| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.02.2012, 17:54
| #1 |
 |  Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Hallo zusammen, nun hat es mich also auch einmal erwischt, nach vielen Jahren ohne Probleme mit Viren und Co. Gestern tauchte dann dieser Warnhinweis auf, Taskmanager und Co. gingen nicht mehr. Das passierte, als ein Update, für ein Spiel, installiert wurde, direkt vom Hersteller. Kein Surfen im Netz zu dem Zeitpunkt. Wenn ich das richtig hier lese, ann braucht ihr zuerst 2 Logfiles. Die poste ich jetzt mal hier rein, wenn es noch mehr braucht, einfach sagen. Code:
ATTFilter
OTL Extras logfile created on: 06.02.2012 17:39:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Andreas\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free
8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 73 00 61 98 9A 8B C8 01 [binary data]
"VistaSp2" = 55 7D 0A D4 F8 DE C9 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA3F193-D701-4F85-A305-34D665E85AA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0B6477AB-596D-4298-9204-D72A16071A24}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0C474E9D-768E-4331-8D58-EBB0F7E7E447}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{168D96D3-8891-47B7-A2A3-FAE7C4D4D9F5}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{1A941407-0BFF-43E8-AF1C-E086E4F70C12}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1B42FFFD-D259-4FD5-8AEC-E6E8BCBAF255}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1C829E48-51A7-4238-9C90-376E0552C6B7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1FC06B37-6FBA-4FB1-97F0-8E352E8141F9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2510D59B-3B98-4034-B65D-D7D7FB386CED}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{2B0EC09B-B2C3-4FDC-A4CA-4BB48B2DB1AD}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{2F0F0511-7F33-4639-B5F0-6A47025DEDF3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{31BA2E3D-5967-41FE-BBFE-2ED8BCF8E7F9}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{341BD94C-1047-440C-8385-7D8C11469495}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3786176A-916F-4DF9-9B63-0E96B0801F2A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{39495BC2-7065-41EA-B94D-B128A3D568DA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{43A1D7F8-A559-4AD4-9108-F71F179915A2}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{46962477-4940-4657-8E54-F2B324DB4F03}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{50F50612-F212-4EAD-A44B-3EFA9AC6A8FB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{676B5CE3-E1E2-4884-80B1-F6E8E57BDEF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6835225E-F5EF-4EF7-B931-8542AD8C65AC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6BF56210-A8BD-481B-8010-B0B643F2BCBA}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{76CCD1D1-BE93-46AB-BFD2-C9140B638BCE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77E17B6B-7402-4369-B91F-AFDB56B86973}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{82F970B7-3D55-4908-A55D-17EFACC9FEBE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{850E4B18-DBB5-4C98-9209-AE84EC6B1B4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5BE2A71-3794-4F3F-9FAB-8CFD95E44E75}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A7043835-60AB-4124-9986-356F0D8115EB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BC9191C1-5FF7-4558-80B6-DD8142B817C8}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BEAFCA57-DC28-42A2-A6EF-BE203DBD54DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C6B5C0CE-D343-4933-BF60-D3E6A9C15F3A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5B6C1E6-1491-41CF-A74C-DBBA3B23C7D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052BE1F4-B4CA-41F9-9C92-AEF6C8607A40}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0ACBB0BD-F33C-43CE-957E-26921A539180}" = protocol=17 | dir=in | app=g:\games\curse-update\curse\curseclient.exe |
"{0C941F73-46BC-4BF2-8FA4-B4984960C45E}" = protocol=6 | dir=in | app=i:\games\anno2070\anno5.exe |
"{0D3A1401-1B57-4CD5-9C97-C48C53C9C7C8}" = protocol=6 | dir=in | app=g:\games\wow\wow.exe |
"{18FF1AA2-958D-4D38-9F02-408AB3232AA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1A6C1426-C972-4B73-88B3-50946EEAB307}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1E9F0540-A661-4CE9-A964-E4E36ACE070F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1F3F491B-DA44-4A46-87FD-DC78478DC5AD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2281D7DF-8732-4DF4-851F-85667548D6D6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{25AABB5C-1D3A-4BEE-B93A-DEEE11C8D431}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe |
"{2A302ACA-37C2-43B9-B673-4A9D0E9BC48D}" = protocol=17 | dir=in | app=g:\programme\curse\curseclient.exe |
"{2BE49371-284D-4A14-B237-DFE6FE5BDD90}" = protocol=6 | dir=in | app=i:\games\wow\launcher.exe |
"{2CAD0F3C-2D7F-4859-A52B-339DE9B98197}" = protocol=6 | dir=in | app=g:\games\wic\wic_online.exe |
"{30B63419-0CCA-40B1-8D21-A4D6CAB112E7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{3F00F963-CED6-4038-8E78-BA3CD80E2C9A}" = protocol=17 | dir=in | app=g:\games\wic\wic_ds.exe |
"{3FC34FF8-4975-486F-900A-6E9CEEA764F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{3FC96849-F369-4141-BFDB-BAE1EC0DC1A5}" = protocol=6 | dir=in | app=i:\games\anno2070\initengine.exe |
"{41E389D7-81EC-4BD6-B7FE-3569ACE02689}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4B69359E-42E9-4568-8CE9-DDD5D5F90281}" = protocol=17 | dir=in | app=i:\games\wow\launcher.exe |
"{4BD65A27-79D3-4B53-9531-A971029DB4AA}" = protocol=6 | dir=in | app=g:\games\wow\launcher.patch.exe |
"{5101860A-6F7B-4DFE-8850-BCD4EDD264DF}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5227FC86-605C-41C0-A5F4-5792F216FE9A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{53C1B67E-ED56-4DD6-91B8-CB668668BF6F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{54569CAF-D323-489F-ACB7-1BE43D77CF54}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{545EB6D1-B90D-4860-A828-B2F819E75274}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5478C98C-2A6C-4D81-AAEB-DE0CA86AB553}" = protocol=6 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe |
"{54CE7B81-4C7F-43D4-85A7-F2E278B1E453}" = protocol=17 | dir=in | app=i:\games\wow\launcher.patch.exe |
"{5729A6F2-CD0D-4CBD-AEEB-F27777FEFA60}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{58D72CD0-A5CA-4A67-AAB7-2DCD46BC2AE8}" = protocol=6 | dir=in | app=i:\games\anno2070\autopatcher.exe |
"{5E7FC184-6D04-4A84-8EF4-EA393BCF5474}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5F5D0F35-831B-4E0C-B18E-74A2F49932B0}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{5F9A8E49-6AC6-43B0-AC5B-D12C43EAD577}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63A71835-9A76-48E8-B332-DFA1E17BCB2A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{659B5904-F19D-4607-8B38-9FD9BA2E5603}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{68037AC9-4F22-47D7-AB90-909806DB0893}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{68F11528-0728-4F44-B187-739D755EF83F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6B36935A-49D1-44AE-8C41-9A5ED0B20C1D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6E126CB9-0ED0-48B0-BEB2-6D268CB3DAC8}" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe |
"{77484F17-ADF2-4D76-BFD7-1EE4D953826B}" = protocol=17 | dir=in | app=i:\games\anno2070\anno5.exe |
"{7C9AF305-051D-4AC8-81F7-2B591115A33B}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{7CFE74E0-75D6-4A88-A5D4-31920EC39309}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7EA96289-1994-4AA6-9959-6617485C367E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{80B3D677-4830-497F-8CF0-3FDCAE776D0F}" = protocol=17 | dir=in | app=g:\games\wow\wow.exe |
"{8346B1F6-12A9-431F-9568-CC6B2EEBE311}" = protocol=17 | dir=in | app=g:\games\wic\wic_online.exe |
"{866D3242-12A8-4FC0-80D6-00685AA48CE2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8CC8FAEE-2D2F-4E61-B788-2CB290140C18}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{8CE15293-095E-4A88-9FB8-834CEFCDD452}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8FBC715A-DA00-428F-8CF8-2BD9C6D1ED10}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{90524EF1-DC64-4548-A882-78D1997155A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94AD29BA-D745-46DF-8919-8026531B715A}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe |
"{95BEBB85-FB73-4106-B094-3E2907CFC94A}" = protocol=6 | dir=in | app=i:\games\wow\launcher.patch.exe |
"{97D6FC91-BF87-4011-AE55-C151774C1321}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{982D08A7-2634-41AD-BD59-9EA98F112689}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FBA2C4F-0B43-4BEF-B152-C5EEAEEC7B98}" = protocol=17 | dir=in | app=g:\games\wow\launcher.patch.exe |
"{A4C5DC85-2AD4-4718-8599-B3789D09043D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A517D883-2D35-40E4-A745-5542B6E9D351}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A774104E-5007-4D33-A0B4-2DA0C8634E08}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A9E40D99-CA3F-43AC-9BF4-ED6B5F38E0A4}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe |
"{AA01B764-A74B-473A-963A-6A34F7F34D75}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{AB0CC0EA-90FD-4115-A787-C64E843ADEAA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{AE3F5F0F-04E3-4685-99F3-23A9394B9C23}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{B0D5CC6C-1952-4F81-999B-01B10FEE86C5}" = protocol=17 | dir=in | app=g:\games\wic\wic.exe |
