ich habe das Problem, dass mein Upload teilweise bis an das Maximum ansteigt. Ich habe auch das Gefühl, dass er ansteigt wenn ich Programme öffne oder schließe. Bei Downloads (z.B Windows Ubdates) steigt er auf das maximal mögliche an fällt aber nach Beenden des Downloads nicht mehr ab. Selbst wenn ich augenscheinlich nichts im Internet mache habe ich dauerhaft eine Netzwerkauslastung von 0.1 bis 1%. G-Data Antivir hat bei komplett
scan nichts gefunden.
Ich nutze Windows 7 64 bit.
Habe auch schon Malewarebytes laufen lassen allerdings ohne Erfolg.
Defogger hat auch nichts gemeldet.
PHP-Code:
OTL logfile created on: 10.11.2011 08:22:38 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Daniel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,62% Memory free
8,00 Gb Paging File | 6,24 Gb Available in Paging File | 77,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 741,99 Gb Free Space | 79,66% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 1,51 Gb Free Space | 80,62% Space Free | Partition Type: FAT32
Computer Name: DANIELS-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011.11.10 08:06:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2011.11.05 07:24:24 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
PRC - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2011.04.01 11:14:34 | 000,922,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
PRC - [2011.01.20 17:51:12 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.01.22 11:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2007.06.28 15:33:30 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xTouchMon.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011.11.05 07:24:24 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2007.07.03 15:20:38 | 001,966,080 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xtkutility.dll
MOD - [2007.06.28 15:33:30 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xTouchMon.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.04.01 03:29:34 | 001,923,800 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2011.01.20 17:51:12 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2011.11.08 17:04:17 | 000,106,488 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:[b]64bit:[/b] - [2011.11.08 17:01:01 | 000,058,584 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:[b]64bit:[/b] - [2011.11.08 17:00:37 | 000,050,904 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:[b]64bit:[/b] - [2011.11.08 17:00:36 | 000,102,616 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:[b]64bit:[/b] - [2011.11.08 17:00:36 | 000,046,296 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:[b]64bit:[/b] - [2011.11.08 17:00:35 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:[b]64bit:[/b] - [2011.11.08 17:00:31 | 000,063,704 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:[b]64bit:[/b] - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2011.07.13 20:49:42 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011.07.02 23:02:43 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2011.07.02 23:02:43 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010.11.12 00:10:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2010.03.04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010.01.22 11:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010.01.22 11:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010.01.05 18:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:[b]64bit:[/b] - [2009.12.22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009.05.05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2007.02.27 09:27:00 | 000,110,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EGXFilter.sys -- (EGXFilter)
DRV:[b]64bit:[/b] - [2007.02.05 14:35:24 | 000,103,424 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xTouch.sys -- (xTouch)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE D3 9A 35 7C 78 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.14 08:23:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.09.21 17:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2011.11.08 17:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.08 17:00:40 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2011.11.06 10:56:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.10.14 08:23:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.14 08:23:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.14 08:23:57 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.14 08:23:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.14 08:23:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.14 08:23:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.14 08:23:57 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (BHO) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ClearTKHandle] C:\Program Files (x86)\TouchKit\ClearTKHandle.exe ()
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4F0248A-0E88-4E6E-8155-5A0A937EBDF3}: DhcpNameServer = 192.168.178.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b7f5bd16-ad7c-11e0-bb31-002522ae14ab}\Shell - "" = AutoRun
O33 - MountPoints2\{b7f5bd16-ad7c-11e0-bb31-002522ae14ab}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: [b]RGSC[/b] - hkey= - key= - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011.11.10 08:09:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.11.09 18:49:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.11.09 18:48:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.11.09 18:45:48 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011.11.09 18:45:30 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011.11.08 21:34:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes
[2011.11.08 21:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.08 21:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.08 21:34:06 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.08 21:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.08 21:32:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.51.2.1300.exe
[2011.11.08 20:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.11.08 20:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.11.08 19:52:30 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Daniel\Desktop\spybotsd162.exe
[2011.11.08 17:04:17 | 000,106,488 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.11.08 17:01:01 | 000,058,584 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.11.08 17:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2012
[2011.11.08 17:00:37 | 000,050,904 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2011.11.08 17:00:36 | 000,102,616 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.11.08 17:00:36 | 000,046,296 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.11.08 17:00:35 | 000,031,448 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2011.11.08 17:00:31 | 000,063,704 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2011.11.06 10:57:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4
[2011.11.06 10:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.11.06 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.11.06 10:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.11.05 09:19:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\riotsGamesLogs
[2011.11.05 09:19:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\LolClient
[2011.11.05 08:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.11.05 08:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Riot Games
[2011.11.05 07:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeagueofLegends
[2011.11.05 07:24:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\PMB Files
