Aus Sicherheitsgründen wurde ihre Windows systemherstellung blockiert Trojaner

Roc · 09.01.2012, 02:54

Guten Abend,

wie anscheinend schon mehrere habe ich auch das problem mit dem Trojaner. Nach ca.10 min internetverbindung erscheint: Achtung Aus Sicherheitsgründen wurde ihre Windows systemherstellung blockiert, dann geht garnichts mehr, außerdem werden noch 50€ gefordert. Ich habe nun überhaupt keine Ahnung was ich nun machen muss und hoffe sehr das mir jemand hilft.

MfG

kira · 09.01.2012, 06:46

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

Roc · 09.01.2012, 19:01

Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.01.08.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
x :: x [Administrator]

Schutz: Aktiviert

09.01.2012 16:19:11
mbam-log-2012-01-09 (16-19-11).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 291534
Laufzeit: 45 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Roc · 09.01.2012, 19:02

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 09.01.2012 16:12:28 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 55,27% Memory free
7,96 Gb Paging File | 5,97 Gb Available in Paging File | 75,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 402,72 Gb Free Space | 89,36% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: x | User Name: x | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Daniel\Desktop\24960-OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\60c320dbe033e8ff4830cdc059933f2c\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.startup.homepage: "hxxp://search.imesh.com/"
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.18 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.08 03:45:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.04 00:10:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Daniel\AppData\Roaming\5043 [2011.11.19 01:14:11 | 000,000,000 | ---D | M]
 
[2011.06.25 17:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2011.11.12 23:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions
[2011.06.25 17:05:53 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.11.12 23:59:09 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.11.04 00:05:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\welcome@toolmin.com
[2011.06.25 17:05:52 | 000,002,497 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\szfr3tp7.default\searchplugins\SearchResults.xml
[2011.11.10 00:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.18 19:31:02 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011.11.19 01:14:11 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\DANIEL\APPDATA\ROAMING\5043
[2012.01.08 03:45:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 21:21:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.03 21:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.03 21:21:11 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 21:21:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.04 00:05:37 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
[2011.06.25 17:05:52 | 000,002,497 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.03 21:21:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 21:21:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Mozilla Firefox] C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{590F8133-C064-4BB6-9FA0-00BD017A0412}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9443097F-9960-484F-9F44-D5F904231400}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.09 16:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.09 16:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.09 16:09:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\24960-OTL.exe
[2012.01.09 00:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.01.09 00:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.01.04 23:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vocabulary
[2012.01.04 23:56:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Eigene Vokabelhefte
[2011.12.27 22:38:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Media Player Classic
[2011.12.27 22:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.12.27 22:37:52 | 000,839,680 | ---- | C] (www) -- C:\Windows\SysWow64\lameACM.acm
[2011.12.27 22:36:18 | 016,534,924 | ---- | C] (                                                            ) -- C:\Users\Daniel\Desktop\K-Lite_Codec_Pack_790_Full.exe
[2011.12.27 22:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.12.27 09:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.12.16 11:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.12.16 00:54:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 00:54:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 00:54:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 00:54:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 00:54:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 00:54:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 00:54:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.16 00:54:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.16 00:54:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.16 00:54:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.16 00:54:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.15 20:59:28 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 20:59:28 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.15 20:54:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.09 16:16:01 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.09 16:16:01 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.09 16:13:22 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.09 16:12:35 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.09 16:12:35 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.09 16:12:35 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.09 16:12:35 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.09 16:12:35 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.09 16:08:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.09 16:07:53 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.09 12:28:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\24960-OTL.exe
[2012.01.09 00:36:06 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000UA.job
[2012.01.09 00:36:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000Core.job
[2012.01.08 23:36:29 | 000,003,480 | ---- | M] () -- C:\bootsqm.dat
[2012.01.08 21:44:01 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.08 19:56:56 | 005,605,280 | ---- | M] () -- C:\Users\Daniel\Desktop\winf programmieren S.125.pdf
[2012.01.08 18:23:05 | 000,043,101 | ---- | M] () -- C:\Users\Daniel\Desktop\SII Lo sungen.pdf
[2012.01.08 17:53:28 | 000,088,359 | ---- | M] () -- C:\Users\Daniel\Desktop\Lösung Bilanz PK2.pdf
[2012.01.08 17:52:04 | 000,090,178 | ---- | M] () -- C:\Users\Daniel\Desktop\Bilanzierung Probeklasur2.pdf
[2012.01.08 17:50:19 | 000,616,654 | ---- | M] () -- C:\Users\Daniel\Desktop\KLR Skript Zsfassung.pdf
[2012.01.07 02:15:34 | 506,111,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.04 23:56:26 | 000,003,093 | ---- | M] () -- C:\Users\Daniel\Desktop\Vocabulary 2004.lnk
[2012.01.03 03:01:59 | 001,843,358 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0481.JPG
[2012.01.03 03:01:58 | 002,002,497 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0479.JPG
[2012.01.03 03:01:58 | 001,912,178 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0478.JPG
[2012.01.03 03:01:58 | 001,819,277 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0480.JPG
[2011.12.27 22:37:04 | 016,534,924 | ---- | M] (                                                            ) -- C:\Users\Daniel\Desktop\K-Lite_Codec_Pack_790_Full.exe
[2011.12.16 11:44:56 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.16 11:10:09 | 000,457,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.09 16:13:22 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.08 23:36:29 | 000,003,480 | ---- | C] () -- C:\bootsqm.dat
[2012.01.08 21:44:01 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.08 19:56:56 | 005,605,280 | ---- | C] () -- C:\Users\Daniel\Desktop\winf programmieren S.125.pdf
[2012.01.08 18:23:05 | 000,043,101 | ---- | C] () -- C:\Users\Daniel\Desktop\SII Lo sungen.pdf
[2012.01.08 17:53:28 | 000,088,359 | ---- | C] () -- C:\Users\Daniel\Desktop\Lösung Bilanz PK2.pdf
[2012.01.08 17:52:04 | 000,090,178 | ---- | C] () -- C:\Users\Daniel\Desktop\Bilanzierung Probeklasur2.pdf
[2012.01.08 17:50:19 | 000,616,654 | ---- | C] () -- C:\Users\Daniel\Desktop\KLR Skript Zsfassung.pdf
[2012.01.04 23:56:26 | 000,003,093 | ---- | C] () -- C:\Users\Daniel\Desktop\Vocabulary 2004.lnk
[2012.01.04 23:56:26 | 000,003,053 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vocabulary 2004.lnk
[2012.01.03 03:00:56 | 001,843,358 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0481.JPG
[2012.01.03 03:00:55 | 002,002,497 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0479.JPG
[2012.01.03 03:00:55 | 001,819,277 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0480.JPG
[2012.01.03 03:00:54 | 001,912,178 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0478.JPG
[2011.12.27 22:37:52 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.12.27 22:37:52 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.12.27 22:37:52 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011.12.27 22:37:51 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.12.27 22:34:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.16 11:44:56 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.19 01:14:01 | 000,000,072 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\blckdom.res
[2011.05.06 17:57:32 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.01 20:56:00 | 000,001,164 | ---- | C] () -- C:\Users\Daniel\AppData\Local\9A5FF4EA.il
[2011.05.01 20:56:00 | 000,000,280 | ---- | C] () -- C:\Users\Daniel\AppData\Local\IndexIE_9A5FF4EA.il
[2011.04.26 23:10:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.22 20:09:31 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.02.26 20:12:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.26 19:56:26 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.12.07 15:46:03 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.07 15:05:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

