Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)


Plagegeister aller Art und deren Bekämpfung: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.06.2011, 22:07   #1
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)


Moin alle zusammen nun führt mein weg doch wieder zurück zum Trojaner-Board.

Hatte letztens beim laden verschiedener Software das Problem der angehängten Software "Internet Security 2011".

Hab mich natürlich die krätze geärgert das mir das nach 4 Jahren sorglosem Surfen doch passiert.

Ich bin im abgesicherten Modus gestartet und der Sache auf den grund gegangen. Ich konnte komischerweise den Taskmanager starten und den prozess zu einer exe zurück verfolgen.

"kya.exe"

Mit der Datei suche konnte ich diese "exe" und eine "txt" datei identifizieren und entfernen. Danach öffnete sich nichts mehr von diesem Scareware Programm.


Nachdem habe ich mit Security Essentials (Microsoft), Malewarebytes und S&D alle restlichen viren/spyware/maleware entfernt.

Jedoch funktionieren seitdem keine Updates mehr, welches ein großes problem für mich ist.





Mit Combofix und OTL hab ich ein Log erstellt.


OTL EXTRAS Logfile:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.06.2011 22:54:15 - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Justin\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 79,18% Memory free
11,99 Gb Paging File | 10,58 Gb Available in Paging File | 88,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 90,75 Gb Free Space | 30,44% Space Free | Partition Type: NTFS
Drive D: | 1397,26 Gb Total Space | 617,24 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 447,30 Gb Free Space | 96,06% Space Free | Partition Type: NTFS
 
Computer Name: JUSTINS-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.113
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00B4-0407-1000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-003B-0000-1000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007D-0409-1000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
"{95140000-007F-0407-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-Bit
"{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B49673F8-7AB6-4A14-8213-C8A7BE370010}" = UltraMon
"{CC7D4CC8-FE90-17E2-FAC6-3D14C93DCE09}" = AMD Drag and Drop Transcoding
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D29E5E5F-47CA-087E-DCBF-FB75171D5B2E}" = ccc-utility64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.1a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{135F49F2-9071-F45A-4263-DF7D42FBF7DD}" = CCC Help English
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3F66C4BF-4BD9-FF9C-FA9F-4579F60A33B3}" = Catalyst Control Center Graphics Previews Vista
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{554E5DE9-4670-452D-8157-FCB81C502D65}" = ShadowProtect Desktop
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8850DEC8-22FD-4F05-A3AA-49B91200C24F}" = ShadowProtect Desktop
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A914AE85-1A36-0575-714C-BF996BDA20C7}" = ccc-core-static
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AE249BA3-2421-3996-5E9A-DF4A9F3551FC}" = Catalyst Control Center InstallProxy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC7BED89-618B-4E89-8ADF-75D47F276223}" = Pinnacle Studio 15 Ultimate Collection Plugins
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DB8B49A9-7CF1-34DB-6DF2-1EC41C0FE5E1}" = Catalyst Control Center Graphics Previews Common
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EF6E3398-7BB4-4A1C-B43A-D53ABEB1999F}" = HFM.NET 0.6.1.251
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F30787F6-EA4F-4BC8-0001-398BDCC33E1E}" = MovieSaver*3.0
"{FC030CB5-46A6-4229-AD6E-0AC869F509C8}" = Pinnacle Studio Bonus Content
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"APB Reloaded" = APB Reloaded
"BeyondCompare3_is1" = Beyond Compare Version 3.1.11
"BitTorrent" = BitTorrent
"FileZilla Client" = FileZilla Client 3.4.0
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"HD Tune Pro_is1" = HD Tune Pro 3.10
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"JDownloader" = JDownloader
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Magic Bullet Looks Studio 15" = Magic Bullet Looks Studio 15
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"MyFreeCodec" = MyFreeCodec
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"RocketDock_is1" = RocketDock 1.3.5
"Simple Internet Meter" = Simple Internet Meter
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 41500" = Torchlight
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 630" = Alien Swarm
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Trapcode 3DStroke Studio 15" = Trapcode 3DStroke Studio 15
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio 15" = Trapcode Shine Studio 15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"VMware_Workstation" = VMware Workstation
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winmx Community 1" = Winmx Community 1
"winpcap-nmap" = winpcap-nmap 4.02
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"MyFreeCodec" = MyFreeCodec
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7005
 
