| |
| |||||||
Log-Analyse und Auswertung: Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.01.2012, 09:58
| #1 |
| |  Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer Hallo bin neu hier und kenne mich nicht wirklich so gut mit pcs aus, aber seit Tagen laden die Mozilla Fenster immer so langsam und wenn ich den PC runterfahre steht da Beenden Erzwingen da im Hintergrund noch ein Programm läuft welches ich nicht kenne bzw. weiß welches das sein könnte. Habe den Avira Free Virenscanner und dieser hat mir gestern einen Virus angezeigt aber konnte nichts machen und heute ist er weg aber das selbe Problem immer noch. Kann auch das Update von Windows 7 Runterladen, da immer ein Fehler kommt und meinen PC zurück setzt usw.Habe als Betriebssystem Win7 in der 84Bit version, auch wenn ich so Fenster aufmachen dauert es bis diese laden. Bitte kann mir da jemand helfen??? Haben mit Malwarebytes nen Scan gemacht und hier der LOG: Malwarebytes Anti-Malware (Test) 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.24.02 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 TeVi :: SPEIDA [Administrator] Schutz: Aktiviert 24.01.2012 09:28:25 mbam-log-2012-01-24 (09-28-25).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 182734 Laufzeit: 4 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Wie soll ich weiter vorgehen???? Mfg |
|
24.01.2012, 10:09
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immerZitat:
__________________ |
|
24.01.2012, 10:10
| #3 |
| | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer Jetzt mit OTLOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 24.01.2012 09:59:33 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\TeVi\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,68 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 45,81% Memory free 7,35 Gb Paging File | 5,17 Gb Available in Paging File | 70,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,66 Gb Total Space | 331,24 Gb Free Space | 73,34% Space Free | Partition Type: NTFS Computer Name: SPEIDA | User Name: TeVi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.24 09:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TeVi\Downloads\OTL.exe PRC - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.01.07 20:16:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.10.26 06:12:58 | 000,490,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avscan.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.10.11 13:59:36 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.04.23 17:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.03.03 14:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.03.03 14:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.01.11 14:26:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll MOD - [2012.01.07 20:16:52 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.10.14 12:55:15 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll MOD - [2011.10.13 20:49:53 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll MOD - [2011.10.13 20:49:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll MOD - [2011.10.13 20:49:32 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll MOD - [2011.10.13 20:49:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll MOD - [2011.10.13 20:49:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll MOD - [2011.10.13 20:49:22 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll MOD - [2011.10.13 20:49:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2011.10.11 13:59:51 | 000,398,288 | ---- | M] () -- C:\program files (x86)\avira\antivir desktop\sqlite3.dll MOD - [2011.04.18 12:44:28 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2010.06.15 23:30:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.06.15 23:30:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll MOD - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe MOD - [2009.05.20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.03.02 17:12:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.11.02 11:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.12.14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.12.14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.04.17 06:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.10 08:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.09.30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.09.30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService) SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.11 16:43:51 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.10.11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.10.11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.04.07 03:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.03.02 17:23:12 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.03.02 16:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2010.03.02 16:07:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010.01.19 00:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.01.07 06:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.09.17 13:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.09.17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.06.17 17:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:64bit: - [2009.06.17 17:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.27 06:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={55539903-AC3D-419B-9620-80A87D2C707E}&mid=da80c8371b1a47d1abb51943ef554f2e-77f36269eee083d5f8fd75a9fb6cc2146caa7797&lang=de&ds=tt014&pr=sa&d=2011-12-12 22:23:41&v=9.0.0.22&sap=hp IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Google" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.09 21:39:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.23 21:25:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.23 21:25:27 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011.03.12 