenbank Version: v2012.03.18.01 | | Windows 7 Service Pack 1 x64 NTFS | | Internet Explorer 8.0.7601.17514 | | Julian :: JULIAN-PC [Administrator] | | Schutz: Aktiviert | | 18.03.2012 07:33:58 | | mbam-log-2012-03-18 (07-33-58).txt | | Art des Suchlaufs: Quick-Scan | | Aktivierte Suchlaufeinstellungen: Speicher | | Deaktivierte Suchlaufeinstellungen: P2P | | Durchsuchte Objekte: 204087 | | Laufzeit: 53 Sekunde(n) | | Infizierte Speicherprozesse: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Speichermodule: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Registrierungsschlüssel: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Registrierungswerte: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Dateiobjekte der Registrierung: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Verzeichnisse: 0 | | (Keine bösartigen Objekte gefunden) | | Infizierte Dateien: 0 | | (Keine bösartigen Objekte gefunden) | | (Ende) |
OTL
OTL Logfile: Code:
OTL logfile created on: 18.03.2012 07:36:08 - Run 4
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Julian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,07% Memory free
16,00 Gb Paging File | 14,29 Gb Available in Paging File | 89,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 190,53 Gb Total Space | 31,69 Gb Free Space | 16,63% Space Free | Partition Type: NTFS
Drive D: | 733,37 Gb Total Space | 617,26 Gb Free Space | 84,17% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive N: | 7,46 Gb Total Space | 5,12 Gb Free Space | 68,68% Space Free | Partition Type: FAT32
Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Julian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV:64bit: - (lxbk_device) -- C:\Windows\SysNative\lxbkcoms.exe ( )
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (lxbk_device) -- C:\Windows\SysWOW64\lxbkcoms.exe ( )
========== Driver Services (SafeList) ==========
DRV:64bit: - (TrojanKillerDriver) -- C:\Windows\SysNative\drivers\gtkdrv.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (MAUSBFASTTRACKPRO) -- C:\Windows\SysNative\drivers\MAudioFastTrackPro.sys (Avid Technology, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A 41 65 2F 15 D2 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.17 01:46:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.17 05:57:09 | 000,000,000 | ---D | M]
[2011.12.05 22:11:44 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Extensions
[2012.03.15 01:53:01 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\20g45esa.default\extensions
[2012.03.15 01:53:01 | 000,000,000 | -H-D | M] (Default Manager) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\20g45esa.default\extensions\DefaultManager@Microsoft
[2011.12.05 22:28:10 | 000,000,000 | -H-D | M] (Gutscheinrausch.de) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\20g45esa.default\extensions\mail@gutscheinrausch.de
[2012.01.11 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\20G45ESA.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\20G45ESA.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI
[2012.03.17 01:46:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.20 13:49:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.20 13:49:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.20 13:49:05 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.20 13:49:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.20 13:49:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.20 13:49:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8:64bit: - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{425E7094-2780-48E1-92CB-AD324C7F822B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.18 06:59:28 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Malwarebytes
[2012.03.18 06:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.18 06:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.18 06:59:19 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.18 06:59:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.18 06:04:09 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Julian\Desktop\OTL.exe
[2012.03.18 05:22:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012.03.18 04:16:31 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012.03.17 20:14:29 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Desktop\Alex muke teil