"{B1C3A08C-B6F9-4347-B20E-BCCC2A81C830}" = protocol=17 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe |
"{B686FF9F-F732-4F8A-A447-1C21DCAF4CDD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{B953ACA5-75B0-49DA-AF03-53FB1E7C71E6}" = protocol=17 | dir=in | app=i:\games\wow\blizzard downloader.exe |
"{BA357AF2-BB10-415B-9D8D-2F8342B91ABA}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BC5D9CB1-A212-4C74-AACB-A58A95879484}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{BE87105B-5014-4EA4-97D7-0F9733F66DA1}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe |
"{C3464EFA-D9E4-48A3-B7D9-7325AE001BA8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{C6AD9BDC-32DE-4639-98AD-A1F3E9C57DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C845F0CE-45B4-48E1-BC2A-88AE7BED07ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDA177F1-AB08-446B-B57F-30E5ED50F264}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{D3F320C8-B80B-4E78-9D75-25673467A044}" = protocol=17 | dir=in | app=i:\games\anno2070\initengine.exe |
"{D5B5296D-1FE8-4DA0-8F93-491330D20351}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{D5F6E41B-2ECA-4016-BF98-1B0D5DA3DFC5}" = protocol=17 | dir=in | app=i:\games\anno2070\autopatcher.exe |
"{D78D8474-3932-4D43-890B-139D911ECC40}" = protocol=6 | dir=in | app=g:\games\wic\wic_ds.exe |
"{D821C05E-5CEF-4EA1-9477-74575DA63A6A}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe |
"{DEB66874-8001-47DD-B934-4DF63F0FD4EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E1543EC3-BC2F-4FFA-828E-E3BE0B8E428C}" = protocol=6 | dir=in | app=g:\games\wic\wic.exe |
"{E4E34D2F-2C19-483A-A50B-F0944C136651}" = protocol=6 | dir=in | app=i:\games\wow\blizzard downloader.exe |
"{E83E2AE8-DA1E-46AE-B4F6-56ABCA56E322}" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe |
"{E86DDBDF-0F76-4315-82FF-24C6F0E249FD}" = protocol=6 | dir=in | app=g:\games\curse-update\curse\curseclient.exe |
"{E94D8F60-07B3-4E96-ADDA-9DA288C0F893}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EE7B6452-F538-442B-BC55-29821B39682D}" = protocol=6 | dir=in | app=g:\programme\curse\curseclient.exe |
"{EF949FAD-9773-4C61-8D4B-C038F22BC4B6}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe |
"{F037F140-FE70-41BC-A6DA-05D7AEA5E214}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F26D9838-0095-473B-897E-1E067D5757E3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F9E2E550-227A-45B5-B8CD-5F4D2D2D3788}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"TCP Query User{002FF392-4EA9-458C-9326-FC57F2C54989}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe |
"TCP Query User{0D9FEC77-D221-4FB0-921C-DF8F521B5FB0}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe |
"TCP Query User{18D64428-EC98-4BC4-A295-42A40C3F703A}G:\games\xfire\xfire.exe" = protocol=6 | dir=in | app=g:\games\xfire\xfire.exe |
"TCP Query User{1C1A8E54-4DFE-4024-8BD7-787D9AC85FCA}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"TCP Query User{1D88AB4C-D457-4AF2-804C-463D3A1072FE}I:\games\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\launcher.exe |
"TCP Query User{1D987B5F-E0FC-477D-95FC-0E806B5A239D}I:\games\nfsdata\data\nfsw.exe" = protocol=6 | dir=in | app=i:\games\nfsdata\data\nfsw.exe |
"TCP Query User{2B547AAB-8CD0-4B59-9429-5058CF4FEF3E}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe |
"TCP Query User{35AA4809-6E8A-42B9-A1C3-D86195A9A3D0}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe |
"TCP Query User{3DDB9888-39D5-4404-8908-49082D460278}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe |
"TCP Query User{44655A35-5F51-4E4A-832F-3815D098ECB9}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe |
"TCP Query User{4D4085EB-4564-481F-A9CC-3FEF99B2F61C}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=6 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe |
"TCP Query User{5024B43E-7377-4529-AF79-99B071F25A0A}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe |
"TCP Query User{55BB76A4-B5E9-4002-AEB3-2CEED9F38145}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe |
"TCP Query User{5814365D-1C2D-4986-9614-5FFD3FABBFED}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{5AE677A0-6FDD-41E8-A26D-AE6A9160228D}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{5F843565-50AF-4DB7-945B-AD862742B378}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{5FE1D7A5-B8F7-475C-AE51-7701A9DC95E6}I:\progr\flashfxp\flashfxp.exe" = protocol=6 | dir=in | app=i:\progr\flashfxp\flashfxp.exe |
"TCP Query User{771F8A17-0C1F-4F9C-AEFE-3DF28A582DD1}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"TCP Query User{7B22848F-0FB3-4AF9-AF1A-88F390FCFCB0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{89F81AF9-3D97-40FB-9209-1590B5B2CEB3}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe |
"TCP Query User{8AE0ACC8-46B9-4847-BF9D-E290F9DC45B4}G:\games\wow\launcher.exe" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe |
"TCP Query User{930266F9-88D7-45C9-887B-C3F3ABE74B07}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A17282FB-B4BF-40D4-BC42-C3AEEAC8C33F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{B2D97FFA-3FD3-4CDE-BA8B-1329ED8E1B9D}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"TCP Query User{B7585B8B-2A19-4C23-944B-8E912D28075E}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe |
"TCP Query User{CF633BC3-1F30-4903-9B99-157DEFDB282F}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe |
"TCP Query User{DC4E0EA1-8598-4523-80D4-4509089DBACC}C:\program files (x86)\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe |
"TCP Query User{DD2A3CF6-8BCE-4F91-9F51-1EAE4F86EA02}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe |
"TCP Query User{DEF59468-82FA-4945-9563-AB96163FA13E}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{DF2EA308-E863-48ED-89E8-B49D2EC5734C}I:\games\wow\backgrounddownloader.exe" = protocol=6 | dir=in | app=i:\games\wow\backgrounddownloader.exe |
"TCP Query User{E3B68C0A-DD3A-47BE-8B7C-465D726F7C8D}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{ECEB4E5A-5141-421E-8281-B4C092DB8ED0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{ED706206-0183-4957-8CAA-D19397657864}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe |
"TCP Query User{EF9ED909-429D-407D-91E2-F6B90A201FAB}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"TCP Query User{F5BA07E2-3145-4207-891D-4D40A126C92E}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"TCP Query User{F84C74B8-4D6D-43BC-8380-EFF5F6F1AC3C}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{00638281-18E7-4C1E-9C7F-D565D3093DFF}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe |
"UDP Query User{0442A47B-6151-4537-B10F-112EBA7BCE32}I:\games\nfsdata\data\nfsw.exe" = protocol=17 | dir=in | app=i:\games\nfsdata\data\nfsw.exe |
"UDP Query User{0968541E-56B4-4B4F-ABC7-D88480CA8B45}G:\games\wow\launcher.exe" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe |
"UDP Query User{0AC935C4-339F-44A1-B626-5741CA0C5AE9}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{1258D574-5DAC-47D0-88A5-95445FEA32CB}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe |
"UDP Query User{27893D58-C36F-47EA-A9F7-F510017D6978}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=17 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe |
"UDP Query User{2AD61E50-1526-4C6E-8973-5A37A15D6BDF}G:\games\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=g:\games\tdu\testdriveunlimited.exe |
"UDP Query User{34CAE53B-9CF3-4617-8C0A-A55F938620E4}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe |
"UDP Query User{36B8ECAA-D49C-4CE2-8264-6A68708A5ED4}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{42E1019A-94C8-4242-95F0-7BD3BD0FEE25}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"UDP Query User{5050BB1A-4B4E-4355-9DA1-927B0B5902F7}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe |
"UDP Query User{6A001F8D-9A9A-479A-BF41-AF8C68E33F8C}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{73AB5A04-3953-4BC9-B290-88518381E748}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe |
"UDP Query User{77ED7EB2-A07F-4800-817D-73CF6B4CC3F3}C:\program files (x86)\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe |
"UDP Query User{786C8032-7510-474F-B98C-7EA7544965BD}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe |
"UDP Query User{7C0DFF2E-8A31-48A5-ABC6-30C3D2CF47B4}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{7DF54149-770B-45BE-992B-107A594AAEE4}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe |
"UDP Query User{7E41A449-645C-4A50-A48F-A5E25D359A84}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe |
"UDP Query User{8B5EFDE4-F015-4A7C-A0EB-A9BF08BA2FB3}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe |
"UDP Query User{987F2123-CFAF-4DCF-9194-2DAFAF8B5DEE}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"UDP Query User{9946437E-CE04-49F5-B9FA-DABD51DC4C58}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe |
"UDP Query User{9FFB0D38-55D6-40BE-8A3A-1D0F47130C21}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe |
"UDP Query User{AAFD2325-E884-48CE-AD33-70490214AF78}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"UDP Query User{B6A4CF4A-5BF3-4162-B2A9-63C92DAE61FC}I:\progr\flashfxp\flashfxp.exe" = protocol=17 | dir=in | app=i:\progr\flashfxp\flashfxp.exe |
"UDP Query User{B8210782-4A29-477B-92A9-62069224F21F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{B96FD913-CDC6-4DE8-A2DB-160C3E81AF18}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{BB3CC26D-5C56-47BB-A8C4-6E2D0C971729}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe |
"UDP Query User{C1FFBE2A-204D-4FEE-B8DD-98539FBF3281}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{C6A77DD8-AE37-44DC-886E-4431DA11A007}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"UDP Query User{C854B65C-5FE9-4E1A-8A98-C2137C9C48BE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C8DCFB5E-08E6-4846-830E-E1D56E98700F}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe |
"UDP Query User{C9E61D69-7580-464F-B38E-9B91BD6A2992}I:\games\wow\backgrounddownloader.exe" = protocol=17 | dir=in | app=i:\games\wow\backgrounddownloader.exe |
"UDP Query User{CBE516B9-1A09-4D87-B221-BC212B8B7B54}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"UDP Query User{D8D1AD99-1249-4E9C-8794-F1076B73EB89}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{E17D8665-80BD-4CDA-BB81-EEE3CF07F91C}G:\games\xfire\xfire.exe" = protocol=17 | dir=in | app=g:\games\xfire\xfire.exe |
"UDP Query User{EC24BC8F-57B6-41DC-A9DE-1BF5D9CFACFD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{FD129E22-291D-4D34-A372-AA56F63AA9BD}I:\games\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit)
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C776F23B-8ACA-4287-9F65-461B2B1B29B4}" = Debugging Tools for Windows 64-bit
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.8.0.224
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7D386596-0E80-4808-8AAE-C1DDA8212F7F}" = Adobe Setup
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{901A0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C53CFB2A-B76B-4C8E-842F-9961EFE760EB}" = RSDLite
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE246151-F0E8-ABC8-AEB2-7F3E188EFBF5}" = TweetDeck
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_25db75244653b42cb93dc27939d1c0e" = Adobe Dreamweaver CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CurseClient" = Curse Client
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"doubleTwist" = doubleTwist
"Driver Sweeper_is1" = Driver Sweeper 1.0
"ElsterFormular 11.5.1.4843" = ElsterFormular
"ESN Sonar-0.70.0" = ESN Sonar
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"FileZilla Client" = FileZilla Client 3.5.2
"FLVPlayer" = FLV Player 1.3.3
"GnuPG" = GNU Privacy Guard
"GPG4Win" = GnuPG For Windows
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.1.5 Standard
"Loki Browser Plugin" = Loki Browser Plugin
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MPE" = MyPhoneExplorer
"NetLimiter 2 Pro" = NetLimiter 2 Pro (remove only)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Veetle TV" = Veetle TV 0.9.16
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.0.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.02.2012 09:37:54 | Computer Name = Boss-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
Error - 05.02.2012 09:38:34 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:38:43 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:38:45 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:39:52 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:41:02 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:46:23 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:49:10 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 05.02.2012 09:50:15 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06.02.2012 11:44:14 | Computer Name = Boss-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 10.0.0.4411 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 3f0 Anfangszeit: 01cce4e58fc76bcb Zeitpunkt der
Beendigung: 64
[ NetLimiter Events ]
Error - 08.08.2008 05:27:52 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 10.08.2008 07:10:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 10.08.2008 18:06:59 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 11.08.2008 06:32:55 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 12.08.2008 06:28:17 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 12.08.2008 18:07:27 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 13.08.2008 06:50:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 13.08.2008 08:30:00 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 14.08.2008 06:32:18 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
Error - 28.09.2009 08:36:05 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
[ System Events ]
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Code:
ATTFilter OTL logfile created on: 06.02.2012 17:39:33 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Andreas\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free 8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free Paging file location(s): i:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Andreas\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe () PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll () MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe () ========== Win32 Services (SafeList) ========== SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc) DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola) DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation) DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation) DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation) DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation) DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation) DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation) DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation) DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc) DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research) FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation) O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found. O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found O4 - HKCU..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control) O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class) O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner [2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment [2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech [2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB [2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer [2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012.01.12 11:26:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.12 11:26:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.11 13:03:27 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 13:03:26 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 13:03:26 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 13:03:26 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 13:03:16 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 13:03:15 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll [2012.01.11 13:03:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll [2012.01.11 13:03:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll [2012.01.11 13:03:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll [2012.01.11 13:03:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll [2012.01.11 13:03:12 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.01.11 13:03:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 13:03:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.06 17:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job [2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.06 17:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job [2012.02.06 16:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.02.06 16:58:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job [2012.02.06 16:13:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.06 16:12:57 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys [2012.02.05 15:17:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.02.05 02:36:37 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job [2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.22 23:43:25 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini [2012.01.16 02:06:21 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job [2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job [2012.02.06 16:12:57 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys [2012.01.22 23:43:25 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012.01.16 02:06:21 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk [2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini [2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI [2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini [2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini [2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll [2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll [2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat [2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat [2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys ========== LOP Check ========== [2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus [2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner [2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro [2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync [2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime [2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP [2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia [2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite [2012.02.05 15:17:09 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > |
|
06.02.2012, 20:34
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Funktioniert noch der abgesicherte Modus mit Netzwerktreibern?
