8 Verschiedene Funde von Avira Antivir
Hi,
Avira Antivir hat mehrere Funde gemacht : /
Unter anderem folgende:
Spy.ZBot.aygb
Infected.WebPage.Gen
TR/Crypt.XPACK.Gen
Vundo.Gen
HIDDENEXT/Crypted
TR/Dldr.CodecPack.afbk
TR/Crypt.ZPACK.Gen
TR/Crypt.XPACK.Gen3
Avira Antivir: Code:
Exportierte Ereignisse:
19.01.2011 19:16 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\google.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.ZBot.aygb' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 17:49 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\HTANKR4P\f_7[1].js'
wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen' [virus]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 17:49 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\HTANKR4P\f_7[1].js'
wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen' [virus]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 17:48 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\google.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.ZBot.aygb' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 17:48 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\google.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.ZBot.aygb' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\kdqo.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\kdqo.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\lubik.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Vundo.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\kdqo.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\lubik.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Vundo.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\SD4U9H2H\tyfnhc[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Vundo.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:42 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\lubik.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Vundo.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\SD4U9H2H\xavdxsz[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\vvifjepc.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6EIIY4Z8\xbvqxsa[1].htm'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Crypted' [heuristic]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6O5V36SY\xbvqxsa[1].htm'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Crypted' [heuristic]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\IJF5P3K2\tyfnhc[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Vundo.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6EIIY4Z8\xavdxsz[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6O5V36SY\xavdxsz[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6O5V36SY\xbvqxsa[2].htm'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Crypted' [heuristic]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\6O5V36SY\mmaucwe[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\IJF5P3K2\cptrlg[1].htm'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Crypted' [heuristic]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\vvifjepc.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\SD4U9H2H\xavdxsz[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:41 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\vvifjepc.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.CodecPack.afbk' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\IJF5P3K2\cptrlg[2].htm'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Crypted' [heuristic]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\IJF5P3K2\mmaucwe[1].htm'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\meoaswncrx.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\meoaswncrx.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\meoaswncrx.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\meoaswncrx.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\cormsawnxe.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\cormsawnxe.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\cormsawnxe.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.01.2011 16:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Tobias\AppData\Local\Temp\cormsawnxe.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
MBAM Log: Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5554
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
19.01.2011 19:41:29
mbam-log-2011-01-19 (19-41-29).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 414103
Laufzeit: 55 Minute(n), 57 Sekunde(n)
Infizierte Speicherprozesse: 3
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 6
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 18
Infizierte Speicherprozesse:
c:\Windows\SysWOW64\AutoChks.exe (Malware.Generic) -> 4872 -> Unloaded process successfully.
c:\Windows\SysWOW64\aspimgr.exe (Trojan.Agent) -> 1624 -> Unloaded process successfully.
c:\Users\Tobias\AppData\Local\Temp\Ihj.exe (Trojan.FakeAlert) -> 5396 -> Unloaded process successfully.