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7005
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8019
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8019
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9017
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9017
 
Error - 23.06.2011 16:52:38 | Computer Name = Justins-PC | Source = Schedule | ID = 0
Description = 
 
[ System Events ]
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
 
< End of report >
--- --- ---

--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.06.2011 22:57:54 - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Justin\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,46 Gb Available Physical Memory | 74,44% Memory free
11,99 Gb Paging File | 10,26 Gb Available in Paging File | 85,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 90,74 Gb Free Space | 30,44% Space Free | Partition Type: NTFS
Drive D: | 1397,26 Gb Total Space | 617,24 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 447,30 Gb Free Space | 96,06% Space Free | Partition Type: NTFS
 
Computer Name: JUSTINS-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2011.06.23 13:18:48 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.06.23 12:19:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.02 12:57:06 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.03.25 23:51:46 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.03.25 23:51:32 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.03.25 23:51:20 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2010.11.16 23:31:48 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010.01.22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.12.21 09:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.02.14 03:53:56 | 000,210,432 | ---- | M] (Realtime Soft Ltd) -- C:\Programme\UltraMon\RTSUltraMonHookX32.dll
MOD - [2010.02.14 03:52:06 | 000,325,120 | ---- | M] (Realtime Soft Ltd) -- C:\Programme\UltraMon\UltraMonResButtons.dll
MOD - [2009.07.14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.10.08 07:18:46 | 000,697,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV:64bit: - [2010.10.08 07:18:46 | 000,056,592 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV:64bit: - [2010.10.08 07:18:44 | 000,957,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV:64bit: - [2010.09.29 03:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.06.23 13:18:48 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.02 12:57:06 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.25 23:51:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.03.25 23:51:32 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.03.25 23:51:20 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.03.25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010.07.15 19:11:08 | 000,067,616 | ---- | M] (StorageCraft Technology Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\vsnapvss.exe -- (VSNAPVSS)
SRV - [2010.07.15 19:09:22 | 001,657,376 | ---- | M] (StorageCraft Technology Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe -- (ShadowProtectSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.03.25 23:52:38 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.03.25 23:52:34 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.03.25 23:50:52 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011.03.25 23:50:44 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.03.25 22:27:36 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.03.25 20:04:58 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.03.25 20:04:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.01.03 10:38:36 | 000,177,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.01.03 10:38:36 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.01.03 10:38:36 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.11.09 08:52:33 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.10.25 11:10:22 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.10.25 11:03:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.10.15 16:23:41 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010.09.29 04:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.09.29 03:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.09.02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010.09.02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010.08.16 12:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.15 18:48:20 | 000,217,632 | ---- | M] (StorageCraft Technology Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stcvsm.sys -- (stcvsm)
DRV:64bit: - [2010.07.09 14:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010.03.17 12:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.03.02 20:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.01.22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.07.31 12:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.09 17:56:06 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.15 22:13:08 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010.10.25 11:03:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010.08.19 13:56:38 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008.11.14 03:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE B8 37 63 9D E5 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6483
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 12:19:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.23 12:35:00 | 000,000,000 | ---D | M]
 