[2012.03.17 05:56:24 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2012.03.17 05:56:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2012.03.17 05:56:18 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Documents\VirtualDJ
[2012.03.15 06:11:57 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\dBpoweramp
[2012.03.15 06:11:02 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\AccurateRip
[2012.03.15 06:10:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter
[2012.03.15 01:53:07 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{033D86A4-246B-4D6D-AC72-1AC26C8936B0}
[2012.03.15 01:52:45 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{D4566306-5165-4EC3-AB37-2B961D241CCD}
[2012.03.15 01:52:45 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{1B0187A6-6510-47A1-88AF-7BAFEFC97D12}
[2012.03.12 18:54:03 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{2EC0E13B-AA20-451E-B42D-E6CB9049F702}
[2012.03.12 18:53:42 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{ADB8DD45-7FAC-409F-B47B-1DCAF9F7A4E4}
[2012.03.10 20:45:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.10 20:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X1100 Series
[2012.03.10 20:10:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark X1100 Series
[2012.03.10 20:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark X1100 Series
[2012.03.10 20:10:33 | 000,983,101 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxbkgf.dll
[2012.03.10 20:10:33 | 000,458,752 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbkjswr.dll
[2012.03.10 20:10:33 | 000,155,648 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbkinsb.dll
[2012.03.10 20:10:33 | 000,131,072 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxbkins.dll
[2012.03.10 20:10:33 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbkcur.dll
[2012.03.10 20:10:33 | 000,086,016 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxbkinsr.dll
[2012.03.10 20:10:33 | 000,073,728 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXBKcfg.dll
[2012.03.10 20:10:33 | 000,073,728 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbkcu.dll
[2012.03.10 20:10:22 | 000,443,392 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkjswr.dll
[2012.03.10 20:10:22 | 000,177,664 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkins.dll
[2012.03.10 20:10:22 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkinsb.dll
[2012.03.10 20:10:22 | 000,079,360 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkcu.dll
[2012.03.10 20:10:22 | 000,077,824 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbkcur.dll
[2012.03.10 20:10:22 | 000,072,192 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxbkinsr.dll
[2012.03.10 20:10:22 | 000,062,464 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\LXBKcfg.dll
[2012.03.10 20:10:00 | 000,000,000 | ---D | C] -- C:\drivers
[2012.03.10 19:07:07 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{7D4125EC-5616-4D23-A886-ACAF3DB09D0F}
[2012.03.10 19:06:57 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\{516696DE-F61A-412C-865B-2CA50D7D3D82}
[2012.03.10 19:06:43 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Windows Live Writer
[2012.03.10 19:06:43 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Local\Windows Live Writer
[2012.03.10 19:05:31 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.03.10 19:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.03.10 19:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012.03.10 19:02:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.03.10 19:01:48 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.03.10 19:01:48 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.03.10 19:01:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.03.10 19:01:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.03.10 19:01:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.03.10 19:01:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.03.09 02:27:38 | 000,000,000 | ---D | C] -- C:\Quake III Arena
[2012.03.08 22:25:14 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Desktop\Testfiles für Tinte
[2012.03.07 17:40:00 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Desktop\Musik Vane
[2012.03.07 00:33:49 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Desktop\Praha - Crew 2012
[2012.03.06 20:11:50 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.03.06 20:11:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012.03.06 20:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012.03.01 09:00:51 | 000,000,000 | -H-D | C] -- C:\Users\Julian\Desktop\London Bierverin