--- --- ---

Roc · 09.01.2012, 19:05

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 09.01.2012 16:12:28 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 55,27% Memory free
7,96 Gb Paging File | 5,97 Gb Available in Paging File | 75,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 402,72 Gb Free Space | 89,36% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: DROGOSCH | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{982C480E-5BE0-2714-E584-83E88F8A31C3}" = ccc-utility64
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E69F8CE0-7EA0-63A9-5A5B-D8FD9BDCC219}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"{03148a20-37c5-4966-a0af-13cf1040e10f}" = Nero 9 Essentials
"{063541C9-B4CA-CD49-080C-AEDE45067CEB}" = CCC Help Portuguese
"{07580AC7-1B74-92E7-F405-9AD4019CA577}" = CCC Help Thai
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{10AD2C1F-9825-F220-7870-CD7B946D367E}" = CCC Help Spanish
"{1B192700-C368-49C1-BF81-D2F9BA065534}" = Catalyst Control Center - Branding
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{23E26695-3815-012F-1CAF-C6C3564DBCBF}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29A4502B-1FA5-72E0-92F1-AC8F2EF16D51}" = CCC Help Danish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{320795BA-446B-C1F7-9560-CC171192DC21}" = CCC Help Turkish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{334BEF1F-EE5B-295F-BED0-728F7F45328B}" = CCC Help Polish
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{47772E7F-6942-B7A3-1B31-74D30343064B}" = CCC Help Norwegian
"{485E3D4A-35FB-CED2-3CF5-FAD4CCFE46BD}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6D25EA-5390-CEE6-305E-F28B192C806C}" = CCC Help Finnish
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{557018DC-309C-5BCC-0587-B2D86BA20613}" = CCC Help Greek
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{704ED517-BB7F-7654-2185-627ACCB20179}" = Catalyst Control Center Localization All
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B284AC2-4756-6779-9274-FE20EE9216B7}" = Catalyst Control Center InstallProxy
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{800BE8AA-C912-E42D-E97F-BA533A2C851F}" = CCC Help Korean
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{83429F57-1A80-EB5B-8E60-C215D025A18B}" = CCC Help Italian
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A49FC1A9-B40E-4C2E-86B1-0F2C6B00DD60}" = Vocabulary
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3119BF5-2502-B6A6-45AA-A1FE5D82FFD7}" = CCC Help Russian
"{B4C7BC58-3914-9EF9-E2B9-52216DFE899D}" = Catalyst Control Center Graphics Previews Vista
"{B722FA60-A6EF-A3F5-DD4B-C826CDA16114}" = CCC Help Japanese
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC7BBA77-7C6F-115C-4B47-0E3EE2610C13}" = CCC Help German
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCCC93B-F646-EB40-4AB1-55D4BE0E5D30}" = CCC Help Dutch
"{DBD55196-4BE4-CAAC-1447-4AF6657EEAD6}" = CCC Help Czech
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1161FE3-E090-512B-BE20-AA276C2766CA}" = CCC Help Swedish
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B8B8A6-BBD9-0B5F-1AA1-A95161C16247}" = CCC Help Chinese Traditional
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E5F1F9B2-90C3-83E2-888F-2725AACA93BD}" = CCC Help French
"{E87C0C8B-82D6-7C51-B1A3-01EAF3314F7F}" = CCC Help English
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2E90747-42A1-E42F-C104-48239458946A}" = CCC Help Chinese Standard
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDDB05A-1B35-453B-47B5-AD75809BBBF9}" = PX Profile Update
"7-Zip" = 7-Zip 9.20
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Canon MP280 series Benutzerregistrierung" = Canon MP280 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Identity Card" = Identity Card
"iMesh 1 MediaBar" = MediaBar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Packard Bell MyBackup
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"toolplugin" = toolplugin
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.01.2012 02:05:59 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 19063
 
Error - 01.01.2012 02:06:00 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.01.2012 02:06:00 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 20077
 
Error - 01.01.2012 02:06:00 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20077
 
Error - 01.01.2012 08:50:25 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.01.2012 08:50:25 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 24285300
 
Error - 01.01.2012 08:50:25 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 24285300
 