Infizierte Speichermodule:
c:\Users\Tobias\AppData\Local\wmcoce.dll (Trojan.TDSS) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspimgr (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Sft (Backdoor.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ewobezo (Trojan.TDSS) -> Value: Ewobezo -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Auto Check Utility (Malware.Generic) -> Value: Auto Check Utility -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Auto File System Conversion Utility (Malware.Generic) -> Value: Auto File System Conversion Utility -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\JP595IR86O (Trojan.FakeAlert) -> Value: JP595IR86O -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Tobias\AppData\Local\wmcoce.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\AutoChks.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\Windows\System32\AutoChks.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\autoconvs.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\6O5V36SY\qhlkrzhf[1].htm (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\SD4U9H2H\iztbjhowu[2].htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\SD4U9H2H\qhlkrzhf[1].htm (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\Temp\fenpcn.exe (Malware.Generic) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\Temp\tvljxpe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\Temp\wxrmenoacs.exe (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\System32\aspimgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\aspimgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\s32.txt (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\ws386.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Tobias\AppData\Local\Temp\Ihj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Otl: Code:
OTL logfile created on: 19.01.2011 19:54:12 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Tobias\Documents\MFtools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,83 Gb Total Space | 790,26 Gb Free Space | 85,73% Space Free | Partition Type: NTFS
Computer Name: TOBIAS-DELL | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tobias\AppData\Local\Temp\Ihm.exe (Adobe Flash Player)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Tobias\Documents\MFtools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
========== Modules (SafeList) ==========
MOD - C:\Users\Tobias\Documents\MFtools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (TabletServiceWacom) -- C:\Windows\SysNative\Wacom_Tablet.exe (Wacom Technology, Corp.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (RoxMediaDB10) -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (HerculesDJControlMP3) -- C:\Programme\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE ()
SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\DRIVERS\RxFilter.sys File not found
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HDJMidi) -- C:\Windows\SysNative\drivers\HDJMidi.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (Bulk) -- C:\Windows\SysNative\drivers\HDJBulk.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (HDJAsioK) -- C:\Windows\SysNative\drivers\HDJAsioK.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (OV550I) -- C:\Windows\SysNative\drivers\ov550ivx.sys (Omnivision Technologies, Inc.)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.07 01:29:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.18 19:03:27 | 000,000,000 | ---D | M]
[2010.01.27 20:30:12 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions
[2011.01.19 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\aj4glnmh.default\extensions
[2010.06.25 18:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\aj4glnmh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.19 22:51:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.18 19:03:07 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.26 12:46:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.26 12:46:50 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.26 12:46:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.26 12:46:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.26 12:46:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\system32\EptMon64.DLL File not found
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\system32\THXCfg64.DLL File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [Ewobezo] C:\Users\Tobias\AppData\Local\wmcoce.DLL File not found
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.01.19 18:38:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.01.19 18:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.01.19 16:41:46 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspimgr.exe_
[2011.01.19 16:40:45 | 000,223,744 | ---- | C] (Adobe Flash Player) -- C:\Windows\Ixapaa.exe