__________________Abgesicherter Modus zur Bereinigung
__________________ |
|
06.02.2012, 22:20
| #3 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Hallo,
__________________ja, der geht noch. |
|
07.02.2012, 09:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) na wenn der Modus geht wirst du erstmal MBAM/ESET probieren können: Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.02.2012, 14:51
| #5 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Hallo, hier das erste Log. Der Scan dauerte recht lange. Code:
ATTFilter Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.01.13.04 Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 Andreas :: BOSS-PC [limited] 07.02.2012 12:36:49 mbam-log-2012-02-07 (12-36-49).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 785935 Time elapsed: 2 hour(s), 12 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
|
07.02.2012, 16:19
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________ --> Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) |
|
07.02.2012, 18:26
| #7 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Ne, das wurde zum ersten Mal ausgefuehrt. Keine weiteren Logs. Und hier jetzt von diesem anderen Progr. Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0dd3d32856394942a79ce366e3778251
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-07 05:22:32
# local_time=2012-02-07 06:22:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 56 38459299 166147048 0 0
# compatibility_mode=8192 67108863 100 0 14629 14629 0 0
# scanned=661786
# found=8
# cleaned=0
# scan_time=12304
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\43b9174a-4401181f a variant of Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7212ea8f-14480d28 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49cfaf11-10591ffe multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\75176865-4f0f9ea5 a variant of Java/Agent.DM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\73216bbe-5d421260 a variant of Java/Exploit.Agent.NAC trojan (unable to clean) 00000000000000000000000000000000 I
I:\backup-telefon\sdcard-03-08-2011\download\PayPal.zip a variant of Win32/Injector.HCR trojan (unable to clean) 00000000000000000000000000000000 I
I:\downloads\GingerBreak-v1.20.apk Linux/Exploit.Lotoor.AH trojan (unable to clean) 00000000000000000000000000000000 I
I:\temp\android-sd\download\PayPal.zip a variant of Win32/Injector.HCR trojan (unable to clean) 00000000000000000000000000000000 I
|
|
07.02.2012, 20:36
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Da sind aber keine typischen Funde dieser Ransomware! Funktioniert der normale Modus? Hast du irgendeinen anderen Benutzer (mit Adminrechten) für das Log genommen, der nicht das Problem hat oder hatte? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2012, 20:44
| #9 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Nein, ich habe den Benutzer genommen. Der Warnhinweis kommt jetzt auch sofort, nachdem der User angemeldet ist. Man sieht ganz kurz mein Desktophintergrundbild und schon ist die Warnmeldung da. Als das gestern zum ersten Mal auftauchte, sprang auch keien Schutzsoftware an, am Abend dann teilte mir Microsoft Security Essentials das mit. Keine Ahnung wie man da das Log rausbekommt, ich tippe es ab: Trojan:Win32/Ransom.EJ. Warnstufe Schwerwiegend. Elemente: containerfile:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe file:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe->(UPX) Ausgefuehrt (Entfernt). Irgendwo ist das Teil noch, da es jetzt sofort kommt. |
|
07.02.2012, 22:06
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2012, 23:32
| #11 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Hi, hier wie gewuenscht. OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.02.2012 23:10:37 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Virus\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 48,87% Memory free 8,21 Gb Paging File | 6,25 Gb Available in Paging File | 76,12% Paging File free Paging file location(s): i:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 73,24 Gb Total Space | 10,39 Gb Free Space | 14,19% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS Drive G: | 66,49 Gb Total Space | 15,75 Gb Free Space | 23,68% Space Free | Partition Type: NTFS Drive H: | 98,12 Gb Total Space | 53,78 Gb Free Space | 54,81% Space Free | Partition Type: NTFS Drive I: | 134,76 Gb Total Space | 37,23 Gb Free Space | 27,63% Space Free | Partition Type: NTFS Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Virus\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe () PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe () ========== Win32 Services (SafeList) ========== SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG) DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc) DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola) DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation) DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation) DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation) DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation) DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation) DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation) DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation) DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc) DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 08 0B B0 E2 E4 CC 01 [binary data] IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research) FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found. O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control) O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class) O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk - - File not found MsConfig:64bit - StartUpFolder: C:^Users^Andreas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk - - File not found MsConfig:64bit - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) MsConfig:64bit - StartUpReg: AcronisTimounterMonitor - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= - I:\progr\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) MsConfig:64bit - StartUpReg: MobileBroadband - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) MsConfig:64bit - StartUpReg: Nokia.PCSync - hkey= - key= - File not found MsConfig:64bit - StartUpReg: OODefragTray - hkey= - key= - File not found MsConfig:64bit - StartUpReg: PC Suite Tray - hkey= - key= - File not found MsConfig:64bit - StartUpReg: PCSuiteTrayApplication - hkey= - key= - File not found MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: RivaTunerStartupDaemon - hkey= - key= - File not found MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig:64bit - StartUpReg: TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) MsConfig:64bit - StartUpReg: TVgenial - hkey= - key= - File not found MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: WudfPf - Driver SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353) ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4CF30EEE-A775-4B09-020A-97471021493D} - Internet Explorer ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe ActiveX: {BA4F0990-B822-A685-E10D-A40B2B462565} - Viewpoint Media Player ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EE5B8873-4930-0295-D83A-F45EAFE2F9A1} - Internet Explorer ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.02.07 11:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.02.07 11:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.07 11:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.07 11:53:12 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.02.07 11:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner [2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment [2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech [2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB [2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer [2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.07 23:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job [2012.02.07 22:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.07 22:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job [2012.02.07 22:02:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job [2012.02.07 19:54:46 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.07 18:29:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.07 18:29:31 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys [2012.02.07 11:55:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job [2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.07 18:29:31 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys [2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job [2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job [2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini [2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI [2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini [2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini [2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll [2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll [2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat [2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat [2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI [2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys ========== LOP Check ========== [2008.10.16 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acreon [2008.01.06 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acronis [2011.01.10 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Amazon [2011.01.07 16:22:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AnvSoft [2008.11.03 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ashampoo [2008.04.29 11:57:04 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Azureus [2012.01.23 18:01:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\BigHugeEngine [2008.01.04 22:22:00 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Codemasters [2009.06.23 15:23:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DAEMON Tools Pro [2007.06.16 15:02:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DeepBurner [2011.05.19 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers [2012.01.16 02:14:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\elsterformular [2011.11.22 13:08:51 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FileZilla [2009.07.19 23:10:48 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FUEL Demo [2009.08.15 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GetRightToGo [2007.03.04 13:44:09 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GHISLER [2010.11.24 03:12:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gnupg [2008.11.03 22:38:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gtk-2.0 [2011.05.28 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC [2011.05.28 17:42:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2007.03.04 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IE7pro [2008.01.02 19:40:29 