Error - 01.01.2012 08:52:17 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.01.2012 08:52:17 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 998
 
Error - 01.01.2012 08:52:17 | Computer Name = Drogosch | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 998
 
[ Cisco AnyConnect VPN Client Events ]
Error - 02.05.2011 14:13:10 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: URL::URL File: .\Utility\URL.cpp Line: 36 Invoked Function:
 URL::setURL Return Code: -28508150 (0xFE4D000A) Description: URL_ERROR_BAD_URL 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CHttpSessionAsync::OnTransportInitiateComplete File: .\IP\HttpSessionAsync.cpp
Line:
 1002 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
 -31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1175 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
 1020 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
 (0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
 not contact target 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 856 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28901363 (0xFE47000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 02.05.2011 14:13:18 | Computer Name = Drogosch | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
 190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901363 (0xFE47000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 02.05.2011 14:14:54 | Computer Name = Drogosch | Source = vpnui | ID = 67108866
Description = Function: ClientIfcBase::autoConnectIfEnabled File: .\ClientIfcBase.cpp
Line:
 570 Invoked Function: ClientIfcBase::connect Return Code: -33554422 (0xFE00000A) Description:
 GLOBAL_ERROR_UNKNOWN 
 
Error - 02.05.2011 14:14:54 | Computer Name = Drogosch | Source = vpnui | ID = 67108865
Description = Function: ClientIfcBase::attach File: .\ClientIfcBase.cpp Line: 494 autoConnectIfEnabled()
 failed
 
Error - 02.05.2011 14:15:41 | Computer Name = Drogosch | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.
 
[ System Events ]
Error - 08.01.2012 19:57:54 | Computer Name = Drogosch | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?01.?2012 um 00:56:31 unerwartet heruntergefahren.
 
Error - 09.01.2012 11:09:28 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:29 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:29 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:30 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:30 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:31 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:31 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:32 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 09.01.2012 11:09:33 | Computer Name = Drogosch | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
 
< End of report >

--- --- ---

Roc · 09.01.2012, 19:06

Hoffe das ist auch richtig so?

mfg

Roc · 09.01.2012, 19:12

7-Zip 9.20 21.11.2011
Acrobat.com Adobe Systems Incorporated 06.12.2010 1,61MB 1.6.65
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 19.11.2011 6,00MB 11.1.102.55
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 19.11.2011 6,00MB 11.1.102.55
Adobe Reader X (10.1.1) - Deutsch Adobe Systems Incorporated 14.09.2011 165,9MB 10.1.1
Apple Application Support Apple Inc. 01.12.2011 61,1MB 2.1.6
Apple Mobile Device Support Apple Inc. 17.11.2011 24,4MB 4.0.0.97
Apple Software Update Apple Inc. 10.07.2011 2,38MB 2.1.3.127
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 06.12.2010 1.0.0.36
ATI Catalyst Install Manager ATI Technologies, Inc. 25.02.2011 22,4MB 3.0.795.0
Avira AntiVir Personal - Free Antivirus Avira GmbH 13.10.2011 69,3MB 10.2.0.704
Bonjour Apple Inc. 14.10.2011 2,00MB 3.0.0.10
Canon Easy-PhotoPrint EX 26.04.2011
Canon Easy-WebPrint EX 13.10.2011
Canon MP Navigator EX 4.0 26.04.2011
Canon MP280 series Benutzerregistrierung 26.04.2011
Canon MP280 series MP Drivers 26.04.2011
Canon My Printer 26.04.2011
Canon Solution Menu EX 26.04.2011
CCleaner Piriform 08.01.2012 3.14
CyberLink MediaEspresso CyberLink Corp. 06.12.2010 217MB 6.0.1027_32100
DivX-Setup DivX, LLC 03.11.2011 2.6.0.34
Facebook Video Calling 1.0.0.8953 Skype Limited 13.11.2011 3,93MB 1.0.8953
HomeMedia CyberLink Corporation 25.02.2011 2.0.8423
iCloud Apple Inc. 01.12.2011 31,2MB 1.0.2.17
Identity Card Packard Bell 25.02.2011 1.00.3003
Intel(R) Management Engine Components Intel Corporation 07.12.2010 7.0.0.1144
Intel(R) Rapid Storage Technology Intel Corporation 07.12.2010 10.0.0.1046
iTunes Apple Inc. 15.12.2011 170,5MB 10.5.2.11
Java(TM) 6 Update 26 Oracle 28.05.2011 97,1MB 6.0.260
K-Lite Codec Pack 7.9.0 (Full) 26.12.2011 52,8MB 7.9.0
Launch Manager Packard Bell 25.02.2011 5.0.3
Malwarebytes Anti-Malware Version 1.60.0.1800 Malwarebytes Corporation 07.01.2012 18,6MB 1.60.0.1800
MediaBar iMesh Inc. 24.06.2011 3.0.0.107547
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 24.04.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 24.04.2011 2,94MB 4.0.30319
Microsoft Office 2010 Microsoft Corporation 25.02.2011 6,31MB 14.0.4763.1000
Microsoft Office Enterprise 2007 Microsoft Corporation 11.06.2011 12.0.6425.1000
Microsoft Office File Validation Add-In Microsoft Corporation 15.09.2011 7,95MB 14.0.5130.5003
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 16.05.2011 14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 16.05.2011 14.0.4763.1000
Microsoft Silverlight Microsoft Corporation 13.10.2011 80,3MB 4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 25.02.2011 1,70MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 09.06.2011 0,77MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 09.06.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 06.12.2010 0,77MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.06.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 06.12.2010 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 06.12.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 0,59MB 9.0.30729.6161
MobileMe Control Panel Apple Inc. 27.10.2011 12,9MB 3.1.8.0
Mozilla Firefox 9.0.1 (x86 de) Mozilla 07.01.2012 36,4MB 9.0.1
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 21.04.2011 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 21.04.2011 1,33MB 4.20.9876.0
Nero 9 Essentials Nero AG 06.12.2010
OpenOffice.org 3.3 OpenOffice.org 28.05.2011 415MB 3.3.9567
Packard Bell MyBackup NTI Corporation 06.12.2010 348MB 3.0.0.69
Packard Bell Power Management Packard Bell 06.12.2010 6.00.3000
Packard Bell Recovery Management Packard Bell 25.02.2011 5.00.3002
Packard Bell Registration Packard Bell 25.02.2011 1.03.3003
Packard Bell ScreenSaver Packard Bell 25.02.2011 1.1.1025.2010
Packard Bell Social Networks CyberLink Corp. 06.12.2010 26,1MB 2.0.2211
Packard Bell Updater Packard Bell 06.12.2010 1.02.3001
QuickTime Apple Inc. 27.10.2011 73,3MB 7.71.80.42
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 06.12.2010 6.0.1.6254
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 06.12.2010 6.1.7600.30123
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 25.02.2011 1,00MB 2.0.26.0
Synaptics Pointing Device Driver Synaptics Incorporated 25.02.2011 46,4MB 15.1.6.0
toolplugin 03.11.2011
Video Web Camera CyberLink Corp. 25.02.2011 33,1MB 1.0.1216
Vocabulary Benni Pfauth 03.01.2012 2,57MB 1.0.0.0
Windows Live Essentials Microsoft Corporation 26.02.2011 15.4.3502.0922
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 25.02.2011 5,58MB 15.4.5722.2
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 25.02.2011 27,5MB 2.0.82.0