[2011.01.12 19:12:01 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.01.12 19:12:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.01.12 19:12:01 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.01.12 19:12:01 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.01.12 19:12:01 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.01.12 19:12:01 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.01.12 19:12:01 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.01.12 19:12:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.01.12 19:12:00 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.01.12 19:12:00 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.01.12 19:12:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.01.12 19:12:00 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.01.12 19:12:00 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.01.12 19:12:00 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.01.12 19:12:00 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.01.12 19:12:00 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.01.12 19:12:00 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.01.12 19:12:00 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.01.12 19:12:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.01.12 19:12:00 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.01.12 19:11:59 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.12 19:11:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.01.12 19:11:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.01.12 19:11:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.01.12 19:11:59 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.01.12 19:11:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.01.12 19:11:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.01.12 19:11:57 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.01.12 19:11:57 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.01.05 12:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teachmaster 4.3
[2010.12.31 13:17:51 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\luzid
[2010.12.28 15:40:19 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\vlc
[2010.12.28 15:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VLC
[2010.12.28 15:34:35 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\PowerDVD DX
[2010.12.28 15:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.12.21 15:57:46 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\Jailbreak
[2010.01.27 20:48:57 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Tobias\AppData\Roaming\DataSafeDotNet.exe
========== Files - Modified Within 30 Days ==========
[2011.01.19 19:50:35 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.01.19 19:50:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.19 19:50:20 | 3113,545,728 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.19 19:49:21 | 000,000,115 | ---- | M] () -- C:\Users\Tobias\Desktop\8 Verschiedene Funde von Avira Antivir - Trojaner-Board.URL
[2011.01.19 18:40:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.19 16:51:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.19 16:51:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.19 16:41:46 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aspimgr.exe_
[2011.01.19 16:40:36 | 000,223,744 | ---- | M] (Adobe Flash Player) -- C:\Windows\Ixapaa.exe
[2011.01.15 19:38:55 | 000,000,084 | ---- | M] () -- C:\Users\Tobias\Desktop\YouTube - Bispen Flybys Round Two [Original Video].URL
[2011.01.15 00:49:54 | 000,000,082 | ---- | M] () -- C:\Users\Tobias\Desktop\Apple - iTunes - Countdown auf 10 Milliarden Apps.URL
[2011.01.12 23:40:33 | 000,004,116 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\wklnhst.dat
[2011.01.10 19:15:21 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.01.10 19:15:21 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.10 19:08:04 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.01.05 12:28:33 | 000,001,109 | ---- | M] () -- C:\Users\Tobias\Desktop\Teachmaster 4.3.lnk
[2011.01.01 19:31:34 | 000,013,485 | ---- | M] () -- C:\Windows\SysNative\Wacom_Tablet.dat
[2010.12.30 00:52:24 | 000,000,835 | ---- | M] () -- C:\Users\Tobias\.recently-used.xbel
[2010.12.29 22:48:48 | 004,455,765 | ---- | M] () -- C:\Users\Tobias\Documents\Test.xcf
[2010.12.25 18:42:33 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.12.22 23:54:04 | 001,575,072 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.22 23:54:04 | 000,691,718 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.12.22 23:54:04 | 000,647,732 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.22 23:54:04 | 000,145,316 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.12.22 23:54:04 | 000,118,862 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.22 23:53:53 | 001,574,212 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.21 22:32:26 | 000,018,432 | ---- | M] () -- C:\Users\Tobias\Documents\Deutsch.wps
========== Files Created - No Company Name ==========
[2011.01.19 19:49:21 | 000,000,115 | ---- | C] () -- C:\Users\Tobias\Desktop\8 Verschiedene Funde von Avira Antivir - Trojaner-Board.URL
[2011.01.19 19:44:01 | 000,000,290 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.01.19 18:38:50 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.15 19:38:55 | 000,000,084 | ---- | C] () -- C:\Users\Tobias\Desktop\YouTube - Bispen Flybys Round Two [Original Video].URL
[2011.01.15 00:49:54 | 000,000,082 | ---- | C] () -- C:\Users\Tobias\Desktop\Apple - iTunes - Countdown auf 10 Milliarden Apps.URL
[2010.12.30 00:52:24 | 000,000,835 | ---- | C] () -- C:\Users\Tobias\.recently-used.xbel
[2010.12.29 22:48:47 | 004,455,765 | ---- | C] () -- C:\Users\Tobias\Documents\Test.xcf
[2010.12.21 17:28:45 | 000,018,432 | ---- | C] () -- C:\Users\Tobias\Documents\Deutsch.wps
[2010.12.21 14:26:16 | 001,575,072 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.15 20:08:09 | 000,000,000 | ---- | C] () -- C:\Users\Tobias\AppData\Local\rx_image32.Cache