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\InfraRecorder [2011.08.07 12:31:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IrfanView [2009.09.17 14:43:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ivacy [2010.12.19 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\KeePass [2010.09.03 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Keynote Systems [2010.01.01 17:54:23 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech [2008.06.07 10:44:33 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\LG Electronics [2008.05.10 14:15:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Locktime [2008.07.23 19:35:02 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Miranda [2007.03.22 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Mobile Master [2007.03.15 11:19:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MusicIP [2011.06.08 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MyPhoneExplorer [2010.09.12 23:33:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Need for Speed World [2010.06.08 14:10:39 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\NVD [2009.01.09 17:42:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\OpenOffice.org [2009.08.07 20:20:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera [2012.01.22 23:43:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Origin [2011.12.11 12:59:44 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PC Suite [2007.01.30 03:25:17 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PeerNetworking [2008.10.16 20:10:36 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Prabang [2011.04.27 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\SoftGrid Client [2008.07.14 23:38:25 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Teleca [2010.07.24 15:25:28 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Thunderbird [2011.04.27 16:04:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TP [2007.09.19 19:51:24 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TrueCrypt [2011.05.18 15:27:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TVgenial [2009.04.04 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1 [2009.12.03 18:15:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2011.11.16 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ubisoft [2011.03.19 15:01:54 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\uTorrent [2011.04.22 16:37:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Vodafone [2009.05.13 15:41:19 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\winpt [2007.07.27 23:08:58 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\WowAceUpdater [2011.06.15 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\XMedia Recode [2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus [2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner [2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro [2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync [2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime [2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP [2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia [2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite [2012.02.07 11:55:37 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.02.05 14:38:51 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Adobe [2012.02.05 14:33:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Apple Computer [2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus [2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner [2007.01.27 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Identities [2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro [2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync [2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime [2012.02.05 14:34:15 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Logitech [2007.02.08 02:12:04 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Macromedia [2006.11.02 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Media Center Programs [2012.02.05 14:36:46 | 000,000,000 | --SD | M] -- C:\Users\Boss\AppData\Roaming\Microsoft [2007.01.30 10:59:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Mozilla [2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP [2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia [2007.03.30 15:54:48 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\OpenOffice.org2 [2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite [2007.05.09 14:06:08 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Real [2007.04.06 15:15:53 | 000,000,000 | RH-D | M] -- C:\Users\Boss\AppData\Roaming\SecuROM [2007.03.15 19:10:34 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Sony Corporation [2007.01.30 10:59:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Talkback [2007.01.31 23:41:17 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\teamspeak2 < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2006.11.02 13:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys [2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys < MD5 for: ATAPI.SYS > [2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys [2008.01.19 09:07:46 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys [2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys [2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll [2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008.01.19 09:11:31 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys [2006.11.02 12:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows\SysNative\drivers\iaStorV.sys < MD5 for: NETLOGON.DLL > [2008.01.19 09:03:01 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll [2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll [2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll [2006.11.02 12:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 13:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows\SysNative\drivers\nvstor.sys [2008.01.19 09:08:50 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll [2006.11.02 12:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll [2008.01.19 09:03:55 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll [2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll [2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll < MD5 for: USER32.DLL > [2006.11.02 10:44:25 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=00B53DCA0408CCD8F6BAF13994F6E3A0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_3174f01b5d2fa18f\user32.dll [2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=296BA70E2A302E639CBD9E2A32DC65C4 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_31ad02315d0545af\user32.dll [2008.01.19 09:04:23 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll [2008.01.19 08:32:19 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll [2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=437C1C0CB2A42EA20083F21E9CAEF461 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_32359eb27623cc22\user32.dll [2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=707CD582A4F93DB789336A5CE9527970 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_275857df28a483b4\user32.dll [2006.11.02 12:19:10 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=95D5555CC7BD8F520996E35D36491EEF -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_272045c928cedf94\user32.dll [2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll [2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll [2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=E4E3ED1E0D1D8C33A9C94ABEA1C8BC96 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_27e0f46041c30a27\user32.dll [2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll [2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll < MD5 for: USERINIT.EXE > [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe [2006.11.02 12:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe [2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe [2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe < MD5 for: WININIT.EXE > [2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe [2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe [2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe [2006.11.02 12:16:20 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=6F92CE5B50283B0C0A7A539ED552039A -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_8ada9256bfc30704\wininit.exe [2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.19 09:00:45 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 12:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe [2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys [2006.11.02 10:47:52 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=C4EE49DB7EADC812DBC0ECCF2E7FB929 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_a96e7a5c834006a3\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010.09.13 16:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll [2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] ========== Alternate Data Streams ========== @Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > |
|
08.02.2012, 10:01
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk - - File not found
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2012, 14:07
| #13 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Moin, so, hier das Ergebnis. Beim ersten Versuch reagierte OTL dann nicht mehr. Reboot. Noch einmal durchgefuehrt, ging, danach verlangte OTL einen Reboot. Gemacht. Hier das Log. Ist natuerlich von einem anderen Benutzer ausgefuehrt worden, da kein Login moeglich ist beim betroffenen User. Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TVgenial not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File D:\AUTOEXEC.BAT not found.
Unable to delete ADS C:\ProgramData\TEMP:05EE1EEF .
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Andreas
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 25882642 bytes
->Java cache emptied: 76177967 bytes
->FireFox cache emptied: 244359456 bytes
->Google Chrome cache emptied: 272101057 bytes
->Apple Safari cache emptied: 4017152 bytes
->Opera cache emptied: 369270 bytes
->Flash cache emptied: 2011158 bytes
User: Boss
->Temp folder emptied: 5269047 bytes
->Temporary Internet Files folder emptied: 24685263 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3339016 bytes
->Google Chrome cache emptied: 13566073 bytes
->Flash cache emptied: 566 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Virus
->Temp folder emptied: 4097577 bytes
->Temporary Internet Files folder emptied: 13769794 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16626134 bytes
->Google Chrome cache emptied: 172390403 bytes
->Flash cache emptied: 58983 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 1610800 bytes
%systemroot%\System32 (64bit) .tmp files removed: 7254528 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10010698 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 856,00 mb
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 02082012_135818
Files\Folders moved on Reboot...