kira · 10.01.2012, 09:35

1.
deinstalliere in der Systemsteuerung unter Programme:

Code:

ATTFilter

MediaBar iMesh

ist ein Risikofaktor!

2.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

4.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Packardbell | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Packardbell | MSN
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.startup.homepage: "http://search.imesh.com/"
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
[2011.06.25 17:05:53 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.11.04 00:05:37 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\welcome@toolmin.com
[2011.06.25 17:05:52 | 000,002,497 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\szfr3tp7.default\searchplugins\SearchResults.xml
[2011.10.03 21:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.04 00:05:37 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
[2011.06.25 17:05:52 | 000,002,497 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.03 21:21:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2:64bit: - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
[2012.01.09 00:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.01.09 00:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.01.09 00:36:06 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000UA.job
[2012.01.09 00:36:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000Core.job

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

5.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

6.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

7.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Roc · 10.01.2012, 22:08

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Prefs.js: "Search the web" removed from browser.search.defaultenginename
Prefs.js: "Search the web" removed from browser.search.order.1
Prefs.js: "Search the web" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.imesh.com/" removed from browser.startup.homepage
Prefs.js: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" removed from keyword.URL
Prefs.js: "*.local" removed from network.proxy.no_proxies_on
Prefs.js: 0 removed from network.proxy.type
C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\szfr3tp7.default\user.js moved successfully.
Folder C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found.
C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\welcome@toolmin.com\chrome\content folder moved successfully.
C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\welcome@toolmin.com\chrome folder moved successfully.
C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions\welcome@toolmin.com folder moved successfully.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\szfr3tp7.default\searchplugins\SearchResults.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search the web.src moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ not found.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\ not found.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{28387537-e3f9-4ed7-860c-11e69af4a8a0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\ not found.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll deleted successfully.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\datamngr.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll deleted successfully.
File C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\x64\IEBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\IEBHO.dll not found.
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1462826721-1297699023-1566032460-1000Core.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Daniel
->Temp folder emptied: 1861329 bytes
->Temporary Internet Files folder emptied: 1638802 bytes
->Java cache emptied: 15559941 bytes
->FireFox cache emptied: 57175857 bytes
->Flash cache emptied: 565 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2425418 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 75,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01102012_220416

Files\Folders moved on Reboot...
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Roc · 10.01.2012, 23:12

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 01/10/2012 at 10:49 PM

Application Version : 5.0.1142

Core Rules Database Version : 8119
Trace Rules Database Version: 5931

Scan type : Complete Scan
Total Scan Time : 00:36:44

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 701
Memory threats detected : 0
Registry items scanned : 72321
Registry threats detected : 0
File items scanned : 66917
File threats detected : 3

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SZFR3TP7.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-SoftonicDownloader
C:\USERS\DANIEL\DOWNLOADS\SOFTONICDOWNLOADER_FUER_MALWAREBYTES-ANTI-MALWARE.EXE
C:\USERS\DANIEL\DOWNLOADS\SOFTONICDOWNLOADER_FUER_WINDOWS-LIVE-MOVIE-MAKER.EXE

Roc · 10.01.2012, 23:24

Guten Abend,

Habe nun alles gemacht und während des online scans trat der Virus wieder auf
und blockierte das System, dann ging wieder nichts so wie zuvor.
Was soll ich nun machen?

Mfg

kira · 11.01.2012, 07:11

1.
Lösche:

Zitat:

Softonic Downloader

Anleitung für FF:
-> Add-ons deinstallieren
-> Firefox mit Add-ons anpassen
-> Löschen: Firefox Add-Ons endgültig löschen | PcBeirat.de

im Internet Explorer Add-ons bzw. Erweiterungen deaktivieren/löschen ::
Verwalten von Add-Ons in Internet Explorer 9
Internet Explorer 9 Addons – installieren, deaktivieren, löschen und optimieren

2.
TDSSKiller von Kaspersky

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
deaktiviere vorübergehend dein AntiVirus-Programm
Starte die TDSSKiller.exe durch Doppelklick.
Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
Bestätige das ggfs. mit Y(es).
Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.

Hier findest Du eine ausführlichere Anleitung.