20:24:15 | 000,000,000 | ---D | M] [2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions [2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.01.05 18:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions [2011.03.04 20:02:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.11.19 20:55:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.12.12 22:23:45 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\avg@toolbar [2011.06.29 15:33:34 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\de-DE@dictionaries.addons.mozilla.org [2011.03.12 20:20:39 | 000,003,915 | ---- | M] () -- C:\Users\TeVi\AppData\Roaming\Mozilla\Firefox\Profiles\6iba8zqz.default\searchplugins\sweetim.xml [2012.01.07 20:17:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\TEVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6IBA8ZQZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.01.07 20:16:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011.10.03 09:49:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.15 13:33:08 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2011.10.03 09:49:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.03 09:49:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.03 09:49:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.03 09:49:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.03 09:49:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [FILSHtray] "C:\Program Files (x86)\FILSHtray\FILSHtray.exe" File not found O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\TeVi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88AECCC0-44D1-42C6-AD2D-AF406C6E9413}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.24 09:38:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CCF42632-AD35-4543-8CB9-EDBE54A22BC7} [2012.01.24 09:38:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FB5F5A62-6B04-4AEA-9145-F93C274AB813} [2012.01.24 09:24:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\Malwarebytes [2012.01.24 09:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.01.24 09:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.24 09:24:36 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.01.24 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.01.23 23:13:39 | 052,128,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2012.01.23 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\TeamViewer [2012.01.23 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B28101DC-EE64-4DA5-8732-A487973414E8} [2012.01.23 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1523117B-E8EE-435F-8E35-D00CFD251F44} [2012.01.23 15:38:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2D8A8DE4-CDAB-4F51-A07A-713B49ECBCE2} [2012.01.23 15:38:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D2A82867-3C67-4918-8468-C8D64E3EDFFE} [2012.01.22 19:47:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.01.22 18:51:50 | 000,000,000 | ---D | C] -- C:\1df072f148a7e78688646363e721 [2012.01.22 15:26:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{32ED8C87-14C9-4ED0-A755-7F1FE1D4AD13} [2012.01.22 15:26:28 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{55EC901C-3297-4DD5-B3D9-5FFEE3DDD281} [2012.01.20 11:59:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1C8DC8C1-EC06-48F5-9FD4-2DC82A3F97B1} [2012.01.20 11:59:12 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{79C27051-2A03-4C56-8E13-D0D7EBCA4D15} [2012.01.19 19:23:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5807003-C4D3-4073-BB79-5D5A7D5D3E7F} [2012.01.19 19:22:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5114A23-41A2-4B45-B7AB-CF7A2FBCE05F} [2012.01.18 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5F3E0C43-2E38-481C-A30D-B8B6648A5560} [2012.01.18 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{64137A58-6881-4DD4-BEDA-A823B576F6F7} [2012.01.17 12:46:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7E3FDBD9-4E00-4188-9EEA-BC3D03E6EFF1} [2012.01.17 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2F3491FA-B6C7-4378-AE33-BCEDDB39C751} [2012.01.16 18:49:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4FFA93C2-331A-451C-A7DB-699CAB598555} [2012.01.16 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD990988-A0C2-47B5-B42E-F889D5A5C8A8} [2012.01.15 11:46:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6209AD39-3C71-4113-820D-30095B8B1053} [2012.01.15 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{23CD9C9B-C5D3-4678-AE0E-2D0D65801AA9} [2012.01.14 12:07:20 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{933A413E-4253-40C5-ACC4-E71682ED1530} [2012.01.14 12:06:59 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1CD3A480-A6D6-45F6-9FC9-B102B17DF2CA} [2012.01.13 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{93BE3861-8DED-412D-9B80-9ABB974DC5DA} [2012.01.13 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{EEE9C81E-4862-4F0E-9059-7BD3EB6FCE19} [2012.01.12 13:08:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8454D6B2-3728-4DDB-A4DF-FA2FE2A79358} [2012.01.12 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9F0598D2-02CF-49A3-B55E-6B1EF3B68581} [2012.01.11 14:14:46 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.11 14:14:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.11 14:14:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.11 14:14:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.11 14:14:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.11 14:14:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.11 13:21:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 13:21:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 13:21:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 13:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 13:21:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 13:21:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 