C:\Users\Boss\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\SysNative\SET24F3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET271C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET49A0.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
08.02.2012, 14:08
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2012, 14:16
| #15 |
| | Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) Und schon bin ich wieder da. Code:
ATTFilter
14:14:21.0699 5908 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
14:14:21.0878 5908 ============================================================
14:14:21.0878 5908 Current date / time: 2012/02/08 14:14:21.0878
14:14:21.0879 5908 SystemInfo:
14:14:21.0879 5908
14:14:21.0879 5908 OS Version: 6.0.6002 ServicePack: 2.0
14:14:21.0879 5908 Product type: Workstation
14:14:21.0879 5908 ComputerName: BOSS-PC
14:14:21.0879 5908 UserName: Boss
14:14:21.0879 5908 Windows directory: C:\Windows
14:14:21.0879 5908 System windows directory: C:\Windows
14:14:21.0879 5908 Running under WOW64
14:14:21.0879 5908 Processor architecture: Intel x64
14:14:21.0879 5908 Number of processors: 2
14:14:21.0879 5908 Page size: 0x1000
14:14:21.0879 5908 Boot type: Normal boot
14:14:21.0879 5908 ============================================================
14:14:22.0261 5908 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0264 5908 Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0280 5908 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0286 5908 \Device\Harddisk0\DR0:
14:14:22.0295 5908 MBR used
14:14:22.0295 5908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
14:14:22.0309 5908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
14:14:22.0309 5908 \Device\Harddisk1\DR1:
14:14:22.0309 5908 MBR used
14:14:22.0309 5908 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x927C000
14:14:22.0309 5908 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x927C800, BlocksNum 0x84FB800
14:14:22.0309 5908 \Device\Harddisk2\DR2:
14:14:22.0309 5908 MBR used
14:14:22.0309 5908 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC43D800
14:14:22.0309 5908 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0xC43E000, BlocksNum 0x10D86800
14:14:22.0486 5908 Initialize success
14:14:22.0486 5908 ============================================================
14:14:42.0961 5936 ============================================================
14:14:42.0961 5936 Scan started
14:14:42.0961 5936 Mode: Manual; SigCheck; TDLFS;
14:14:42.0961 5936 ============================================================
14:14:43.0168 5936 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
14:14:43.0276 5936 ACPI - ok
14:14:43.0337 5936 ADIHdAudAddService (9c2430847d0d7df0cb60eface1aa453a) C:\Windows\system32\drivers\ADIHdAud.sys
14:14:43.0384 5936 ADIHdAudAddService - ok
14:14:43.0469 5936 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
14:14:43.0518 5936 adp94xx - ok
14:14:43.0550 5936 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
14:14:43.0594 5936 adpahci - ok
14:14:43.0618 5936 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
14:14:43.0638 5936 adpu160m - ok
14:14:43.0668 5936 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
14:14:43.0688 5936 adpu320 - ok
14:14:43.0763 5936 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
14:14:43.0818 5936 AFD - ok
14:14:43.0836 5936 agp440 (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
14:14:43.0853 5936 agp440 - ok
14:14:43.0872 5936 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
14:14:43.0889 5936 aic78xx - ok
14:14:43.0910 5936 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
14:14:43.0925 5936 aliide - ok
14:14:43.0953 5936 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
14:14:43.0969 5936 amdide - ok
14:14:43.0993 5936 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys
14:14:44.0222 5936 AmdK8 - ok
14:14:44.0372 5936 amdkmdag (1147f8816d4ddc9fc43a40df52f40500) C:\Windows\system32\DRIVERS\atipmdag.sys
14:14:44.0621 5936 amdkmdag - ok
14:14:44.0653 5936 amdkmdap (ebc963d8f5b04c98f5ef597aae79cddd) C:\Windows\system32\DRIVERS\atikmpag.sys
14:14:44.0681 5936 amdkmdap - ok
14:14:44.0732 5936 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
14:14:44.0749 5936 arc - ok
14:14:44.0768 5936 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
14:14:44.0785 5936 arcsas - ok
14:14:44.0795 5936 AsIO - ok
14:14:44.0831 5936 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:44.0949 5936 AsyncMac - ok
14:14:44.0973 5936 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
14:14:44.0991 5936 atapi - ok
14:14:45.0020 5936 AtiHdmiService (19aaa5fa3a9804b8722f7b95649fb6c9) C:\Windows\system32\drivers\AtiHdmi.sys
14:14:45.0055 5936 AtiHdmiService - ok
14:14:45.0096 5936 blbdrive - ok
14:14:45.0130 5936 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
14:14:45.0161 5936 bowser - ok
14:14:45.0175 5936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
14:14:45.0210 5936 BrFiltLo - ok
14:14:45.0230 5936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
14:14:45.0268 5936 BrFiltUp - ok
14:14:45.0292 5936 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
14:14:45.0353 5936 Brserid - ok
14:14:45.0372 5936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
14:14:45.0429 5936 BrSerWdm - ok
14:14:45.0451 5936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
14:14:45.0515 5936 BrUsbMdm - ok
14:14:45.0547 5936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
14:14:45.0612 5936 BrUsbSer - ok
14:14:45.0643 5936 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
14:14:45.0673 5936 BTCFilterService - ok
14:14:45.0714 5936 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
14:14:45.0738 5936 BthEnum - ok
14:14:45.0757 5936 BTHMODEM (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:45.0787 5936 BTHMODEM - ok
14:14:45.0819 5936 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
14:14:45.0856 5936 BthPan - ok
14:14:45.0907 5936 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
14:14:45.0958 5936 BTHPORT - ok
14:14:46.0000 5936 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
14:14:46.0031 5936 BTHUSB - ok
14:14:46.0068 5936 btusbflt (143f130d53cf9c6971c5404b92dd8d4b) C:\Windows\system32\drivers\btusbflt.sys
14:14:46.0101 5936 btusbflt - ok
14:14:46.0112 5936 btwaudio - ok
14:14:46.0141 5936 btwrchid - ok
14:14:46.0166 5936 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
14:14:46.0207 5936 cdfs - ok
14:14:46.0233 5936 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
14:14:46.0264 5936 cdrom - ok
14:14:46.0288 5936 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
14:14:46.0347 5936 circlass - ok
14:14:46.0372 5936 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
14:14:46.0403 5936 CLFS - ok
14:14:46.0436 5936 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
14:14:46.0451 5936 cmdide - ok
14:14:46.0471 5936 Compbatt (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys
14:14:46.0489 5936 Compbatt - ok
14:14:46.0511 5936 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
14:14:46.0536 5936 crcdisk - ok
14:14:46.0582 5936 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
14:14:46.0651 5936 CSC - ok
14:14:46.0686 5936 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
14:14:46.0723 5936 DfsC - ok
14:14:46.0754 5936 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
14:14:46.0773 5936 disk - ok
14:14:46.0797 5936 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
14:14:46.0825 5936 drmkaud - ok
14:14:46.0851 5936 dump_wmimmc - ok
14:14:46.0900 5936 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
14:14:46.0948 5936 DXGKrnl - ok
14:14:46.0970 5936 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:14:47.0029 5936 E1G60 - ok
14:14:47.0052 5936 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
14:14:47.0076 5936 Ecache - ok
14:14:47.0118 5936 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
14:14:47.0155 5936 elxstor - ok
14:14:47.0203 5936 ewusbnet (0b8880f8d9a781670557307e2bca6bd6) C:\Windows\system32\DRIVERS\ewusbnet.sys
14:14:47.0236 5936 ewusbnet - ok
14:14:47.0273 5936 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:14:47.0299 5936 ew_hwusbdev - ok
14:14:47.0346 5936 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
14:14:47.0388 5936 exfat - ok
14:14:47.0420 5936 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
14:14:47.0457 5936 fastfat - ok
14:14:47.0483 5936 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
14:14:47.0521 5936 fdc - ok
14:14:47.0555 5936 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
14:14:47.0575 5936 FileInfo - ok
14:14:47.0603 5936 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
14:14:47.0641 5936 Filetrace - ok
14:14:47.0693 5936 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:47.0729 5936 flpydisk - ok
14:14:47.0760 5936 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
14:14:47.0789 5936 FltMgr - ok