3.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Roc · 11.01.2012, 23:26

hi,

tddskiller hat nichts gefunden

Roc · 11.01.2012, 23:27

2012/01/11 23:13:33.0753 4624 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2012/01/11 23:13:33.0766 4624 ================================================================================
2012/01/11 23:13:33.0766 4624 SystemInfo:
2012/01/11 23:13:33.0766 4624
2012/01/11 23:13:33.0766 4624 OS Version: 6.1.7601 ServicePack: 1.0
2012/01/11 23:13:33.0766 4624 Product type: Workstation
2012/01/11 23:13:33.0766 4624 ComputerName: x
2012/01/11 23:13:33.0766 4624 UserName: Daniel
2012/01/11 23:13:33.0766 4624 Windows directory: C:\Windows
2012/01/11 23:13:33.0766 4624 System windows directory: C:\Windows
2012/01/11 23:13:33.0766 4624 Running under WOW64
2012/01/11 23:13:33.0766 4624 Processor architecture: Intel x64
2012/01/11 23:13:33.0766 4624 Number of processors: 8
2012/01/11 23:13:33.0766 4624 Page size: 0x1000
2012/01/11 23:13:33.0766 4624 Boot type: Normal boot
2012/01/11 23:13:33.0766 4624 ================================================================================
2012/01/11 23:13:34.0065 4624 Initialize success
2012/01/11 23:13:35.0970 1328 ================================================================================
2012/01/11 23:13:35.0970 1328 Scan started
2012/01/11 23:13:35.0970 1328 Mode: Manual;
2012/01/11 23:13:35.0970 1328 ================================================================================
2012/01/11 23:13:36.0412 1328 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2012/01/11 23:13:36.0459 1328 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2012/01/11 23:13:36.0499 1328 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2012/01/11 23:13:36.0578 1328 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2012/01/11 23:13:36.0620 1328 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2012/01/11 23:13:36.0659 1328 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2012/01/11 23:13:36.0749 1328 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2012/01/11 23:13:36.0811 1328 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2012/01/11 23:13:36.0842 1328 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2012/01/11 23:13:36.0874 1328 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2012/01/11 23:13:36.0897 1328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2012/01/11 23:13:37.0105 1328 amdkmdag (b8660fb5431f136635fb6446ac67faae) C:\Windows\system32\DRIVERS\atikmdag.sys
2012/01/11 23:13:37.0178 1328 amdkmdap (5fc9d833f726383d9d60205f5a3cf16b) C:\Windows\system32\DRIVERS\atikmpag.sys
2012/01/11 23:13:37.0200 1328 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2012/01/11 23:13:37.0244 1328 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2012/01/11 23:13:37.0285 1328 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2012/01/11 23:13:37.0307 1328 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2012/01/11 23:13:37.0384 1328 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2012/01/11 23:13:37.0428 1328 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2012/01/11 23:13:37.0445 1328 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2012/01/11 23:13:37.0488 1328 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2012/01/11 23:13:37.0544 1328 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2012/01/11 23:13:37.0651 1328 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
2012/01/11 23:13:37.0739 1328 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
2012/01/11 23:13:37.0806 1328 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
2012/01/11 23:13:37.0829 1328 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
2012/01/11 23:13:37.0863 1328 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2012/01/11 23:13:37.0929 1328 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2012/01/11 23:13:37.0980 1328 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2012/01/11 23:13:38.0106 1328 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2012/01/11 23:13:38.0188 1328 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2012/01/11 23:13:38.0205 1328 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2012/01/11 23:13:38.0238 1328 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2012/01/11 23:13:38.0266 1328 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2012/01/11 23:13:38.0298 1328 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2012/01/11 23:13:38.0320 1328 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2012/01/11 23:13:38.0339 1328 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2012/01/11 23:13:38.0366 1328 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2012/01/11 23:13:38.0412 1328 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2012/01/11 23:13:38.0463 1328 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2012/01/11 23:13:38.0511 1328 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2012/01/11 23:13:38.0552 1328 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2012/01/11 23:13:38.0608 1328 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2012/01/11 23:13:38.0624 1328 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2012/01/11 23:13:38.0678 1328 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2012/01/11 23:13:38.0745 1328 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2012/01/11 23:13:38.0786 1328 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2012/01/11 23:13:38.0822 1328 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2012/01/11 23:13:38.0891 1328 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2012/01/11 23:13:38.0917 1328 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2012/01/11 23:13:38.0962 1328 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2012/01/11 23:13:39.0001 1328 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2012/01/11 23:13:39.0067 1328 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2012/01/11 23:13:39.0185 1328 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2012/01/11 23:13:39.0235 1328 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2012/01/11 23:13:39.0273 1328 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2012/01/11 23:13:39.0319 1328 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2012/01/11 23:13:39.0346 1328 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2012/01/11 23:13:39.0378 1328 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2012/01/11 23:13:39.0409 1328 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2012/01/11 23:13:39.0431 1328 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2012/01/11 23:13:39.0445 1328 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2012/01/11 23:13:39.0492 1328 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2012/01/11 23:13:39.0513 1328 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2012/01/11 23:13:39.0544 1328 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2012/01/11 23:13:39.0593 1328 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2012/01/11 23:13:39.0612 1328 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2012/01/11 23:13:39.0672 1328 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2012/01/11 23:13:39.0750 1328 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2012/01/11 23:13:39.0825 1328 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2012/01/11 23:13:39.0874 1328 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2012/01/11 23:13:39.0899 1328 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2012/01/11 23:13:39.0916 1328 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2012/01/11 23:13:39.0937 1328 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2012/01/11 23:13:39.0990 1328 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2012/01/11 23:13:40.0045 1328 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2012/01/11 23:13:40.0109 1328 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2012/01/11 23:13:40.0170 1328 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2012/01/11 23:13:40.0230 1328 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2012/01/11 23:13:40.0276 1328 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
2012/01/11 23:13:40.0387 1328 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2012/01/11 23:13:40.0433 1328 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2012/01/11 23:13:40.0534 1328 IntcAzAudAddService (f4c031439501f6c1d336a36d7cb58f4f) C:\Windows\system32\drivers\RTKVHD64.sys
2012/01/11 23:13:40.0596 1328 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2012/01/11 23:13:40.0639 1328 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2012/01/11 23:13:40.0688 1328 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2012/01/11 23:13:40.0735 1328 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2012/01/11 23:13:40.0765 1328 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2012/01/11 23:13:40.0810 1328 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2012/01/11 23:13:40.0831 1328 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2012/01/11 23:13:40.0867 1328 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2012/01/11 23:13:40.0893 1328 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2012/01/11 23:13:40.0942 1328 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2012/01/11 23:13:40.0970 1328 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2012/01/11 23:13:41.0006 1328 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2012/01/11 23:13:41.0024 1328 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2012/01/11 23:13:41.0070 1328 L1C (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys
2012/01/11 23:13:41.0143 1328 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2012/01/11 23:13:41.0201 1328 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2012/01/11 23:13:41.0226 1328 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2012/01/11 23:13:41.0244 1328 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2012/01/11 23:13:41.0264 1328 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2012/01/11 23:13:41.0286 1328 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2012/01/11 23:13:41.0381 1328 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
2012/01/11 23:13:41.0433 1328 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2012/01/11 23:13:41.0459 1328 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2012/01/11 23:13:41.0494 1328 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