13:21:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.11 13:15:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8173E4CD-B196-4B6B-B56B-77723A6382B8} [2012.01.11 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{27F7DC36-8A89-4381-AFB0-32C4668AF864} [2012.01.10 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{226D5019-A4A6-4D64-B351-78A7558DDFF4} [2012.01.10 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{11F795E9-B89B-4F57-8427-FE5D083BCE84} [2012.01.09 15:21:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{C5D99653-C721-49A6-9E55-7D57CDFCE92F} [2012.01.09 15:20:50 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7209EE81-C960-4AE8-B98C-80B61B23B2A6} [2012.01.08 20:55:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D450A392-6802-47B6-B2DC-EADE3D5EB7C5} [2012.01.08 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{0DED55CC-0F32-4995-AEFE-D1122F51E4AE} [2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\Documents\FILSHtray [2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\FILSH_Media_GmbH [2012.01.07 22:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray [2012.01.07 21:53:37 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{E65D36E9-8538-472F-BC7E-AD618686C500} [2012.01.07 21:53:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1579FA8D-69E1-414D-BA2C-715DE3C3BFD2} [2012.01.07 09:03:00 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8F864D4C-6F2C-4ED4-A6CD-8C94A2755E12} [2012.01.07 09:02:35 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD2F6B3E-85EC-4050-9A4E-1001F6DC1ECB} [2012.01.06 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A53800E1-856E-45FC-A1E5-5E841DDF8398} [2012.01.06 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7EF0DA36-070F-4367-879F-4F84C87A92CF} [2012.01.05 17:23:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CF7D8AAE-02B6-4E74-8F9D-EF27D489D0E3} [2012.01.05 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8727E79C-FFEF-4667-B46F-36F83D5C61A4} [2012.01.04 16:05:54 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{25692D0F-D930-45EA-9CBB-834EB633063F} [2012.01.04 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{763B0C2C-005B-4929-B182-C6075105BB2F} [2012.01.03 20:34:55 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A7CE97F9-0062-4D17-A2DE-EA170DC97491} [2012.01.03 20:34:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{366EF194-779C-469B-BC6D-A8F0ACC58DC6} [2012.01.03 08:09:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BD48D1AC-59C8-4C9A-92DF-BB684388A37C} [2012.01.03 08:09:06 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9DAB703F-1247-4CEA-929B-00A600E1B893} [2012.01.02 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D83225C8-CBA8-438D-9CE3-395B4D5EEFE5} [2012.01.02 12:11:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{21641C22-1F42-43CA-AF8D-5FBE20345801} [2012.01.01 21:03:43 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1D6EA0D3-D73C-4A55-AED9-0E9C84F2B657} [2012.01.01 21:03:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6C8B6F20-56B9-4501-9201-F330688B8B3D} [2011.12.31 12:13:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{565A6C1D-0BC0-411F-9A2D-C822616DDB41} [2011.12.31 12:13:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D419D6AA-23BD-42CF-906D-6091096B087F} [2011.12.30 10:04:10 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4A8FC2EC-9409-4212-B335-0065056876B0} [2011.12.30 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{780E7637-AA4F-4D22-89B0-90445CF87D1F} [2011.12.29 23:48:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{F371E37B-A470-419E-9310-362E94C9E0C0} [2011.12.29 23:48:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BF5DFE72-F9CC-4C23-AE87-D27A5D438F35} [2011.12.29 10:27:49 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{73581D8A-F6C3-4948-A1BF-30227ED3C122} [2011.12.29 10:27:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D613B4FD-27A8-46EB-A4CB-D3FF7BE49845} [2011.12.28 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FC158257-E9C5-4512-B09A-57A1780AB65B} [2011.12.28 12:26:39 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8FD4A652-1F8F-474B-AF5B-9CCB79272B29} [2011.12.28 10:54:40 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{997A5368-A698-4359-A3A1-737A21D1128D} [2011.12.27 23:39:21 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4F861D49-3E7F-44D6-9514-2796A10DD766} [2011.12.27 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5DAE28A6-7C39-4025-BFB2-DAFFF6A3E0A6} [2011.12.27 22:35:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{90289EF0-A381-4C9C-BFF9-AF92E3C6F0AD} [2011.12.27 10:27:18 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{879A95B1-A4B1-4A86-9557-1DC1C2660E3E} [2011.12.27 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B9AFE160-3C31-432A-B5E2-FCC283BD02D7} [2011.12.26 10:46:19 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{071C5ABF-F254-4F31-923A-AC64B2FD96A0} [2011.12.26 10:45:57 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{611FD087-FADD-4E2E-B3B1-35C0394A60A3} [2011.12.25 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6692C19D-0CA5-4387-92CC-081C7F8F1360} [2011.12.25 18:00:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{985A3654-9173-4F0D-903D-BD6978C85770} [2010.06.15 13:51:48 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe ========== Files - Modified Within 30 Days ========== [2012.01.24 09:44:43 | 000,000,000 | ---- | M] () -- C:\Users\TeVi\defogger_reenable [2012.01.24 09:37:10 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.24 08:43:54 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.01.24 08:43:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.24 08:43:36 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys [2012.01.23 22:30:24 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012.01.23 20:20:49 | 293,397,967 