[2012.02.25 09:43:56 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012.02.22 02:59:01 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Service Chris Hein Bass
[2012.02.22 02:59:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Best Service Chris Hein Bass
[2012.02.22 02:54:27 | 000,393,216 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_IRC_1_2.dll
[2012.02.22 02:54:27 | 000,061,440 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_DFD_1_5.dll
[2012.02.22 02:46:41 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012.02.22 02:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Best Service
[2012.02.18 20:12:56 | 000,000,000 | RH-D | C] -- C:\Users\Julian\Dropbox
[2012.02.18 19:15:05 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.02.18 19:14:38 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData\Roaming\Dropbox
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.18 07:32:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.18 07:32:22 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.18 07:32:22 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.18 07:32:22 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.18 07:32:22 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.18 07:31:43 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.18 07:31:43 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.18 07:23:44 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.18 07:23:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.18 07:23:26 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.18 07:03:14 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.18 06:59:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.18 05:22:12 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012.03.18 04:25:49 | 000,000,416 | ---- | M] () -- C:\ProgramData\436yESnkmuyhzi
[2012.03.18 04:25:12 | 000,305,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.18 03:25:57 | 000,560,483 | -H-- | M] () -- C:\Users\Julian\Desktop\kkl.mp3
[2012.03.17 15:28:10 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Desktop\OTL.exe
[2012.03.17 05:56:24 | 000,000,688 | -H-- | M] () -- C:\Users\Julian\Desktop\Virtual DJ Pro.lnk
[2012.03.16 00:16:02 | 000,059,695 | -H-- | M] () -- C:\Users\Julian\Desktop\one worth... whait what.dib
[2012.03.15 20:18:59 | 000,213,326 | -H-- | M] () -- C:\Users\Julian\Desktop\leknecht.jpg
[2012.03.15 20:00:07 | 000,000,845 | -H-- | M] () -- C:\Users\Julian\Desktop\Downloarts.lnk
[2012.03.15 19:59:34 | 000,001,034 | -H-- | M] () -- C:\Users\Julian\Desktop\Musik.lnk
[2012.03.15 18:36:31 | 000,354,440 | -H-- | M] () -- C:\Users\Julian\Desktop\cds.jpg
[2012.03.15 07:26:16 | 000,389,176 | -H-- | M] () -- C:\Users\Julian\Desktop\front cover.jpg
[2012.03.15 06:14:24 | 000,003,014 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2012.03.15 06:14:16 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2012.03.15 06:13:55 | 000,005,467 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CD Writer.dat
[2012.03.15 06:13:21 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CD Writer.bmp
[2012.03.15 06:12:33 | 000,013,072 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2012.03.15 06:12:23 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2012.03.15 06:10:57 | 000,015,603 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2012.03.15 06:10:43 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2012.03.15 02:57:47 | 000,115,394 | -H-- | M] () -- C:\Users\Julian\Desktop\jones1.jpg
[2012.03.15 02:57:36 | 000,192,820 | -H-- | M] () -- C:\Users\Julian\Desktop\jones.jpg
[2012.03.14 00:53:24 | 000,000,016 | -H-- | M] () -- C:\Users\Julian\AppData\Roaming\msregsvv.dll
[2012.03.14 00:53:24 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss
[2012.03.14 00:53:24 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\msvcsv60.dll
[2012.03.14 00:53:24 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat
[2012.03.14 00:53:24 | 000,000,016 | ---- | M] () -- C:\ProgramData\autobk.inc
[2012.03.13 19:53:42 | 000,076,538 | -H-- | M] () -- C:\Users\Julian\Desktop\bavarian pope.jpg
[2012.03.12 20:05:48 | 000,200,694 | -H-- | M] () -- C:\Users\Julian\Desktop\Bescheinigung_nach_Paragraph.pdf
[2012.03.11 03:00:37 | 000,685,510 | -H-- | M] () -- C:\Users\Julian\Desktop\3272311_700b.jpg