2012/01/11 23:13:41.0519 1328 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2012/01/11 23:13:41.0555 1328 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2012/01/11 23:13:41.0585 1328 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2012/01/11 23:13:41.0618 1328 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2012/01/11 23:13:41.0643 1328 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2012/01/11 23:13:41.0677 1328 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2012/01/11 23:13:41.0707 1328 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2012/01/11 23:13:41.0733 1328 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2012/01/11 23:13:41.0767 1328 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2012/01/11 23:13:41.0807 1328 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2012/01/11 23:13:41.0829 1328 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2012/01/11 23:13:41.0857 1328 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2012/01/11 23:13:41.0887 1328 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2012/01/11 23:13:41.0919 1328 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2012/01/11 23:13:41.0933 1328 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2012/01/11 23:13:41.0950 1328 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2012/01/11 23:13:42.0003 1328 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2012/01/11 23:13:42.0029 1328 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2012/01/11 23:13:42.0053 1328 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2012/01/11 23:13:42.0102 1328 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2012/01/11 23:13:42.0125 1328 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2012/01/11 23:13:42.0143 1328 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2012/01/11 23:13:42.0160 1328 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2012/01/11 23:13:42.0188 1328 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2012/01/11 23:13:42.0265 1328 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2012/01/11 23:13:42.0352 1328 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2012/01/11 23:13:42.0393 1328 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2012/01/11 23:13:42.0426 1328 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2012/01/11 23:13:42.0469 1328 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2012/01/11 23:13:42.0516 1328 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2012/01/11 23:13:42.0573 1328 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2012/01/11 23:13:42.0647 1328 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
2012/01/11 23:13:42.0674 1328 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2012/01/11 23:13:42.0723 1328 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2012/01/11 23:13:42.0799 1328 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2012/01/11 23:13:42.0836 1328 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2012/01/11 23:13:42.0863 1328 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2012/01/11 23:13:42.0924 1328 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2012/01/11 23:13:42.0981 1328 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
2012/01/11 23:13:43.0000 1328 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2012/01/11 23:13:43.0038 1328 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
2012/01/11 23:13:43.0080 1328 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2012/01/11 23:13:43.0142 1328 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2012/01/11 23:13:43.0182 1328 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2012/01/11 23:13:43.0223 1328 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2012/01/11 23:13:43.0265 1328 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2012/01/11 23:13:43.0346 1328 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2012/01/11 23:13:43.0386 1328 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2012/01/11 23:13:43.0415 1328 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2012/01/11 23:13:43.0434 1328 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2012/01/11 23:13:43.0464 1328 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2012/01/11 23:13:43.0487 1328 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2012/01/11 23:13:43.0516 1328 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2012/01/11 23:13:43.0612 1328 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2012/01/11 23:13:43.0636 1328 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2012/01/11 23:13:43.0685 1328 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2012/01/11 23:13:43.0742 1328 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2012/01/11 23:13:43.0765 1328 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2012/01/11 23:13:43.0787 1328 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2012/01/11 23:13:43.0805 1328 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2012/01/11 23:13:43.0817 1328 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2012/01/11 23:13:43.0861 1328 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2012/01/11 23:13:43.0915 1328 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2012/01/11 23:13:43.0936 1328 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2012/01/11 23:13:43.0993 1328 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2012/01/11 23:13:44.0030 1328 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2012/01/11 23:13:44.0055 1328 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2012/01/11 23:13:44.0086 1328 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2012/01/11 23:13:44.0108 1328 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2012/01/11 23:13:44.0148 1328 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2012/01/11 23:13:44.0192 1328 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2012/01/11 23:13:44.0305 1328 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2012/01/11 23:13:44.0368 1328 RSUSBSTOR (9beb5f18a418ff70659ce2e356829568) C:\Windows\system32\Drivers\RtsUStor.sys
2012/01/11 23:13:44.0514 1328 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
2012/01/11 23:13:44.0549 1328 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
2012/01/11 23:13:44.0610 1328 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2012/01/11 23:13:44.0659 1328 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2012/01/11 23:13:44.0693 1328 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2012/01/11 23:13:44.0739 1328 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2012/01/11 23:13:44.0767 1328 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2012/01/11 23:13:44.0787 1328 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2012/01/11 23:13:44.0843 1328 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2012/01/11 23:13:44.0863 1328 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2012/01/11 23:13:44.0884 1328 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2012/01/11 23:13:44.0904 1328 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2012/01/11 23:13:44.0969 1328 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
2012/01/11 23:13:45.0029 1328 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
2012/01/11 23:13:45.0074 1328 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
2012/01/11 23:13:45.0102 1328 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
2012/01/11 23:13:45.0153 1328 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2012/01/11 23:13:45.0173 1328 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2012/01/11 23:13:45.0212 1328 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2012/01/11 23:13:45.0238 1328 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2012/01/11 23:13:45.0356 1328 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2012/01/11 23:13:45.0390 1328 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2012/01/11 23:13:45.0418 1328 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2012/01/11 23:13:45.0448 1328 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2012/01/11 23:13:45.0513 1328 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2012/01/11 23:13:45.0620 1328 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
2012/01/11 23:13:45.0723 1328 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
2012/01/11 23:13:45.0806 1328 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
2012/01/11 23:13:45.0867 1328 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2012/01/11 23:13:45.0900 1328 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2012/01/11 23:13:45.0916 1328 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2012/01/11 23:13:45.0957 1328 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2012/01/11 23:13:45.0976 1328 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2012/01/11 23:13:46.0036 1328 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2012/01/11 23:13:46.0096 1328 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2012/01/11 23:13:46.0185 1328 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2012/01/11 23:13:46.0248 1328 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
2012/01/11 23:13:46.0298 1328 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2012/01/11 23:13:46.0323 1328 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
2012/01/11 23:13:46.0359 1328 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2012/01/11 23:13:46.0406 1328 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2012/01/11 23:13:46.0444 1328 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2012/01/11 23:13:46.0473 1328 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2012/01/11 23:13:46.0525 1328 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2012/01/11 23:13:46.0547 1328 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2012/01/11 23:13:46.0592 1328 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2012/01/11 23:13:46.0641 1328 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2012/01/11 23:13:46.0677 1328 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2012/01/11 23:13:46.0698 1328 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2012/01/11 23:13:46.0711 1328 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2012/01/11 23:13:46.0741 1328 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2012/01/11 23:13:46.0762 1328 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2012/01/11 23:13:46.0785 1328 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2012/01/11 23:13:46.0811 1328 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2012/01/11 23:13:46.0847 1328 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2012/01/11 23:13:46.0867 1328 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2012/01/11 23:13:46.0886 1328 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2012/01/11 23:13:46.0909 1328 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2012/01/11 23:13:46.0935 1328 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2012/01/11 23:13:46.0965 1328 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2012/01/11 23:13:47.0008 1328 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2012/01/11 23:13:47.0063 1328 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2012/01/11 23:13:47.0136 1328 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2012/01/11 23:13:47.0167 1328 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2012/01/11 23:13:47.0214 1328 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2012/01/11 23:13:47.0256 1328 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2012/01/11 23:13:47.0296 1328 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2012/01/11 23:13:47.0304 1328 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2012/01/11 23:13:47.0335 1328 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2012/01/11 23:13:47.0365 1328 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2012/01/11 23:13:47.0401 1328 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2012/01/11 23:13:47.0421 1328 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2012/01/11 23:13:47.0487 1328 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2012/01/11 23:13:47.0515 1328 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2012/01/11 23:13:47.0551 1328 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2012/01/11 23:13:47.0593 1328 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2012/01/11 23:13:47.0618 1328 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2012/01/11 23:13:47.0681 1328 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2012/01/11 23:13:47.0700 1328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
2012/01/11 23:13:47.0713 1328 ================================================================================
2012/01/11 23:13:47.0713 1328 Scan finished
2012/01/11 23:13:47.0713 1328 ================================================================================
2012/01/11 23:13:47.0730 3448 Detected object count: 0
2012/01/11 23:13:47.0730 3448 Actual detected object count: 0