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.01.23 19:12:40 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat [2012.01.12 22:23:32 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.12 22:23:32 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.12 22:23:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.12 22:23:32 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.12 22:23:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.12 17:16:38 | 000,131,330 | ---- | M] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf [2012.01.10 19:01:01 | 001,303,530 | ---- | M] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf [2012.01.04 17:15:16 | 052,128,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2011.12.30 13:32:56 | 000,643,545 | ---- | M] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf ========== Files Created - No Company Name ========== [2012.01.24 09:44:37 | 000,000,000 | ---- | C] () -- C:\Users\TeVi\defogger_reenable [2012.01.23 20:20:49 | 293,397,967 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.01.23 19:12:40 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat [2012.01.12 17:06:51 | 000,131,330 | ---- | C] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf [2012.01.10 19:01:00 | 001,303,530 | ---- | C] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf [2011.12.30 13:32:56 | 000,643,545 | ---- | C] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf [2011.07.28 21:01:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011.07.27 13:43:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2011.03.03 18:11:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.06.15 13:51:48 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll [2010.06.15 13:51:48 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2010.06.15 13:51:48 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2010.06.15 13:51:48 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2010.06.15 13:51:48 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2010.06.15 13:44:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.06.15 13:40:49 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2010.05.14 03:29:27 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.04.14 12:01:04 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.14 12:01:02 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.04.14 12:01:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.04.14 12:01:02 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.04.14 12:01:01 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.04.14 12:01:00 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.02.11 23:45:52 | 000,015,432 | R--- | C] () -- C:\Windows\SysWow64\drivers\UCORESYS.sys [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > |
|
24.01.2012, 10:11
| #4 |
| | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer Jetzt mit OTLOTL Logfile: Code:
ATTFilter OTL logfile created on: 24.01.2012 09:59:33 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\TeVi\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,68 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 45,81% Memory free 7,35 Gb Paging File | 5,17 Gb Available in Paging File | 70,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,66 Gb Total Space | 331,24 Gb Free Space | 73,34% Space Free | Partition Type: NTFS Computer Name: SPEIDA | User Name: TeVi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.24 09:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TeVi\Downloads\OTL.exe PRC - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.01.07 20:16:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.10.26 06:12:58 | 000,490,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avscan.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.10.11 13:59:36 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.04.23 17:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.03.03 14:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.03.03 14:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.01.11 14:26:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll MOD - [2012.01.07 20:16:52 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.10.14 12:55:15 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll MOD - [2011.10.13 20:49:53 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll MOD - [2011.10.13 20:49:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll MOD - [2011.10.13 20:49:32 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll MOD - [2011.10.13 20:49:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll MOD - [2011.10.13 20:49:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll MOD - [2011.10.13 20:49:22 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll MOD - [2011.10.13 20:49:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2011.10.11 13:59:51 | 000,398,288 | ---- | M] () -- C:\program files (x86)\avira\antivir desktop\sqlite3.dll MOD - [2011.04.18 12:44:28 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2010.06.15 23:30:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.06.15 23:30:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll MOD - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe MOD - [2009.05.20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.03.02 17:12:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.11.02 11:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.12.14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.12.14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.04.17 06:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.10 08:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.09.30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.09.30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService) SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.11 16:43:51 