[2010.11.09 08:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\mozilla\Extensions
[2011.05.01 00:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions
[2011.05.01 00:02:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.01 00:02:18 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions\engine@plasmoo.com
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\searchplugins\plasmoo.xml
[2011.03.19 16:52:43 | 000,001,583 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\searchplugins\web-search.xml
[2011.06.21 22:09:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.09 23:09:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.09 14:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.06.23 12:19:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.06.23 22:45:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.23 22:24:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.23 22:52:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.06.23 22:50:15 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011.06.23 22:46:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.06.23 22:43:26 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.06.23 22:39:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.06.23 22:39:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.06.23 22:39:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.06.23 22:39:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.06.23 22:39:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.06.23 22:38:15 | 004,135,090 | R--- | C] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2011.06.23 22:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.06.23 22:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2011.06.23 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.06.23 22:18:48 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\PackageAware
[2011.06.23 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.06.23 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.06.23 12:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.06.23 12:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.06.21 22:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.06.21 22:15:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.06.21 18:52:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\Documents\ICQ
[2011.06.21 11:07:36 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{AEC54154-E298-420C-A62F-65063180C5A8}
[2011.06.20 18:18:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{CF0E8247-F42B-4A51-892E-2486920F1522}
[2011.06.20 17:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011.06.20 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{08FF1306-6C83-4A00-812F-64BEAF6035B0}
[2011.06.20 03:17:41 | 000,000,000 | ---D | C] -- C:\avktmp
[2011.06.20 00:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\nE28247HgJmF28247
[2011.06.19 23:45:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{3B49D928-1761-44FE-B5B1-819147491BC0}
[2011.06.19 11:44:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{765EC9CA-2B70-4E60-8472-93EB2F03D312}
[2011.06.19 01:50:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.06.18 15:16:50 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9458BF69-934D-485C-9E06-69768D52B77E}
[2011.06.17 10:30:33 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{0BEF3957-B07A-402A-94DB-EAEADE8B76D9}
[2011.06.16 11:46:42 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{A2A7DF3F-3095-471B-997C-297E5993AA49}
[2011.06.15 23:46:17 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{1C077B33-3059-4718-959D-A9F0FB4F3647}
[2011.06.15 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{DD28D64C-99FD-495C-9701-FC4FA281B470}
[2011.06.14 23:45:28 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9F50A274-932B-428A-89FC-941540AECDFF}
[2011.06.14 11:45:16 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{52EDC7F5-E92D-4C26-8D0F-D38856C8492A}
[2011.06.13 23:44:51 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{F810E773-FC2D-4658-8AB0-E5CAD996447B}
[2011.06.13 17:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
[2011.06.13 17:01:50 | 000,000,000 | ---D | C] -- C:\Programme\CrystalDiskMark
[2011.06.13 16:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
[2011.06.13 16:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
[2011.06.13 16:56:43 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\hd tune pro
[2011.06.13 15:42:13 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\Vogel
[2011.06.13 11:44:26 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9B15E19D-4575-4204-B61A-6656935099F2}
[2011.06.12 11:37:38 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{18D9A83C-2AC4-4250-ABA5-6592202529E0}