Roc · 11.01.2012, 23:33

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.01.2012 23:16:57 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 63,56% Memory free
7,96 Gb Paging File | 5,88 Gb Available in Paging File | 73,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 404,45 Gb Free Space | 89,75% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 1,86 Gb Total Space | 1,18 Gb Free Space | 63,20% Space Free | Partition Type: FAT
 
Computer Name: DROGOSCH | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.09 12:28:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\24960-OTL.exe
PRC - [2012.01.08 03:45:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.10.05 23:31:15 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.06.28 20:14:10 | 000,400,040 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2011.06.28 20:14:10 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.02 22:35:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.04 13:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.02.25 07:19:30 | 000,061,952 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe
PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.09 06:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.12.09 06:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010.11.12 02:21:46 | 000,295,232 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2010.10.28 18:55:02 | 000,969,824 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 03:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.04.27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.04.02 09:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.09 16:14:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2012.01.08 03:45:21 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 10:57:02 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\60c320dbe033e8ff4830cdc059933f2c\IAStorUtil.ni.dll
MOD - [2011.10.14 10:57:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll
MOD - [2011.10.14 10:03:50 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.14 10:03:45 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.14 10:03:35 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.14 10:03:31 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.14 10:03:28 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.14 10:03:28 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.14 10:03:23 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.28 23:21:31 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.02.27 04:41:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011.02.25 07:19:30 | 000,061,952 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.12 02:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010.10.28 03:38:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.28 20:14:10 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.02 22:35:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.02.26 20:06:01 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.12.09 06:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.29 19:22:12 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.28 20:14:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.28 20:14:10 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.10 07:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.28 04:11:46 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.28 03:03:40 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.30 06:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 06:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.27 08:24:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.29 14:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.07.20 10:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.11 11:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.05 22:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.18 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.08 03:45:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.10 21:54:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Daniel\AppData\Roaming\5043 [2011.11.19 01:14:11 | 000,000,000 | ---D | M]
 