[2010.08.27 19:02:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.07.05 22:57:25 | 000,017,408 | ---- | C] () -- C:\Users\Tobias\AppData\Local\WebpageIcons.db
[2010.05.22 09:47:17 | 000,000,350 | ---- | C] () -- C:\Windows\doom3.ini
[2010.03.26 20:00:50 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.02.09 17:24:15 | 000,004,116 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\wklnhst.dat
[2010.01.08 17:12:28 | 000,001,112 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2010.01.08 17:12:28 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2010.01.08 17:12:28 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2010.01.08 17:12:27 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.01.08 17:12:27 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.10.20 19:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010.10.03 17:37:28 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\.minecraft
[2010.05.17 16:14:28 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Ambient Design
[2010.09.10 16:33:17 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DAEMON Tools Lite
[2010.09.26 15:57:13 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DNA
[2010.06.25 18:39:13 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.25 13:46:30 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Escepia WarFinder
[2010.12.18 19:03:27 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Foxit
[2010.12.30 00:52:29 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\gtk-2.0
[2010.08.18 01:05:40 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\HLSW
[2011.01.19 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\ICQ
[2010.06.26 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\LolClient
[2010.11.14 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Need for Speed World
[2010.08.20 16:25:35 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\pokerth
[2010.02.12 23:51:39 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Publish Providers
[2010.02.12 23:51:37 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Sony
[2010.10.17 11:13:39 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\streamripper
[2010.02.09 17:24:34 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Template
[2010.02.04 15:20:17 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\TS3Client
[2010.01.30 12:03:58 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Ubisoft
[2010.06.10 13:36:24 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Unigraphics Solutions
[2010.11.13 22:22:12 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.01.19 19:50:35 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
< End of report >
Otl Extras: Code:
OTL Extras logfile created on: 19.01.2011 19:54:12 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Tobias\Documents\MFtools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,83 Gb Total Space | 790,26 Gb Free Space | 85,73% Space Free | Partition Type: NTFS
Computer Name: TOBIAS-DELL | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21185083-5C3F-45E1-A52F-1279E0724967}" = iTunes
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8A70B027-4813-B42B-FF66-04E58417028A}" = ccc-utility64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.7.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{063E409E-3D7C-4A4A-95AB-2F124B9224B3}" = ArcSoft PhotoImpression 6
"{065FD621-FE29-F086-8B68-26C40F2568F6}" = CCC Help Spanish
"{07B0A8BD-DC56-9391-029D-901B537C0EE5}" = CCC Help Finnish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0A4DBC25-3DD9-9503-24D9-268112B62076}" = CCC Help Hungarian
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1518157C-607B-2B60-B121-EAB7042C75AB}" = Skins
"{157AB353-60BB-E1A7-4E79-15C35655C694}" = CCC Help English
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B70920B-70FC-C906-623C-F366B0F7DB53}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E76329-0ED8-E755-2C14-07C80621DF7E}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{27427D07-F798-0398-997C-525E982BF0BE}" = Catalyst Control Center Core Implementation
"{28A25B98-A2E9-89A5-FCF3-DF93B9564775}" = CCC Help Italian
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{33B436A1-64C1-1726-2209-E69BF2DFE138}" = CCC Help Czech
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44047051-85A6-83A1-0B76-0A4EF34F82B2}" = Catalyst Control Center Localization All
"{482A6D85-E279-9B0F-8D36-091F3B64B787}" = Catalyst Control Center Graphics Previews Common
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4FB805E5-9716-C5D0-9114-65C78E3098DD}" = CCC Help Swedish
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5A3B69A7-C63E-7F9B-55DD-CD65F7440FED}" = CCC Help Danish
"{5B1EF562-C533-9035-D6BB-7BD5C6D9DC3F}" = Catalyst Control Center Graphics Full Existing
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{63892687-346C-6868-029C-A1BCCCACC4C0}" = CCC Help Chinese Traditional
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6C3BF763-2CC5-2E20-4491-DF399C05C547}" = CCC Help Greek
"{6F4ED9D9-0854-C415-7BD6-908380D81518}" = Catalyst Control Center Graphics Full New
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{877335C1-A573-6B0B-9635-DFD043E4445A}" = CCC Help Norwegian
"{886F91D5-4B45-45DC-938E-6B0276C6B015}" = Solid Edge V20
"{89286F5B-4B78-41DE-9982-B7AD010DE01B}" = *tmx englisch
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8EBA7A74-9CB9-1336-8F32-2E503E6D530F}" = CCC Help French