[2011.06.11 21:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.06.11 18:56:39 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{B7CEDDBB-ECA3-49CA-890F-49C258851B20}
[2011.06.09 16:40:11 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{49737F2E-56A7-43A9-B94F-31167011EAEE}
[2011.06.08 18:21:58 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{77838E10-8757-4A04-85BE-77E46522557B}
[2011.06.07 16:34:13 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E7CFA76D-2785-4D05-B71E-AF152773AE4F}
[2011.06.06 16:17:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{8B517B1C-4C64-486C-9A20-5281FDD0CE88}
[2011.06.05 22:39:38 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{62BD8C7B-95CF-4B49-BAE7-CE2EE89CD45E}
[2011.06.05 10:39:17 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E28171D1-15C0-4AEF-91EE-F01908D8B40B}
[2011.06.04 10:24:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{F92890FF-1BAE-45D4-871A-15A4DAE9C0DB}
[2011.06.03 23:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA
[2011.06.03 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{D8333509-A29D-4ED3-8E12-99E312B5E1BA}
[2011.06.02 23:31:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{75922FCE-02E2-4ED0-80F0-9BFDDC191F29}
[2011.06.02 23:29:06 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\PunkBuster
[2011.06.02 21:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.06.02 21:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2011.06.02 21:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2011.06.02 11:31:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{13102B78-EA9B-4276-B9CE-74866B568C53}
[2011.06.01 20:57:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Artisteer
[2011.06.01 20:54:21 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\Artisteer
[2011.06.01 18:58:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{6B492914-CDD5-452C-9E51-C4D644E1AB49}
[2011.05.31 21:52:25 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E349716F-38C2-45CE-BF80-A6CF311A63CE}
[2011.05.30 20:54:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\Documents\gegl-0.0
[2011.05.30 20:54:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\.gimp-2.6
[2011.05.30 20:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011.05.30 20:54:35 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0
[2011.05.30 19:50:06 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{8CC7172A-B917-40F7-AE2A-6C99E49BD72B}
[2011.05.29 22:29:04 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{A00A899C-9050-45F5-8281-D9D21A2F82C9}
[2011.05.29 10:29:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{38035D52-CDD8-4DAF-82F1-B3BA68C95FB8}
[2011.05.28 16:50:00 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{AB44ACBB-2F7A-4F63-8315-331A3879312E}
[2011.05.27 19:31:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E14A3A57-57B8-4B5E-8586-5C5C0D9751D7}
[2011.05.26 15:03:51 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{D75FD3FD-58C1-4577-ADCD-0CE98DB56DF4}
[2011.05.25 20:14:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{07164B29-CFFE-45F4-92D1-3603DCFBFB35}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Justin\Desktop\*.tmp files -> C:\Users\Justin\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.23 22:52:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.23 22:52:22 | 535,433,215 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.23 22:51:10 | 000,000,020 | ---- | M] () -- C:\Users\Justin\defogger_reenable
[2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011.06.23 22:50:04 | 000,050,477 | ---- | M] () -- C:\Users\Justin\Desktop\Defogger.exe
[2011.06.23 22:45:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.06.23 22:39:00 | 004,135,090 | R--- | M] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2011.06.23 22:24:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2011.06.23 16:10:43 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.23 16:10:43 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.23 13:23:49 | 000,270,632 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.23 13:23:49 | 000,270,632 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.23 13:18:56 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.06.23 13:18:48 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.23 12:25:28 | 000,000,036 | ---- | M] () -- C:\Users\Justin\AppData\Local\housecall.guid.cache
[2011.06.23 11:27:27 | 000,067,879 | ---- | M] () -- C:\Users\Justin\Desktop\006.jpg
[2011.06.23 11:26:40 | 000,033,622 | ---- | M] () -- C:\Users\Justin\Desktop\dm_8000_0.jpg