14:14:47.0841 5936 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
14:14:47.0870 5936 Fs_Rec - ok
14:14:47.0906 5936 FTDIBUS (0f210048c6bfbfbc0f50816bce40b575) C:\Windows\system32\drivers\ftdibus.sys
14:14:47.0923 5936 FTDIBUS - ok
14:14:47.0946 5936 FTSER2K (814f098b02095814a8bebbf86d13fc90) C:\Windows\system32\drivers\ftser2k.sys
14:14:47.0961 5936 FTSER2K - ok
14:14:47.0992 5936 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
14:14:48.0015 5936 fvevol - ok
14:14:48.0043 5936 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
14:14:48.0061 5936 gagp30kx - ok
14:14:48.0100 5936 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:14:48.0118 5936 GEARAspiWDM - ok
14:14:48.0204 5936 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
14:14:48.0241 5936 HdAudAddService - ok
14:14:48.0292 5936 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:14:48.0371 5936 HDAudBus - ok
14:14:48.0390 5936 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
14:14:48.0447 5936 HidBth - ok
14:14:48.0464 5936 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
14:14:48.0530 5936 HidIr - ok
14:14:48.0573 5936 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
14:14:48.0606 5936 HidUsb - ok
14:14:48.0631 5936 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
14:14:48.0661 5936 HpCISSs - ok
14:14:48.0699 5936 HTCAND64 (894a75a3d6bfd97d73bf60d3022b567a) C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:14:48.0726 5936 HTCAND64 - ok
14:14:48.0761 5936 htcnprot (4f6c3122817049997cd696d4a38bfacb) C:\Windows\system32\DRIVERS\htcnprot.sys
14:14:48.0778 5936 htcnprot - ok
14:14:48.0819 5936 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
14:14:48.0874 5936 HTTP - ok
14:14:48.0905 5936 huawei_enumerator (2342e7fecca0d4e31bea5ff6a4e20885) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:14:48.0943 5936 huawei_enumerator - ok
14:14:48.0974 5936 hwdatacard (f47f112dc883f7a9e4618a006cc6de1b) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:14:49.0013 5936 hwdatacard - ok
14:14:49.0039 5936 hwusbfake (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:14:49.0071 5936 hwusbfake - ok
14:14:49.0093 5936 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
14:14:49.0110 5936 i2omp - ok
14:14:49.0143 5936 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
14:14:49.0176 5936 i8042prt - ok
14:14:49.0200 5936 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
14:14:49.0228 5936 iaStorV - ok
14:14:49.0256 5936 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
14:14:49.0274 5936 iirsp - ok
14:14:49.0301 5936 intelide (36a266c673812878996f72b200203fbb) C:\Windows\system32\drivers\intelide.sys
14:14:49.0318 5936 intelide - ok
14:14:49.0348 5936 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
14:14:49.0387 5936 intelppm - ok
14:14:49.0428 5936 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:49.0462 5936 IpFilterDriver - ok
14:14:49.0478 5936 IpInIp - ok
14:14:49.0500 5936 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
14:14:49.0560 5936 IPMIDRV - ok
14:14:49.0591 5936 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
14:14:49.0639 5936 IPNAT - ok
14:14:49.0681 5936 iPodDrv (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
14:14:49.0709 5936 iPodDrv - ok
14:14:49.0731 5936 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
14:14:49.0771 5936 IRENUM - ok
14:14:49.0787 5936 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
14:14:49.0804 5936 isapnp - ok
14:14:49.0834 5936 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
14:14:49.0860 5936 iScsiPrt - ok
14:14:49.0882 5936 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
14:14:49.0899 5936 iteatapi - ok
14:14:49.0916 5936 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
14:14:49.0933 5936 iteraid - ok
14:14:49.0953 5936 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:49.0971 5936 kbdclass - ok
14:14:49.0996 5936 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:50.0027 5936 kbdhid - ok
14:14:50.0081 5936 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
14:14:50.0129 5936 KSecDD - ok
14:14:50.0169 5936 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
14:14:50.0209 5936 ksthunk - ok
14:14:50.0266 5936 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
14:14:50.0284 5936 LGBusEnum - ok
14:14:50.0328 5936 lgmcbus (13424eaf5c4cb5bab7a2d283cb4904fd) C:\Windows\system32\DRIVERS\lgmcbus.sys
14:14:50.0350 5936 lgmcbus - ok
14:14:50.0394 5936 lgmcmdfl (d4bba6bd8d44baffe8b6ee4036e79248) C:\Windows\system32\DRIVERS\lgmcmdfl.sys
14:14:50.0419 5936 lgmcmdfl - ok
14:14:50.0444 5936 lgmcmdm (2241984e3c04fd7c43d57d89d379a6d8) C:\Windows\system32\DRIVERS\lgmcmdm.sys
14:14:50.0465 5936 lgmcmdm - ok
14:14:50.0492 5936 lgmcmgmt (44b32ad57019853a86faaf310b58c818) C:\Windows\system32\DRIVERS\lgmcmgmt.sys
14:14:50.0512 5936 lgmcmgmt - ok
14:14:50.0544 5936 lgmcnd5 (a6c32671fe8d2a34c9cb136765a57d51) C:\Windows\system32\DRIVERS\lgmcnd5.sys
14:14:50.0559 5936 lgmcnd5 - ok
14:14:50.0585 5936 lgmcobex (a12586fad733a117faeee17081d267bb) C:\Windows\system32\DRIVERS\lgmcobex.sys
14:14:50.0604 5936 lgmcobex - ok
14:14:50.0634 5936 lgmcunic (0adf858b34be72daf81d9a2cc46f7fdb) C:\Windows\system32\DRIVERS\lgmcunic.sys
14:14:50.0653 5936 lgmcunic - ok
14:14:50.0677 5936 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
14:14:50.0692 5936 LGVirHid - ok
14:14:50.0728 5936 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:14:50.0744 5936 LHidFilt - ok
14:14:50.0771 5936 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
14:14:50.0810 5936 lltdio - ok
14:14:50.0831 5936 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:14:50.0849 5936 LMouFilt - ok
14:14:50.0879 5936 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
14:14:50.0896 5936 LSI_FC - ok
14:14:50.0932 5936 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
14:14:50.0949 5936 LSI_SAS - ok
14:14:50.0965 5936 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
14:14:50.0983 5936 LSI_SCSI - ok
14:14:51.0015 5936 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
14:14:51.0059 5936 luafv - ok
14:14:51.0091 5936 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
14:14:51.0107 5936 megasas - ok
14:14:51.0134 5936 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
14:14:51.0172 5936 Modem - ok
14:14:51.0202 5936 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
14:14:51.0238 5936 monitor - ok
14:14:51.0269 5936 motccgp (338ba6b7170111edc2e43b5b4eaf17df) C:\Windows\system32\DRIVERS\motccgp.sys
14:14:51.0302 5936 motccgp - ok
14:14:51.0330 5936 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
14:14:51.0358 5936 motccgpfl - ok
14:14:51.0395 5936 MotDev (3cc500c9b0e4d476802d277353cb2c89) C:\Windows\system32\DRIVERS\motodrv.sys
14:14:51.0432 5936 MotDev - ok
14:14:51.0457 5936 motmodem (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
14:14:51.0490 5936 motmodem - ok
14:14:51.0522 5936 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
14:14:51.0545 5936 MotoSwitchService - ok
14:14:51.0568 5936 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
14:14:51.0591 5936 Motousbnet - ok
14:14:51.0615 5936 motusbdevice (307727f9829fb46ff4be0e4d1dac5002) C:\Windows\system32\DRIVERS\motusbdevice.sys
14:14:51.0650 5936 motusbdevice - ok
14:14:51.0669 5936 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
14:14:51.0688 5936 mouclass - ok
14:14:51.0703 5936 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
14:14:51.0743 5936 mouhid - ok
14:14:51.0773 5936 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
14:14:51.0793 5936 MountMgr - ok
14:14:51.0835 5936 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:14:51.0861 5936 MpFilter - ok
14:14:51.0878 5936 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
14:14:51.0895 5936 mpio - ok
14:14:51.0931 5936 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:14:51.0951 5936 MpNWMon - ok
14:14:51.0980 5936 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
14:14:52.0013 5936 mpsdrv - ok
14:14:52.0037 5936 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
14:14:52.0053 5936 Mraid35x - ok
14:14:52.0070 5936 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
14:14:52.0106 5936 MRxDAV - ok
14:14:52.0136 5936 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:52.0164 5936 mrxsmb - ok
14:14:52.0193 5936 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:52.0219 5936 mrxsmb10 - ok
14:14:52.0240 5936 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:52.0272 5936 mrxsmb20 - ok
14:14:52.0291 5936 msahci (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys
14:14:52.0307 5936 msahci - ok
14:14:52.0345 5936 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
14:14:52.0363 5936 msdsm - ok
14:14:52.0396 5936 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
14:14:52.0432 5936 Msfs - ok
14:14:52.0462 5936 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
14:14:52.0479 5936 msisadrv - ok
14:14:52.0509 5936 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