[2012.03.10 20:30:23 | 000,004,431 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2012.03.10 15:48:55 | 000,088,659 | -H-- | M] () -- C:\Users\Julian\Desktop\430342_354486854575692_1332696075_n.jpg
[2012.03.09 06:46:54 | 000,011,076 | -H-- | M] () -- C:\Users\Julian\Desktop\Textbrocken.odt
[2012.03.07 00:55:00 | 000,078,038 | -H-- | M] () -- C:\Users\Julian\Desktop\megutmann.jpg
[2012.03.06 13:12:18 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.03.06 12:42:39 | 000,168,112 | -H-- | M] () -- C:\Users\Julian\Desktop\jnmljiji.jpg
[2012.03.05 18:05:40 | 000,098,958 | -H-- | M] () -- C:\Users\Julian\Desktop\tumblr_lzn60kd5EO1qb815co1_500.jpg
[2012.03.05 18:04:36 | 000,041,585 | -H-- | M] () -- C:\Users\Julian\Desktop\16561901038509529880876.jpg
[2012.03.05 18:01:19 | 000,052,352 | -H-- | M] () -- C:\Users\Julian\Desktop\280xz_grid16x8s1.jpg
[2012.03.05 18:00:59 | 000,054,713 | -H-- | M] () -- C:\Users\Julian\Desktop\280xz_grid16x8s2.jpg
[2012.03.05 18:00:18 | 000,337,566 | -H-- | M] () -- C:\Users\Julian\Desktop\2213_DSCF0050.JPG
[2012.03.05 17:58:29 | 000,184,346 | -H-- | M] () -- C:\Users\Julian\Desktop\IMG_2634.jpg
[2012.03.05 17:33:12 | 000,960,066 | RH-- | M] () -- C:\Users\Julian\Desktop\M635csi-1.bmp
[2012.03.01 13:53:53 | 000,167,514 | -H-- | M] () -- C:\Users\Julian\Desktop\muader gottes2.png
[2012.03.01 13:46:06 | 000,056,888 | -H-- | M] () -- C:\Users\Julian\Desktop\muader gottes.jpg
[2012.02.28 10:00:13 | 000,000,247 | -H-- | M] () -- C:\Users\Julian\Desktop\fillin.mid
[2012.02.28 03:32:07 | 000,061,472 | -H-- | M] () -- C:\Users\Julian\Desktop\Mercedes-W126-SEC-2.jpg
[2012.02.28 03:27:30 | 000,182,267 | -H-- | M] () -- C:\Users\Julian\Desktop\DSC03720.jpg
[2012.02.25 19:43:55 | 000,026,946 | -H-- | M] () -- C:\Users\Julian\Desktop\biersatzung.odt
[2012.02.25 09:58:19 | 000,022,578 | -H-- | M] () -- C:\Users\Julian\Desktop\mustereinervereinssatzung.pdf
[2012.02.23 04:34:45 | 000,140,294 | -H-- | M] () -- C:\Users\Julian\Desktop\fühls gut.jpg
[2012.02.21 21:44:31 | 000,077,039 | -H-- | M] () -- C:\Users\Julian\Desktop\thismustbewhatiancurtisfeltlike(1).mid
[2012.02.21 20:40:35 | 000,021,489 | -H-- | M] () -- C:\Users\Julian\Desktop\Bierlistegeordnet.ods
[2012.02.21 05:16:34 | 000,014,631 | -H-- | M] () -- C:\Users\Julian\Desktop\Bierliste.ods
[2012.02.20 06:16:43 | 000,013,834 | -H-- | M] () -- C:\Users\Julian\Desktop\HORN.odt
[2012.02.18 20:12:56 | 000,001,002 | -H-- | M] () -- C:\Users\Julian\Desktop\Dropbox.lnk
[2012.02.18 19:15:10 | 000,000,982 | -H-- | M] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.18 06:59:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.18 05:22:12 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012.03.18 04:16:21 | 000,000,416 | ---- | C] () -- C:\ProgramData\436yESnkmuyhzi
[2012.03.18 03:25:34 | 000,560,483 | -H-- | C] () -- C:\Users\Julian\Desktop\kkl.mp3
[2012.03.17 05:56:24 | 000,000,688 | -H-- | C] () -- C:\Users\Julian\Desktop\Virtual DJ Pro.lnk
[2012.03.16 00:16:02 | 000,059,695 | -H-- | C] () -- C:\Users\Julian\Desktop\one worth... whait what.dib
[2012.03.15 20:16:59 | 000,213,326 | -H-- | C] () -- C:\Users\Julian\Desktop\leknecht.jpg
[2012.03.15 18:36:31 | 000,354,440 | -H-- | C] () -- C:\Users\Julian\Desktop\cds.jpg
[2012.03.15 07:26:15 | 000,389,176 | -H-- | C] () -- C:\Users\Julian\Desktop\front cover.jpg
[2012.03.15 06:14:24 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2012.03.15 06:14:24 | 000,003,014 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2012.03.15 06:11:01 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2012.03.15 06:11:01 | 000,013,072 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2012.03.15 06:10:57 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2012.03.15 06:10:57 | 000,015,603 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2012.03.15 06:10:31 | 000,522,928 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012.03.15 06:10:31 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CD Writer.bmp
[2012.03.15 06:10:31 | 000,005,467 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CD Writer.dat
[2012.03.15 02:57:47 | 000,115,394 | -H-- | C] () -- C:\Users\Julian\Desktop\jones1.jpg
[2012.03.15 02:55:22 | 000,192,820 | -H-- | C] () -- C:\Users\Julian\Desktop\jones.jpg
[2012.03.13 19:52:08 | 000,076,538 | -H-- | C] () -- C:\Users\Julian\Desktop\bavarian pope.jpg