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90F1906E-C084-9499-DFC3-E8A191B1E259}" = Catalyst Control Center Graphics Light
"{92AF2F5A-4407-4A03-A80A-5A2582264746}" = Crysis(R) SP Demo
"{934328D5-F05A-8749-2915-EDCBE9DBBC61}" = CCC Help Polish
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{995C73F0-2853-45DF-030F-DFEEB000BC10}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"{A2767DE2-385F-2A50-592F-FB7B041926DE}" = CCC Help Chinese Standard
"{A4601B40-79E2-4E67-EB56-8A77B9D03839}" = CCC Help Dutch
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AACCF0A0-B426-9DA1-7900-7CDA55C674BE}" = CCC Help Korean
"{AE09704D-9051-4C25-B940-77F889F0C93F}" = OVTScanner_Vista64
"{B1AFAA4E-AE88-3B08-E40A-FB1D64F0F880}" = CCC Help Thai
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6C07454-A9BC-D101-1DA7-B41E95008200}" = CCC Help Turkish
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2B9D3E1-B7FB-00FB-A14C-664B13174ED4}" = CCC Help Russian
"{C3006EEA-E54F-4CF4-A966-F7BB9FBD7EB8}_is1" = Escepia WarFinder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E41E6CB8-AD30-A818-EA5D-0C6A92E51D0C}" = CCC Help Japanese
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA8F8D1C-0565-BD71-BFC3-57A21E8AA6FD}" = Catalyst Control Center Graphics Previews Vista
"{EC409A8A-525C-3F44-5266-13FAE4E5BF7B}" = ccc-core-static
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASIO4ALL" = ASIO4ALL
"Ask Toolbar_is1" = Foxit Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Blender" = Blender (remove only)
"CSStrat" = CSStrat
"ERUNT_is1" = ERUNT 1.1j
"FL Studio 9" = FL Studio 9
"FLV Player" = FLV Player 2.0 (build 25)
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"GeoGebra" = GeoGebra
"Graffiti Studio 2.0_is1" = Graffiti Studio 2.0
"Hardcore" = Hardcore
"HLSW_is1" = HLSW v1.3.2.1
"hon" = Heroes of Newerth
"IL Download Manager" = IL Download Manager
"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"Sawer" = Sawer
"Steam App 10" = Counter-Strike
"Steam App 11020" = TrackMania Nations Forever
"Steam App 12910" = Audiosurf Demo
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 400" = Portal
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Streamripper" = Streamripper (Remove only)
"Teachmaster 4.3" = Teachmaster 4.3 (nur Entfernen)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Toxic Biohazard" = Toxic Biohazard
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 1.1.5
"Wacom Tablet Driver" = Wacom Tablett
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"Xfire" = Xfire (remove only)
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2010 12:04:45 | Computer Name = Tobias-Dell | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4d094ebe Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4d0a5da7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x02bbd499
ID
des fehlerhaften Prozesses: 0xebc Startzeit der fehlerhaften Anwendung: 0x01cba836825a14b7
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\****\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
84bc8975-142e-11e0-9b5c-002564ed9a80
Error - 31.12.2010 08:39:35 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 31.12.2010 10:13:53 | Computer Name = Tobias-Dell | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4d094ebe Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4d0a5da7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x01dcd499
ID
des fehlerhaften Prozesses: 0x10f4 Startzeit der fehlerhaften Anwendung: 0x01cba8f1883359b3
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\****\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
31dc6f62-14e8-11e0-b019-002564ed9a80
Error - 31.12.2010 13:48:08 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 31.12.2010 13:48:31 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\sepsearchhelperie.dll" in Zeile 2. Ungültige XML-Syntax.
Error - 01.01.2011 11:39:12 | Computer Name = Tobias-Dell | Source = TabletServiceWacom | ID = 1
Description =
Error - 01.01.2011 12:51:20 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 01.01.2011 12:52:01 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\sepsearchhelperie.dll" in Zeile 2. Ungültige XML-Syntax.
Error - 01.01.2011 20:35:56 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 01.01.2011 20:36:34 | Computer Name = Tobias-Dell | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll". Fehler
in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
pack\search helper\sepsearchhelperie.dll" in Zeile 2. Ungültige XML-Syntax.
[ System Events ]
Error - 31.07.2010 19:10:47 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 02.08.2010 04:23:05 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 02.08.2010 04:23:12 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 03.08.2010 07:28:19 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 03.08.2010 07:28:26 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 03.08.2010 08:55:17 | Computer Name = Tobias-Dell | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?08.?2010 um 14:48:39 unerwartet heruntergefahren.
Error - 03.08.2010 08:55:18 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 03.08.2010 08:55:28 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
Error - 03.08.2010 11:30:52 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 03.08.2010 11:30:56 | Computer Name = Tobias-Dell | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
RxFilter
< End of report >
MFG Tobi |