[2011.11.05 07:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.11.05 07:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.11.01 12:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oblivion Improved
[2011.11.01 12:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2011.11.01 12:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011.10.22 09:51:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\ANNO 2070 Closed Beta
[2011.10.22 09:32:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Chromium
[2011.10.22 09:29:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
[2011.10.22 09:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011.10.14 12:39:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\mIRC
[2011.10.14 12:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2011.10.13 08:38:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.10.13 08:31:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Daniel\AppData\Local\CDRip.dll
[2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Daniel\AppData\Local\No23 Recorder.exe
[2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Daniel\AppData\Local\basscd.dll
[2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Daniel\AppData\Local\bass.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011.11.10 08:08:40 | 000,000,000 | ---- | M] () -- C:\Users\Daniel\defogger_reenable
[2011.11.10 08:08:16 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.10 08:08:16 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.10 08:08:16 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.10 08:08:16 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.10 08:08:16 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.10 08:06:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.11.10 08:05:42 | 000,050,477 | ---- | M] () -- C:\Users\Daniel\Desktop\Defogger.exe
[2011.11.10 07:44:16 | 000,016,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.10 07:44:16 | 000,016,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.10 07:36:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.10 07:36:41 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.09 21:15:21 | 000,449,309 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2011.11.09 21:15:21 | 000,033,976 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2011.11.09 19:57:01 | 000,007,609 | ---- | M] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
[2011.11.09 19:11:31 | 000,305,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.08 21:34:09 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.08 21:32:08 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.51.2.1300.exe
[2011.11.08 19:45:14 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Daniel\Desktop\spybotsd162.exe
[2011.11.08 17:04:17 | 000,106,488 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.11.08 17:01:01 | 000,058,584 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.11.08 17:00:37 | 000,050,904 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2011.11.08 17:00:36 | 000,102,616 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.11.08 17:00:36 | 000,046,296 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.11.08 17:00:35 | 000,031,448 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2011.11.08 17:00:31 | 000,063,704 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.11.08 17:00:21 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2011.11.06 10:57:03 | 000,002,051 | ---- | M] () -- C:\Users\Daniel\Desktop\GeoGebra 4.lnk
[2011.11.05 08:54:59 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.11.03 07:39:47 | 000,001,428 | ---- | M] () -- C:\Users\Daniel\AppData\Local\RecConfig.xml
[2011.11.01 12:12:11 | 000,001,262 | ---- | M] () -- C:\Users\Daniel\Desktop\Oblivion Mod Manager.lnk
[2011.10.20 08:48:35 | 000,001,657 | ---- | M] () -- C:\Users\Daniel\Desktop\Launch_DLV_ext - Verknüpfung.lnk
[2011.10.14 12:39:03 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011.11.10 08:08:40 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\defogger_reenable
[2011.11.10 08:07:13 | 000,050,477 | ---- | C] () -- C:\Users\Daniel\Desktop\Defogger.exe
[2011.11.09 21:15:20 | 000,449,309 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.11.09 21:15:20 | 000,033,976 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2011.11.09 18:46:31 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011.11.09 18:45:19 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011.11.09 18:45:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011.11.09 18:45:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011.11.09 18:45:00 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011.11.09 18:45:00 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011.11.08 21:34:09 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.08 17:00:21 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2011.11.06 10:57:03 | 000,002,051 | ---- | C] () -- C:\Users\Daniel\Desktop\GeoGebra 4.lnk
[2011.11.05 08:54:58 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.11.01 12:12:11 | 000,001,262 | ---- | C] () -- C:\Users\Daniel\Desktop\Oblivion Mod Manager.lnk
[2011.10.20 08:48:35 | 000,001,657 | ---- | C] () -- C:\Users\Daniel\Desktop\Launch_DLV_ext - Verknüpfung.lnk
[2011.10.14 12:39:02 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2011.09.21 21:43:48 | 000,001,428 | ---- | C] () -- C:\Users\Daniel\AppData\Local\RecConfig.xml
[2011.09.14 15:22:49 | 000,001,154 | ---- | C] () -- C:\Windows\SysWow64\Touchkit_reg.ini
[2011.07.04 20:03:20 | 000,681,980 | ---- | C] () -- C:\Windows\unins000.exe
[2011.07.04 20:03:20 | 000,051,261 | ---- | C] () -- C:\Windows\unins000.dat
[2011.07.03 14:27:33 | 000,007,609 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
[2010.01.23 20:01:40 | 000,671,744 | ---- | C] () -- C:\Windows\SysWow64\spk.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Daniel\AppData\Local\lame_enc.dll
[2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbisenc.dll
[2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbisfile.dll
[2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbis.dll
[2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Daniel\AppData\Local\ogg.dll
[2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Daniel\AppData\Local\no23xwrapper.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011.09.27 16:37:53 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft
[2011.07.15 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2011.10.13 11:44:51 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2011.11.05 09:19:18 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient
[2011.10.22 09:29:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Ubisoft
[2011.11.03 07:04:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2011.09.21 17:53:02 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.07.12 17:42:59 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.08 16:52:17 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.08 21:34:05 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.11.08 21:34:09 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.11.10 08:23:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.07.30 18:59:58 | 000,000,000 | ---D | M] -- C:\temp
[2011.07.02 21:15:57 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.09 19:12:41 | 000,000,000 | ---D | M] -- C:\Windows
[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]
[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
[2007.01.18 20:09:54 | 000,623,616 | ---- | M] (Ivan Bischof ©2003 - 2005) -- C:\Users\Daniel\AppData\Local\No23 Recorder.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.manifest /3 >[/color]
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
< End of report >
Bin über jede Hilfe Dankbar.
10.11.2011, 08:47
Baum-Darstellung