[2011.06.23 09:47:39 | 001,513,152 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.23 09:47:39 | 000,658,712 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.23 09:47:39 | 000,620,594 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.23 09:47:39 | 000,132,010 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.23 09:47:39 | 000,108,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.21 22:15:45 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.06.21 22:15:16 | 001,534,178 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.20 17:28:12 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.06.20 03:04:46 | 000,013,012 | -HS- | M] () -- C:\Users\Justin\AppData\Local\0tu10km5tq8
[2011.06.20 03:04:46 | 000,013,012 | -HS- | M] () -- C:\ProgramData\0tu10km5tq8
[2011.06.19 22:29:16 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.06.19 22:25:27 | 000,005,120 | ---- | M] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.16 13:37:10 | 000,030,253 | ---- | M] () -- C:\Users\Justin\Desktop\617koh.jpg
[2011.06.16 10:06:28 | 000,482,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.14 16:41:58 | 000,002,022 | -H-- | M] () -- C:\Users\Justin\Documents\Default.rdp
[2011.06.13 17:13:39 | 000,000,079 | ---- | M] () -- C:\Users\Justin\AppData\Local\CrystalDiskMark30.ini
[2011.06.13 17:01:51 | 000,001,794 | ---- | M] () -- C:\Users\Justin\Desktop\CrystalDiskMark.lnk
[2011.06.13 15:41:49 | 002,830,916 | ---- | M] () -- C:\Users\Justin\Desktop\Vogel.rar
[2011.06.02 22:09:37 | 3805,508,496 | ---- | M] () -- C:\Users\Justin\Client1.5.0.562750.7z
[2011.05.30 20:54:49 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Justin\Desktop\*.tmp files -> C:\Users\Justin\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.23 22:51:10 | 000,000,020 | ---- | C] () -- C:\Users\Justin\defogger_reenable
[2011.06.23 22:50:03 | 000,050,477 | ---- | C] () -- C:\Users\Justin\Desktop\Defogger.exe
[2011.06.23 22:39:36 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.06.23 22:39:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.06.23 22:39:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.06.23 22:39:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.06.23 22:39:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.06.23 22:24:36 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2011.06.23 12:35:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.23 12:25:28 | 000,000,036 | ---- | C] () -- C:\Users\Justin\AppData\Local\housecall.guid.cache
[2011.06.23 11:27:27 | 000,067,879 | ---- | C] () -- C:\Users\Justin\Desktop\006.jpg
[2011.06.23 11:26:39 | 000,033,622 | ---- | C] () -- C:\Users\Justin\Desktop\dm_8000_0.jpg
[2011.06.22 11:10:27 | 000,270,632 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.22 11:10:26 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.21 22:15:09 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.06.20 17:28:12 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.06.20 04:37:17 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.06.20 00:53:02 | 000,013,012 | -HS- | C] () -- C:\Users\Justin\AppData\Local\0tu10km5tq8
[2011.06.20 00:53:02 | 000,013,012 | -HS- | C] () -- C:\ProgramData\0tu10km5tq8
[2011.06.16 13:37:08 | 000,030,253 | ---- | C] () -- C:\Users\Justin\Desktop\617koh.jpg
[2011.06.13 17:01:53 | 000,000,079 | ---- | C] () -- C:\Users\Justin\AppData\Local\CrystalDiskMark30.ini
[2011.06.13 17:01:51 | 000,001,794 | ---- | C] () -- C:\Users\Justin\Desktop\CrystalDiskMark.lnk
[2011.06.13 15:41:47 | 002,830,916 | ---- | C] () -- C:\Users\Justin\Desktop\Vogel.rar
[2011.06.02 23:29:09 | 000,270,632 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.02 23:26:02 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.06.02 21:28:30 | 3805,508,496 | ---- | C] () -- C:\Users\Justin\Client1.5.0.562750.7z
[2011.05.30 20:54:49 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.12 19:18:42 | 000,005,120 | ---- | C] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.08 14:41:06 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.08 14:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.03.08 14:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.03.08 14:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.03.08 14:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.02.27 13:13:41 | 000,372,736 | ---- | C] () -- C:\Windows\SysWow64\RSLSP.dll
[2011.02.04 22:24:55 | 000,000,022 | ---- | C] () -- C:\Windows\simpwt.dat
[2011.01.21 13:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2010.12.29 02:35:00 | 000,004,758 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Cabos.plist
[2010.11.27 21:32:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.09 09:33:25 | 001,534,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.08 17:14:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.08 16:59:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.10.06 09:16:00 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.03.15 22:13:10 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== LOP Check ==========
 