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.10.11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.10.11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.04.07 03:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.03.02 17:23:12 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.03.02 16:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2010.03.02 16:07:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010.01.19 00:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.01.07 06:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.09.17 13:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.09.17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.06.17 17:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd) DRV:64bit: - [2009.06.17 17:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.27 06:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={55539903-AC3D-419B-9620-80A87D2C707E}&mid=da80c8371b1a47d1abb51943ef554f2e-77f36269eee083d5f8fd75a9fb6cc2146caa7797&lang=de&ds=tt014&pr=sa&d=2011-12-12 22:23:41&v=9.0.0.22&sap=hp IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Google" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.09 21:39:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.23 21:25:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.23 21:25:27 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011.03.12 20:24:15 | 000,000,000 | ---D | M] [2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions [2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.01.05 18:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions [2011.03.04 20:02:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.11.19 20:55:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.12.12 22:23:45 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\avg@toolbar [2011.06.29 15:33:34 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\de-DE@dictionaries.addons.mozilla.org [2011.03.12 20:20:39 | 000,003,915 | ---- | M] () -- C:\Users\TeVi\AppData\Roaming\Mozilla\Firefox\Profiles\6iba8zqz.default\searchplugins\sweetim.xml [2012.01.07 20:17:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\TEVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6IBA8ZQZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.01.07 20:16:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011.10.03 09:49:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.15 13:33:08 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2011.10.03 09:49:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.03 09:49:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.03 09:49:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.03 09:49:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.03 09:49:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [FILSHtray] "C:\Program Files (x86)\FILSHtray\FILSHtray.exe" File not found O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\TeVi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88AECCC0-44D1-42C6-AD2D-AF406C6E9413}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.24 09:38:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CCF42632-AD35-4543-8CB9-EDBE54A22BC7} [2012.01.24 09:38:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FB5F5A62-6B04-4AEA-9145-F93C274AB813} [2012.01.24 09:24:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\Malwarebytes [2012.01.24 09:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.01.24 09:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.24 09:24:36 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.01.24 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.01.23 23:13:39 | 052,128,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2012.01.23 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\TeamViewer [2012.01.23 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B28101DC-EE64-4DA5-8732-A487973414E8} [2012.01.23 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1523117B-E8EE-435F-8E35-D00CFD251F44} [2012.01.23 15:38:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2D8A8DE4-CDAB-4F51-A07A-713B49ECBCE2} [2012.01.23 15:38:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D2A82867-3C67-4918-8468-C8D64E3EDFFE} [2012.01.22 19:47:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.01.22 18:51:50 | 000,000,000 | ---D | C] -- C:\1df072f148a7e78688646363e721 [2012.01.22 15:26:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{32ED8C87-14C9-4ED0-A755-7F1FE1D4AD13} [2012.01.22 15:26:28 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{55EC901C-3297-4DD5-B3D9-5FFEE3DDD281} [2012.01.20 11:59:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1C8DC8C1-EC06-48F5-9FD4-2DC82A3F97B1} [2012.01.20 11:59:12 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{79C27051-2A03-4C56-8E13-D0D7EBCA4D15} [2012.01.19 19:23:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5807003-C4D3-4073-BB79-5D5A7D5D3E7F} [2012.01.19 19:22:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5114A23-41A2-4B45-B7AB-CF7A2FBCE05F} [2012.01.18 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5F3E0C43-2E38-481C-A30D-B8B6648A5560} [2012.01.18 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{64137A58-6881-4DD4-BEDA-A823B576F6F7} [2012.01.17 12:46:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7E3FDBD9-4E00-4188-9EEA-BC3D03E6EFF1} [2012.01.17 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2F3491FA-B6C7-4378-AE33-BCEDDB39C751} [2012.01.16 18:49:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4FFA93C2-331A-451C-A7DB-699CAB598555} [2012.01.16 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD990988-A0C2-47B5-B42E-F889D5A5C8A8} [2012.01.15 11:46:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6209AD39-3C71-4113-820D-30095B8B1053} [2012.01.15 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{23CD9C9B-C5D3-4678-AE0E-2D0D65801AA9} [2012.01.14 12:07:20 