[2012.03.13 02:39:36 | 000,001,034 | -H-- | C] () -- C:\Users\Julian\Desktop\Musik.lnk
[2012.03.12 20:07:12 | 000,200,694 | -H-- | C] () -- C:\Users\Julian\Desktop\Bescheinigung_nach_Paragraph.pdf
[2012.03.11 02:14:08 | 000,685,510 | -H-- | C] () -- C:\Users\Julian\Desktop\3272311_700b.jpg
[2012.03.10 20:10:33 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2012.03.10 20:10:33 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2012.03.10 20:10:33 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2012.03.10 20:10:33 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2012.03.10 20:10:33 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2012.03.10 20:10:33 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2012.03.10 20:10:33 | 000,537,256 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcoms.exe
[2012.03.10 20:10:33 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2012.03.10 20:10:33 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2012.03.10 20:10:33 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2012.03.10 20:10:33 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2012.03.10 20:10:33 | 000,385,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkih.exe
[2012.03.10 20:10:33 | 000,381,608 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcfg.exe
[2012.03.10 20:10:33 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2012.03.10 20:10:33 | 000,180,904 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkppls.exe
[2012.03.10 20:10:33 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2012.03.10 20:10:33 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2012.03.10 20:10:33 | 000,001,525 | ---- | C] () -- C:\Windows\SysWow64\lxbk.loc
[2012.03.10 20:10:22 | 001,417,728 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkserv.dll
[2012.03.10 20:10:22 | 001,099,264 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkusb1.dll
[2012.03.10 20:10:22 | 000,695,808 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkcomc.dll
[2012.03.10 20:10:22 | 000,659,456 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkhbn3.dll
[2012.03.10 20:10:22 | 000,567,808 | ---- | C] () -- C:\Windows\SysNative\lxbkutil.dll
[2012.03.10 20:10:22 | 000,565,928 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkcoms.exe
[2012.03.10 20:10:22 | 000,487,424 | ---- | C] ( ) -- C:\Windows\SysNative\lxbklmpm.dll
[2012.03.10 20:10:22 | 000,409,600 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkpmui.dll
[2012.03.10 20:10:22 | 000,305,152 | ---- | C] ( ) -- C:\Windows\SysNative\LXBKhcp.dll
[2012.03.10 20:10:22 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkcomm.dll
[2012.03.10 20:10:22 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkinpa.dll
[2012.03.10 20:10:22 | 000,235,688 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkcfg.exe
[2012.03.10 20:10:22 | 000,233,128 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkih.exe
[2012.03.10 20:10:22 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkiesc.dll
[2012.03.10 20:10:22 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBKinst.dll
[2012.03.10 20:10:22 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkprox.dll
[2012.03.10 20:10:22 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\lxbkpplc.dll
[2012.03.10 20:10:22 | 000,004,431 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2012.03.10 20:10:22 | 000,001,525 | ---- | C] () -- C:\Windows\SysNative\lxbk.loc
[2012.03.10 15:48:54 | 000,088,659 | -H-- | C] () -- C:\Users\Julian\Desktop\430342_354486854575692_1332696075_n.jpg
[2012.03.07 00:55:00 | 000,078,038 | -H-- | C] () -- C:\Users\Julian\Desktop\megutmann.jpg
[2012.03.06 12:42:39 | 000,168,112 | -H-- | C] () -- C:\Users\Julian\Desktop\jnmljiji.jpg
[2012.03.05 18:05:40 | 000,098,958 | -H-- | C] () -- C:\Users\Julian\Desktop\tumblr_lzn60kd5EO1qb815co1_500.jpg
[2012.03.05 18:04:35 | 000,041,585 | -H-- | C] () -- C:\Users\Julian\Desktop\16561901038509529880876.jpg
[2012.03.05 18:01:19 | 000,052,352 | -H-- | C] () -- C:\Users\Julian\Desktop\280xz_grid16x8s1.jpg
[2012.03.05 18:00:58 | 000,054,713 | -H-- | C] () -- C:\Users\Julian\Desktop\280xz_grid16x8s2.jpg
[2012.03.05 18:00:18 | 000,337,566 | -H-- | C] () -- C:\Users\Julian\Desktop\2213_DSCF0050.JPG
[2012.03.05 17:58:28 | 000,184,346 | -H-- | C] () -- C:\Users\Julian\Desktop\IMG_2634.jpg
[2012.03.05 17:33:14 | 000,960,066 | RH-- | C] () -- C:\Users\Julian\Desktop\M635csi-1.bmp