[2011.06.23 22:45:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\AIMP
[2011.06.01 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Artisteer
[2011.06.14 13:00:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\BitTorrent
[2010.12.29 02:35:00 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Cabos
[2010.11.20 20:09:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Canneverbe Limited
[2011.06.20 13:59:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DNA
[2011.05.01 00:02:15 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.27 13:22:57 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Engelmann Media
[2011.06.02 23:13:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\FileZilla
[2010.11.26 16:53:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Folding@home-x86
[2010.12.21 17:57:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\HFM
[2011.06.22 22:34:06 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ICQ
[2010.12.29 03:11:07 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\LimeWire
[2011.02.21 22:22:46 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\LockHunter
[2011.05.14 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\runic games
[2010.12.12 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Samsung
[2010.11.09 10:29:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Scooter Software
[2011.02.27 14:02:37 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Sytexis Software
[2011.04.12 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TeamViewer
[2011.03.30 20:39:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Thinstall
[2010.11.12 11:43:34 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TightVNC
[2011.05.18 10:38:25 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TS3Client
[2011.06.23 22:52:38 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:618D0840
 
< End of report >
--- --- ---
Geändert von Flow-De (23.06.2011 um 22:36 Uhr)

 

Themen zu Updateprobleme jeweder Software(Nach Internet Security 2011 befall)
32-bit, adobe, alternate, black, c:\windows\system32\rundll32.exe, call of duty, combofix, converter, cpu-z, device driver, document, enigma, error, excel, excel.exe, exe, fehler, flash player, format, grand theft auto, internet, jdownloader, langs, launch, logfile, microsoft office word, microsoft security, mozilla, mp3, nodrives, plug-in, problem, prozess, registry, rundll, scan, searchplugins, security, server, shell32.dll, shortcut, software, sptd.sys, start menu, studio, syswow64, taskmanager, teamspeak, usb, usb 3.0, windows


« Jegliche Einstellungen mit Scrolleigenschaft oder Auswahl werden immer nach oben Gescrollt | Firefox und Thunderbird starten nicht mehr ! »


Ähnliche Themen: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)


  1. Bitdefender Internet Security 2011 Kostenlos für 365 Tage
    Antiviren-, Firewall- und andere Schutzprogramme - 18.12.2011 (10)
  2. Avira-Scan von Desinfect 2011 meldet Adware.Gen in G-Data Internet Security
    Plagegeister aller Art und deren Bekämpfung - 02.08.2011 (4)
  3. Win 7 Internet Security 2011 -Virus
    Log-Analyse und Auswertung - 21.06.2011 (15)
  4. Avg Free Edition 2011 vs. AVG Internet Security 2011
    Antiviren-, Firewall- und andere Schutzprogramme - 24.05.2011 (8)
  5. Kaspersky Internet Security 2011 speichert keine Regeln mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 23.05.2011 (6)
  6. WIN7 Internet Security 2011 VIRUS! Vollständig entfernt?
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (5)
  7. Win 7 Internet Security 2011 entfernen
    Log-Analyse und Auswertung - 15.05.2011 (18)
  8. Win 7 Internet Security 2011 -> Fake! Wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 15.05.2011 (23)
  9. kaspersky internet security 2011
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (13)
  10. XP Internet Security 2011
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (13)
  11. win 7 internet security 2011 <-- wie grieg ich den troyaner weg?
    Plagegeister aller Art und deren Bekämpfung - 31.03.2011 (5)
  12. XP Anti-Spyware 2011, Vista Security 2011, Win 7 Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 18.02.2011 (2)
  13. Probleme mit Kaspersky Internet Security 2011
    Antiviren-, Firewall- und andere Schutzprogramme - 25.01.2011 (2)
  14. Personal Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 29.12.2010 (2)
  15. Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 20.12.2010 (2)
  16. Kaspersky 2011: Internet Security als Kostprobe
    Nachrichten - 11.05.2010 (0)
  17. Nach Befall mit Internet Security 2010: Treiber für LAN, WLAN, Bluetooth defekt
    Plagegeister aller Art und deren Bekämpfung - 25.01.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Moin alle zusammen nun führt mein weg doch wieder zurück zum Trojaner-Board. Hatte letztens beim laden verschiedener Software das Problem der angehängten Software "Internet Security 2011". Hab mich natürlich die - Updateprobleme jeweder Software(Nach Internet Security 2011 befall)...
Archiv
Du betrachtest: Updateprobleme jeweder Software(Nach Internet Security 2011 befall) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19