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{933A413E-4253-40C5-ACC4-E71682ED1530} [2012.01.14 12:06:59 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1CD3A480-A6D6-45F6-9FC9-B102B17DF2CA} [2012.01.13 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{93BE3861-8DED-412D-9B80-9ABB974DC5DA} [2012.01.13 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{EEE9C81E-4862-4F0E-9059-7BD3EB6FCE19} [2012.01.12 13:08:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8454D6B2-3728-4DDB-A4DF-FA2FE2A79358} [2012.01.12 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9F0598D2-02CF-49A3-B55E-6B1EF3B68581} [2012.01.11 14:14:46 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.11 14:14:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.11 14:14:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.11 14:14:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.11 14:14:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.11 14:14:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.11 13:21:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 13:21:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 13:21:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 13:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 13:21:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 13:21:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 13:21:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.11 13:15:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8173E4CD-B196-4B6B-B56B-77723A6382B8} [2012.01.11 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{27F7DC36-8A89-4381-AFB0-32C4668AF864} [2012.01.10 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{226D5019-A4A6-4D64-B351-78A7558DDFF4} [2012.01.10 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{11F795E9-B89B-4F57-8427-FE5D083BCE84} [2012.01.09 15:21:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{C5D99653-C721-49A6-9E55-7D57CDFCE92F} [2012.01.09 15:20:50 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7209EE81-C960-4AE8-B98C-80B61B23B2A6} [2012.01.08 20:55:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D450A392-6802-47B6-B2DC-EADE3D5EB7C5} [2012.01.08 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{0DED55CC-0F32-4995-AEFE-D1122F51E4AE} [2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\Documents\FILSHtray [2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\FILSH_Media_GmbH [2012.01.07 22:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray [2012.01.07 21:53:37 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{E65D36E9-8538-472F-BC7E-AD618686C500} [2012.01.07 21:53:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1579FA8D-69E1-414D-BA2C-715DE3C3BFD2} [2012.01.07 09:03:00 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8F864D4C-6F2C-4ED4-A6CD-8C94A2755E12} [2012.01.07 09:02:35 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD2F6B3E-85EC-4050-9A4E-1001F6DC1ECB} [2012.01.06 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A53800E1-856E-45FC-A1E5-5E841DDF8398} [2012.01.06 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7EF0DA36-070F-4367-879F-4F84C87A92CF} [2012.01.05 17:23:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CF7D8AAE-02B6-4E74-8F9D-EF27D489D0E3} [2012.01.05 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8727E79C-FFEF-4667-B46F-36F83D5C61A4} [2012.01.04 16:05:54 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{25692D0F-D930-45EA-9CBB-834EB633063F} [2012.01.04 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{763B0C2C-005B-4929-B182-C6075105BB2F} [2012.01.03 20:34:55 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A7CE97F9-0062-4D17-A2DE-EA170DC97491} [2012.01.03 20:34:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{366EF194-779C-469B-BC6D-A8F0ACC58DC6} [2012.01.03 08:09:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BD48D1AC-59C8-4C9A-92DF-BB684388A37C} [2012.01.03 08:09:06 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9DAB703F-1247-4CEA-929B-00A600E1B893} [2012.01.02 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D83225C8-CBA8-438D-9CE3-395B4D5EEFE5} [2012.01.02 12:11:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{21641C22-1F42-43CA-AF8D-5FBE20345801} [2012.01.01 21:03:43 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1D6EA0D3-D73C-4A55-AED9-0E9C84F2B657} [2012.01.01 21:03:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6C8B6F20-56B9-4501-9201-F330688B8B3D} [2011.12.31 12:13:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{565A6C1D-0BC0-411F-9A2D-C822616DDB41} [2011.12.31 12:13:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D419D6AA-23BD-42CF-906D-6091096B087F} [2011.12.30 10:04:10 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4A8FC2EC-9409-4212-B335-0065056876B0} [2011.12.30 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{780E7637-AA4F-4D22-89B0-90445CF87D1F} [2011.12.29 23:48:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{F371E37B-A470-419E-9310-362E94C9E0C0} [2011.12.29 23:48:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BF5DFE72-F9CC-4C23-AE87-D27A5D438F35} [2011.12.29 10:27:49 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{73581D8A-F6C3-4948-A1BF-30227ED3C122} [2011.12.29 10:27:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D613B4FD-27A8-46EB-A4CB-D3FF7BE49845} [2011.12.28 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FC158257-E9C5-4512-B09A-57A1780AB65B} [2011.12.28 12:26:39 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8FD4A652-1F8F-474B-AF5B-9CCB79272B29} [2011.12.28 10:54:40 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{997A5368-A698-4359-A3A1-737A21D1128D} [2011.12.27 23:39:21 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4F861D49-3E7F-44D6-9514-2796A10DD766} [2011.12.27 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5DAE28A6-7C39-4025-BFB2-DAFFF6A3E0A6} [2011.12.27 