[2012.03.01 13:53:53 | 000,167,514 | -H-- | C] () -- C:\Users\Julian\Desktop\muader gottes2.png
[2012.03.01 13:42:55 | 000,056,888 | -H-- | C] () -- C:\Users\Julian\Desktop\muader gottes.jpg
[2012.02.28 10:00:13 | 000,000,247 | -H-- | C] () -- C:\Users\Julian\Desktop\fillin.mid
[2012.02.28 03:32:06 | 000,061,472 | -H-- | C] () -- C:\Users\Julian\Desktop\Mercedes-W126-SEC-2.jpg
[2012.02.28 03:27:29 | 000,182,267 | -H-- | C] () -- C:\Users\Julian\Desktop\DSC03720.jpg
[2012.02.25 19:42:11 | 000,026,946 | -H-- | C] () -- C:\Users\Julian\Desktop\biersatzung.odt
[2012.02.25 09:58:19 | 000,022,578 | -H-- | C] () -- C:\Users\Julian\Desktop\mustereinervereinssatzung.pdf
[2012.02.23 04:34:45 | 000,140,294 | -H-- | C] () -- C:\Users\Julian\Desktop\fühls gut.jpg
[2012.02.21 21:44:30 | 000,077,039 | -H-- | C] () -- C:\Users\Julian\Desktop\thismustbewhatiancurtisfeltlike(1).mid
[2012.02.21 20:40:33 | 000,021,489 | -H-- | C] () -- C:\Users\Julian\Desktop\Bierlistegeordnet.ods
[2012.02.20 22:11:34 | 000,014,631 | -H-- | C] () -- C:\Users\Julian\Desktop\Bierliste.ods
[2012.02.18 20:12:56 | 000,001,002 | -H-- | C] () -- C:\Users\Julian\Desktop\Dropbox.lnk
[2012.02.18 19:15:10 | 000,000,982 | -H-- | C] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.01.10 19:01:28 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.10 18:48:17 | 000,000,399 | ---- | C] () -- C:\Windows\AudioConverter.INI
[2012.01.10 17:33:34 | 000,000,032 | ---- | C] () -- C:\ProgramData\aceg.ini
[2011.12.13 00:54:12 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.12.12 23:39:59 | 002,600,164 | -H-- | C] () -- C:\Users\Julian\AppData\Local\TempMediaPlay.wav
[2011.12.06 05:15:29 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2011.12.06 05:15:29 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011.12.06 03:39:53 | 000,000,016 | -H-- | C] () -- C:\Users\Julian\AppData\Roaming\msregsvv.dll
[2011.12.06 03:39:53 | 000,000,016 | ---- | C] () -- C:\ProgramData\autobk.inc
[2011.12.06 00:24:10 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2011.12.06 00:24:10 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2011.12.06 00:24:10 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2011.12.06 00:23:50 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.12.06 00:23:50 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
< End of report >
--- --- ---
Extras: Code:
OTL Extras logfile created on: 18.03.2012 07:36:08 - Run 4
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Julian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,07% Memory free
16,00 Gb Paging File | 14,29 Gb Available in Paging File | 89,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 190,53 Gb Total Space | 31,69 Gb Free Space | 16,63% Space Free | Partition Type: NTFS
Drive D: | 733,37 Gb Total Space | 617,26 Gb Free Space | 84,17% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive N: | 7,46 Gb Total Space | 5,12 Gb Free Space | 68,68% Space Free | Partition Type: FAT32
Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{272d2d79-158f-4d0e-88dc-1073df2c5f95}" = Steven Slate SSD Platinum
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{73089240-023C-11E0-9AE3-2BA1DFD72085}" = M-Audio FastTrackPro Driver 6.0.7 (x64)
"{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1" = IK Multimedia Authorization Manager version 1.0.3
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B80954EE-5CA9-4202-BB8C-0DC3E332F47F}" = Native Instruments Kontakt 3
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1" = AmpliTube 3 version 3.5.2
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"Addictive Drums" = Addictive Drums
"Adobe AIR" = Adobe AIR
"Age of Empires 2.0" = Microsoft Age of Empires II
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"Avira AntiVir Desktop" = Avira Premium Security Suite
"Babylon" = Babylon
"BBE RTAS Installer1.0.9.20r2" = BBE RTAS Installer
"BBE VST 32-bit Installer1.0.9.20r2" = BBE VST 32-bit Installer
"BBE VST 64-bit Installer1.0.9.20r2" = BBE VST 64-bit Installer
"Best Service Chris Hein Bass" = Best Service Chris Hein Bass
"BitTorrent" = BitTorrent
"broomstickbass-1.0.0" = Broomstick Bass 1.0.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"dBpoweramp CD Writer" = dBpoweramp CD Writer
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Ease Audio Converter_is1" = Ease Audio Converter 5.30
"FabFilter Pro-Q VST RTAS_is1" = FabFilter Pro-Q VST RTAS v1.0.1.6