[2012.01.10 21:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2012.01.11 23:14:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\szfr3tp7.default\extensions
[2012.01.10 21:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.01.10 21:54:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.01.08 03:45:21 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.10 21:54:32 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 21:21:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.03 21:21:11 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 21:21:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 21:21:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Mozilla Firefox] C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{590F8133-C064-4BB6-9FA0-00BD017A0412}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9443097F-9960-484F-9F44-D5F904231400}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.11 23:12:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\tdsskiller_2.5.5.0
[2012.01.10 23:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.01.10 22:10:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.10 22:10:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.10 22:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.10 22:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.01.10 22:04:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.10 21:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.01.10 21:54:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.10 21:54:37 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.10 21:54:37 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.09 19:04:35 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Virus
[2012.01.09 16:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.09 16:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.09 16:09:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\24960-OTL.exe
[2012.01.04 23:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vocabulary
[2012.01.04 23:56:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Eigene Vokabelhefte
[2011.12.27 22:38:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Media Player Classic
[2011.12.27 22:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.12.27 22:37:52 | 000,839,680 | ---- | C] (www) -- C:\Windows\SysWow64\lameACM.acm
[2011.12.27 22:36:18 | 016,534,924 | ---- | C] (                                                            ) -- C:\Users\Daniel\Desktop\K-Lite_Codec_Pack_790_Full.exe
[2011.12.27 22:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.12.27 09:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.12.16 11:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.16 11:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.12.16 00:54:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 00:54:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 00:54:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 00:54:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 00:54:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 00:54:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 00:54:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.16 00:54:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.16 00:54:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.16 00:54:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.16 00:54:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.15 20:59:28 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 20:59:28 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.15 20:54:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.11 22:57:32 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.11 22:57:32 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.11 22:57:32 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.11 22:57:32 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.11 22:57:32 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.11 22:50:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:50:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.11 22:42:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.11 22:42:20 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.10 22:10:08 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.10 21:54:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.10 21:54:32 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.10 21:54:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.10 21:54:31 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.09 16:13:22 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.09 12:28:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\24960-OTL.exe
[2012.01.08 21:44:01 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.08 19:56:56 | 005,605,280 | ---- | M] () -- C:\Users\Daniel\Desktop\winf programmieren S.125.pdf
[2012.01.08 18:23:05 | 000,043,101 | ---- | M] () -- C:\Users\Daniel\Desktop\SII Lo sungen.pdf
[2012.01.08 17:50:19 | 000,616,654 | ---- | M] () -- C:\Users\Daniel\Desktop\KLR Skript Zsfassung.pdf
[2012.01.04 23:56:26 | 000,003,093 | ---- | M] () -- C:\Users\Daniel\Desktop\Vocabulary 2004.lnk
[2012.01.03 03:01:59 | 001,843,358 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0481.JPG
[2012.01.03 03:01:58 | 002,002,497 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0479.JPG
[2012.01.03 03:01:58 | 001,912,178 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0478.JPG
[2012.01.03 03:01:58 | 001,819,277 | ---- | M] () -- C:\Users\Daniel\Desktop\IMG_0480.JPG
[2011.12.27 22:37:04 | 016,534,924 | ---- | M] (                                                            ) -- C:\Users\Daniel\Desktop\K-Lite_Codec_Pack_790_Full.exe
[2011.12.16 11:44:56 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.16 11:10:09 | 000,457,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.10 22:10:08 | 000,001,820 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.09 16:13:22 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.08 21:44:01 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.08 19:56:56 | 005,605,280 | ---- | C] () -- C:\Users\Daniel\Desktop\winf programmieren S.125.pdf
[2012.01.08 18:23:05 | 000,043,101 | ---- | C] () -- C:\Users\Daniel\Desktop\SII Lo sungen.pdf
[2012.01.08 17:50:19 | 000,616,654 | ---- | C] () -- C:\Users\Daniel\Desktop\KLR Skript Zsfassung.pdf
[2012.01.04 23:56:26 | 000,003,093 | ---- | C] () -- C:\Users\Daniel\Desktop\Vocabulary 2004.lnk
[2012.01.04 23:56:26 | 000,003,053 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vocabulary 2004.lnk
[2012.01.03 03:00:56 | 001,843,358 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0481.JPG
[2012.01.03 03:00:55 | 002,002,497 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0479.JPG
[2012.01.03 03:00:55 | 001,819,277 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0480.JPG
[2012.01.03 03:00:54 | 001,912,178 | ---- | C] () -- C:\Users\Daniel\Desktop\IMG_0478.JPG
[2011.12.27 22:37:52 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.12.27 22:37:52 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.12.27 22:37:52 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011.12.27 22:37:51 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.12.27 22:34:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.16 11:44:56 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.19 01:14:01 | 000,000,072 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\blckdom.res
[2011.05.06 17:57:32 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.01 20:56:00 | 000,001,164 | ---- | C] () -- C:\Users\Daniel\AppData\Local\9A5FF4EA.il
[2011.05.01 20:56:00 | 000,000,280 | ---- | C] () -- C:\Users\Daniel\AppData\Local\IndexIE_9A5FF4EA.il
[2011.04.26 23:10:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.22 20:09:31 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.02.26 20:12:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.26 19:56:26 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.12.07 15:46:03 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.07 15:05:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.11.19 01:14:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\5043
[2011.10.30 17:55:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canon
[2011.08.28 11:42:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\digital publishing
[2011.11.19 01:13:53 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\kock
[2011.05.28 23:22:20 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org
[2011.08.28 11:40:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ProtectDISC
[2011.07.07 22:36:44 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SNS
[2012.01.09 02:23:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SoftGrid Client
[2011.11.16 10:09:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\toolplugin
[2011.05.17 22:27:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TP
[2011.11.19 01:13:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\xmldm
[2011.11.15 15:27:07 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Aus Sicherheitsgründen wurde ihre Windows systemherstellung blockiert Trojaner

Log-Analyse und Auswertung: Aus Sicherheitsgründen wurde ihre Windows systemherstellung blockiert Trojaner