22:35:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{90289EF0-A381-4C9C-BFF9-AF92E3C6F0AD} [2011.12.27 10:27:18 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{879A95B1-A4B1-4A86-9557-1DC1C2660E3E} [2011.12.27 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B9AFE160-3C31-432A-B5E2-FCC283BD02D7} [2011.12.26 10:46:19 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{071C5ABF-F254-4F31-923A-AC64B2FD96A0} [2011.12.26 10:45:57 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{611FD087-FADD-4E2E-B3B1-35C0394A60A3} [2011.12.25 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6692C19D-0CA5-4387-92CC-081C7F8F1360} [2011.12.25 18:00:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{985A3654-9173-4F0D-903D-BD6978C85770} [2010.06.15 13:51:48 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe ========== Files - Modified Within 30 Days ========== [2012.01.24 09:44:43 | 000,000,000 | ---- | M] () -- C:\Users\TeVi\defogger_reenable [2012.01.24 09:37:10 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.24 08:43:54 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.01.24 08:43:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.24 08:43:36 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys [2012.01.23 22:30:24 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012.01.23 20:20:49 | 293,397,967 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.01.23 19:12:40 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat [2012.01.12 22:23:32 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.12 22:23:32 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.12 22:23:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.12 22:23:32 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.12 22:23:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.12 17:16:38 | 000,131,330 | ---- | M] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf [2012.01.10 19:01:01 | 001,303,530 | ---- | M] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf [2012.01.04 17:15:16 | 052,128,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2011.12.30 13:32:56 | 000,643,545 | ---- | M] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf ========== Files Created - No Company Name ========== [2012.01.24 09:44:37 | 000,000,000 | ---- | C] () -- C:\Users\TeVi\defogger_reenable [2012.01.23 20:20:49 | 293,397,967 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.01.23 19:12:40 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat [2012.01.12 17:06:51 | 000,131,330 | ---- | C] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf [2012.01.10 19:01:00 | 001,303,530 | ---- | C] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf [2011.12.30 13:32:56 | 000,643,545 | ---- | C] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf [2011.07.28 21:01:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011.07.27 13:43:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2011.03.03 18:11:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.06.15 13:51:48 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll [2010.06.15 13:51:48 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2010.06.15 13:51:48 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2010.06.15 13:51:48 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2010.06.15 13:51:48 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2010.06.15 13:44:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.06.15 13:40:49 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2010.05.14 03:29:27 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.04.14 12:01:04 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.14 12:01:02 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.04.14 12:01:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.04.14 12:01:02 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.04.14 12:01:01 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.04.14 12:01:00 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.02.11 23:45:52 | 000,015,432 | R--- | C] () -- C:\Windows\SysWow64\drivers\UCORESYS.sys [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > |
|
24.01.2012, 10:15
| #5 |
| | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer Hier der LOG Vom Virus Scanner Avira Free Antivirus Erstellungsdatum der Reportdatei: Montag, 23. Januar 2012 22:21 Es wird nach 3213551 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira AntiVir Personal - Free Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows 7 x64 Windowsversion : (plain) [6.1.7600] Boot Modus : Normal gebootet Benutzername : TeVi Computername : SPEIDA Versionsinformationen: BUILD.DAT : 12.0.0.872 Bytes 15.12.2011 16:24:00 AVSCAN.EXE : 12.1.0.18 490448 Bytes 26.10.2011 05:12:58 AVSCAN.DLL : 12.1.0.17 65744 Bytes 11.10.2011 12:59:58 LUKE.DLL : 12.1.0.17 68304 Bytes 11.10.2011 12:59:47 AVSCPLR.DLL : 12.1.0.21 99536 Bytes 11.12.2011 15:43:53 AVREG.DLL : 12.1.0.27 227536 Bytes 11.12.2011 15:43:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 19:34:18 VBASE003.VDF : 7.11.19.171 2048 Bytes 20.12.2011 19:34:18 VBASE004.VDF : 7.11.19.172 2048 Bytes 20.12.2011 19:34:19 VBASE005.VDF : 7.11.19.173 2048 Bytes 20.12.2011 19:34:19 VBASE006.VDF : 7.11.19.174 2048 Bytes 20.12.2011 19:34:20 VBASE007.VDF : 7.11.19.175 2048 Bytes 20.12.2011 19:34:20 VBASE008.VDF : 7.11.19.176 2048 Bytes 20.12.2011 19:34:20 VBASE009.VDF : 7.11.19.177 2048 Bytes 20.12.2011 19:34:20 VBASE010.VDF : 7.11.19.178 2048 Bytes 20.12.2011 19:34:20 VBASE011.VDF : 7.11.19.179 2048 Bytes 20.12.2011 19:34:20 VBASE012.VDF : 7.11.19.180 2048 Bytes 20.12.2011 19:34:20 VBASE013.VDF : 7.11.19.217 182784 Bytes 22.12.2011 14:13:06 VBASE014.VDF : 7.11.19.255 148480 Bytes 24.12.2011 16:57:44 VBASE015.VDF : 7.11.20.29 164352 Bytes 27.12.2011 09:44:29 VBASE016.VDF : 7.11.20.70 180224 Bytes 29.12.2011 09:44:11 VBASE017.VDF : 7.11.20.102 240640 Bytes 02.01.2012 19:59:40 VBASE018.VDF : 7.11.20.139 164864 