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Google Chrome" = Google Chrome
"GridinSoft Trojan Killer" = Trojan Killer
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Line 6 Uninstaller" = Line 6 Uninstaller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Kontakt 3" = Native Instruments Kontakt 3
"Native Instruments Service Center" = Native Instruments Service Center
"SPL Analog Code Transient Designer VST RTAS_is1" = SPL Analog Code Transient Designer VST RTAS v1.1
"Steam App 10" = Counter-Strike
"Steinberg Magneto VST v1.5" = Steinberg Magneto VST v1.5
"Steven Slate SSD Platinum" = Steven Slate SSD Platinum
"Universal Audio v4.4.0 Native" = Universal Audio v4.4.0 Native
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.1.11
"Waves Complete v7_is1" = Waves Complete VST RTAS TDM v7.1.16
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.03.2012 17:37:40 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Cubase5.exe, Version: 5.1.0.105,
Zeitstempel: 0x4a1d7379 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7ba58 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033a93 ID des fehlerhaften
Prozesses: 0x418 Startzeit der fehlerhaften Anwendung: 0x01cd0160f1993410 Pfad der
fehlerhaften Anwendung: D:\Programme\Cubase5\Cubase5.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c21063c0-6d54-11e1-bbdb-002522b8753d
Error - 13.03.2012 18:08:20 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Cubase5.exe, Version: 5.1.0.105,
Zeitstempel: 0x4a1d7379 Name des fehlerhaften Moduls: 1000.dll, Version: 0.0.0.0,
Zeitstempel: 0x4bf0b752 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001b88 ID des fehlerhaften
Prozesses: 0x91c Startzeit der fehlerhaften Anwendung: 0x01cd01625ced4200 Pfad der
fehlerhaften Anwendung: D:\Programme\Cubase5\Cubase5.exe Pfad des fehlerhaften Moduls:
C:\Users\Julian\AppData\Roaming\Waves Audio\Caches\D\Cubase Zubehör\Waves\Plug-Ins\RComp.dll\XWMC\1000.dll
Berichtskennung:
0a70b8f0-6d59-11e1-9d64-002522b8753d
Error - 13.03.2012 19:08:23 | Computer Name = Julian-PC | Source = Application Hang | ID = 1002
Description = Programm Cubase5.exe, Version 5.1.0.105 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 150 Startzeit:
01cd01683c94a6f0 Endzeit: 60000 Anwendungspfad: D:\Programme\Cubase5\Cubase5.exe Berichts-ID:
3f5c89b1-6d61-11e1-af4e-002522b8753d
Error - 13.03.2012 19:10:36 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Cubase5.exe, Version: 5.1.0.105,
Zeitstempel: 0x4a1d7379 Name des fehlerhaften Moduls: Cubase5.exe, Version: 5.1.0.105,
Zeitstempel: 0x4a1d7379 Ausnahmecode: 0x40000015 Fehleroffset: 0x00c29ef9 ID des fehlerhaften
Prozesses: 0x1038 Startzeit der fehlerhaften Anwendung: 0x01cd016e0f190260 Pfad der
fehlerhaften Anwendung: D:\Programme\Cubase5\Cubase5.exe Pfad des fehlerhaften Moduls:
D:\Programme\Cubase5\Cubase5.exe Berichtskennung: bdafb5d0-6d61-11e1-af4e-002522b8753d
Error - 13.03.2012 19:26:58 | Computer Name = Julian-PC | Source = Application Hang | ID = 1002
Description = Programm Cubase5.exe, Version 5.1.0.105 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1304 Startzeit:
01cd016e8e267dd0 Endzeit: 60000 Anwendungspfad: D:\Programme\Cubase5\Cubase5.exe Berichts-ID:
da747281-6d63-11e1-af4e-002522b8753d
Error - 13.03.2012 20:49:05 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 14.03.2012 23:42:19 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 15.03.2012 20:36:51 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 16.03.2012 20:30:17 | Computer Name = Julian-PC | Source = Avira AntiVir | ID = 4118
Description = EXCEPTION calling function <Scan> for the file C:\Users\Julian\Music\Akustik
Piano Neu\Street Sounds Hip-Hop Electro Series\ELCST14 - Hip-Hop Electro 14 (1986)\Original
LP Split Tracks\Folder.jpg [ACCESS_VIOLATION Exception!! EIP = 0xe43972] Please
inform Avira and submit the appropriate file!
Error - 17.03.2012 19:32:03 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 17.03.2012 23:54:00 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:01 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:01 | Computer Name = Julian-PC | Source = DCOM | ID = 10005
Description =
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.03.2012 23:54:02 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.03.2012 00:07:25 | Computer Name = Julian-PC | Source = DCOM | ID = 10005
Description =
< End of report >
--- --- ---
danke tausendmal |