Bytes 04.01.2012 19:59:40 VBASE019.VDF : 7.11.20.178 167424 Bytes 06.01.2012 22:23:54 VBASE020.VDF : 7.11.20.207 230400 Bytes 10.01.2012 17:52:40 VBASE021.VDF : 7.11.20.236 150528 Bytes 11.01.2012 18:04:01 VBASE022.VDF : 7.11.21.13 135168 Bytes 13.01.2012 19:46:02 VBASE023.VDF : 7.11.21.40 163840 Bytes 16.01.2012 19:46:04 VBASE024.VDF : 7.11.21.65 1001472 Bytes 17.01.2012 19:46:19 VBASE025.VDF : 7.11.21.98 487424 Bytes 19.01.2012 19:47:11 VBASE026.VDF : 7.11.21.99 2048 Bytes 19.01.2012 19:47:11 VBASE027.VDF : 7.11.21.100 2048 Bytes 19.01.2012 19:47:12 VBASE028.VDF : 7.11.21.101 2048 Bytes 19.01.2012 19:47:13 VBASE029.VDF : 7.11.21.102 2048 Bytes 19.01.2012 19:47:13 VBASE030.VDF : 7.11.21.103 2048 Bytes 19.01.2012 19:47:13 VBASE031.VDF : 7.11.21.137 209920 Bytes 23.01.2012 20:46:17 Engineversion : 8.2.8.34 AEVDF.DLL : 8.1.2.2 106868 Bytes 26.10.2011 05:12:52 AESCRIPT.DLL : 8.1.4.1 434553 Bytes 19.01.2012 19:49:01 AESCN.DLL : 8.1.8.1 127348 Bytes 19.01.2012 19:48:53 AESBX.DLL : 8.2.4.5 434549 Bytes 01.12.2011 18:33:54 AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06 AEPACK.DLL : 8.2.16.1 799094 Bytes 17.01.2012 19:46:28 AEOFFICE.DLL : 8.1.2.25 201084 Bytes 03.01.2012 20:00:00 AEHEUR.DLL : 8.1.3.19 4309367 Bytes 19.01.2012 19:48:51 AEHELP.DLL : 8.1.19.0 254327 Bytes 19.01.2012 19:47:24 AEGEN.DLL : 8.1.5.17 405877 Bytes 11.12.2011 15:43:13 AEEMU.DLL : 8.1.3.0 393589 Bytes 01.09.2011 21:46:01 AECORE.DLL : 8.1.25.2 201079 Bytes 19.01.2012 19:47:19 AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01 AVWINLL.DLL : 12.1.0.17 27344 Bytes 11.10.2011 12:59:41 AVPREF.DLL : 12.1.0.17 51920 Bytes 11.10.2011 12:59:38 AVREP.DLL : 12.1.0.17 179408 Bytes 11.10.2011 12:59:38 AVARKT.DLL : 12.1.0.19 208848 Bytes 11.12.2011 15:43:36 AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 11.10.2011 12:59:37 SQLITE3.DLL : 3.7.0.0 398288 Bytes 11.10.2011 12:59:51 AVSMTP.DLL : 12.1.0.17 62928 Bytes 11.10.2011 12:59:39 NETNT.DLL : 12.1.0.17 17104 Bytes 11.10.2011 12:59:47 RCIMAGE.DLL : 12.1.0.17 4447952 Bytes 11.10.2011 13:00:00 RCTEXT.DLL : 12.1.0.16 98512 Bytes 11.10.2011 13:00:00 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Lokale Laufwerke Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp Protokollierung.......................: standard Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, D:, Durchsuche aktive Programme...........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: aus Integritätsprüfung von Systemdateien..: aus Datei Suchmodus.......................: Intelligente Dateiauswahl Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Montag, 23. Januar 2012 22:21 Der Suchlauf über die Masterbootsektoren wird begonnen: Masterbootsektor HD0 [INFO] Es wurde kein Virus gefunden! [INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'C:\' [INFO] Es wurde kein Virus gefunden! [INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'SetPoint32.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'EgisUpdate.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'vprot.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ArcadeMovieService.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.bin' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'LManager.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'BackupManagerTray.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PmmUpdate.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorIcon.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'RocketDock.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PLFSetI.exe' - '1' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '3589' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' <Acer> C:\Users\Public\Videos\Sample Videos\Deutsche-Amateure - Aische pervers 1\Amateure 3Clips.7z [WARNUNG] Die Datei konnte nicht gelesen werden! C:\Users\TeVi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52H7I0PG\wbkE0C7.tmp [FUND] Enthält Erkennungsmuster der Phish-Datei/Email PHISH/MasterCar.A.2 Beginne mit der Suche in 'D:\' Der zu durchsuchende Pfad D:\ konnte nicht geöffnet werden! Systemfehler [21]: Das Gerät ist nicht bereit. Beginne mit der Desinfektion: C:\Users\TeVi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52H7I0PG\wbkE0C7.tmp [FUND] Enthält Erkennungsmuster der Phish-Datei/Email PHISH/MasterCar.A.2 [HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b154ded.qua' verschoben! Ende des Suchlaufs: Montag, 23. Januar 2012 23:43 Benötigte Zeit: 1:18:01 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 28019 Verzeichnisse wurden überprüft 655265 Dateien wurden geprüft 1 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 1 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 655264 Dateien ohne Befall 4492 Archive wurden durchsucht 1 Warnungen 1 Hinweise |
|
24.01.2012, 11:02
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ --> Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer |
|
24.01.2012, 11:18
| #7 |
| | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immerCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.24.02 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 TeVi :: SPEIDA [Administrator] Schutz: Aktiviert 24.01.2012 11:06:53 mbam-log-2012-01-24 (11-06-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 182734 Laufzeit: 9 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
24.01.2012, 11:39
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immerZitat:
Denk dran vorher die Signaturen von Malwarebytes zu aktualisieren, da gibt es sehr häufig neue Updates!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer |
| administrator, anti-malware, autostart, avira, beenden, dateien, dateisystem, explorer, fehler, free, heuristiks/extra, heuristiks/shuriken, hintergrund, langsam, log, lädt, malwarebytes, mozilla, neu, problem, programm, scan, speicher, update, virenscanner, virus, win7, windows |
Linear-Darstellung