14:14:52.0559 5936 MSKSSRV - ok
14:14:52.0582 5936 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:52.0621 5936 MSPCLOCK - ok
14:14:52.0638 5936 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
14:14:52.0677 5936 MSPQM - ok
14:14:52.0705 5936 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
14:14:52.0736 5936 MsRPC - ok
14:14:52.0757 5936 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:52.0776 5936 mssmbios - ok
14:14:52.0801 5936 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
14:14:52.0839 5936 MSTEE - ok
14:14:52.0861 5936 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
14:14:52.0877 5936 MTsensor - ok
14:14:52.0899 5936 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
14:14:52.0920 5936 Mup - ok
14:14:52.0955 5936 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
14:14:52.0981 5936 NativeWifiP - ok
14:14:53.0027 5936 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
14:14:53.0071 5936 NDIS - ok
14:14:53.0096 5936 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:53.0128 5936 NdisTapi - ok
14:14:53.0156 5936 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:53.0199 5936 Ndisuio - ok
14:14:53.0226 5936 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:53.0260 5936 NdisWan - ok
14:14:53.0286 5936 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
14:14:53.0316 5936 NDProxy - ok
14:14:53.0348 5936 Nearagonser - ok
14:14:53.0364 5936 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
14:14:53.0401 5936 NetBIOS - ok
14:14:53.0429 5936 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
14:14:53.0474 5936 netbt - ok
14:14:53.0507 5936 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
14:14:53.0525 5936 nfrd960 - ok
14:14:53.0563 5936 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:14:53.0583 5936 NisDrv - ok
14:14:53.0628 5936 nmwcdcx64 (02c1198276c0d4f39e54eb5148af1e2a) C:\Windows\system32\drivers\ccdcmbox64.sys
14:14:53.0667 5936 nmwcdcx64 - ok
14:14:53.0697 5936 nmwcdx64 (d8f00fcc82451bdaa3db93bb62ae6ac3) C:\Windows\system32\drivers\ccdcmbx64.sys
14:14:53.0727 5936 nmwcdx64 - ok
14:14:53.0750 5936 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
14:14:53.0783 5936 Npfs - ok
14:14:53.0823 5936 NPPTNT2 - ok
14:14:53.0856 5936 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
14:14:53.0902 5936 nsiproxy - ok
14:14:53.0972 5936 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
14:14:54.0047 5936 Ntfs - ok
14:14:54.0067 5936 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
14:14:54.0107 5936 Null - ok
14:14:54.0182 5936 NVENETFD (99ed33f7fe39026a477893d92aea5ef0) C:\Windows\system32\DRIVERS\nvmfdx64.sys
14:14:54.0278 5936 NVENETFD - ok
14:14:54.0561 5936 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:14:55.0734 5936 nvlddmkm - ok
14:14:55.0756 5936 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
14:14:55.0777 5936 nvraid - ok
14:14:55.0795 5936 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
14:14:55.0812 5936 nvstor - ok
14:14:55.0836 5936 nvstor64 (e87e17e9fd94ee9f0dbde4b6ad882f26) C:\Windows\system32\DRIVERS\nvstor64.sys
14:14:55.0853 5936 nvstor64 - ok
14:14:55.0893 5936 NwlnkFlt - ok
14:14:55.0909 5936 NwlnkFwd - ok
14:14:55.0939 5936 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
14:14:55.0979 5936 ohci1394 - ok
14:14:56.0014 5936 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
14:14:56.0068 5936 Parport - ok
14:14:56.0095 5936 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
14:14:56.0116 5936 partmgr - ok
14:14:56.0140 5936 PCASp50a64 - ok
14:14:56.0175 5936 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:14:56.0201 5936 pccsmcfd - ok
14:14:56.0221 5936 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
14:14:56.0246 5936 pci - ok
14:14:56.0263 5936 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
14:14:56.0281 5936 pciide - ok
14:14:56.0301 5936 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
14:14:56.0332 5936 pcmcia - ok
14:14:56.0365 5936 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
14:14:56.0442 5936 PEAUTH - ok
14:14:56.0503 5936 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
14:14:56.0535 5936 PptpMiniport - ok
14:14:56.0555 5936 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
14:14:56.0606 5936 Processor - ok
14:14:56.0639 5936 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
14:14:56.0671 5936 PSched - ok
14:14:56.0698 5936 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
14:14:56.0723 5936 PSSDK42 - ok
14:14:56.0765 5936 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
14:14:56.0823 5936 ql2300 - ok
14:14:56.0843 5936 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
14:14:56.0861 5936 ql40xx - ok
14:14:56.0889 5936 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
14:14:56.0928 5936 QWAVEdrv - ok
14:14:56.0971 5936 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
14:14:57.0007 5936 RasAcd - ok
14:14:57.0031 5936 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:57.0063 5936 Rasl2tp - ok
14:14:57.0087 5936 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:57.0116 5936 RasPppoe - ok
14:14:57.0146 5936 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
14:14:57.0177 5936 RasSstp - ok
14:14:57.0211 5936 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
14:14:57.0248 5936 rdbss - ok
14:14:57.0276 5936 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:57.0312 5936 RDPCDD - ok
14:14:57.0341 5936 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
14:14:57.0382 5936 rdpdr - ok
14:14:57.0393 5936 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
14:14:57.0430 5936 RDPENCDD - ok
14:14:57.0456 5936 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
14:14:57.0491 5936 RDPWD - ok
14:14:57.0528 5936 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
14:14:57.0562 5936 RFCOMM - ok
14:14:57.0592 5936 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
14:14:57.0631 5936 rspndr - ok
14:14:57.0654 5936 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
14:14:57.0672 5936 sbp2port - ok
14:14:57.0698 5936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:14:57.0749 5936 secdrv - ok
14:14:57.0778 5936 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\DRIVERS\serenum.sys
14:14:57.0828 5936 Serenum - ok
14:14:57.0852 5936 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
14:14:57.0904 5936 Serial - ok
14:14:57.0929 5936 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
14:14:57.0965 5936 sermouse - ok
14:14:57.0994 5936 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys
14:14:58.0044 5936 sffdisk - ok
14:14:58.0064 5936 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
14:14:58.0114 5936 sffp_mmc - ok
14:14:58.0135 5936 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys
14:14:58.0189 5936 sffp_sd - ok
14:14:58.0206 5936 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
14:14:58.0257 5936 sfloppy - ok
14:14:58.0297 5936 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys
14:14:58.0321 5936 SI3132 - ok
14:14:58.0349 5936 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:14:58.0363 5936 SiFilter - ok
14:14:58.0389 5936 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys
14:14:58.0404 5936 SiRemFil - ok
14:14:58.0424 5936 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
14:14:58.0440 5936 SiSRaid2 - ok
14:14:58.0459 5936 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
14:14:58.0476 5936 SiSRaid4 - ok
14:14:58.0513 5936 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
14:14:58.0549 5936 Smb - ok
14:14:58.0595 5936 snapman (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
14:14:58.0618 5936 snapman - ok
14:14:58.0642 5936 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
14:14:58.0662 5936 spldr - ok
14:14:58.0711 5936 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
14:14:58.0711 5936 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
14:14:58.0712 5936 sptd ( LockedFile.Multi.Generic ) - warning
14:14:58.0713 5936 sptd - detected LockedFile.Multi.Generic (1)
14:14:58.0759 5936 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
14:14:58.0837 5936 srv - ok
14:14:58.0878 5936 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
14:14:58.0929 5936 srv2 - ok
14:14:58.0949 5936 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
14:14:58.0978 5936 srvnet - ok
14:14:59.0018 5936 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
14:14:59.0033 5936 swenum - ok
14:14:59.0054 5936 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
14:14:59.0070 5936 Symc8xx - ok
14:14:59.0088 5936 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
14:14:59.0104 5936 Sym_hi - ok
14:14:59.0120 5936 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
14:14:59.0137 5936 Sym_u3 - ok
14:14:59.0172 5936 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
14:14:59.0188 5936 taphss - ok
14:14:59.0244 5936 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
14:14:59.0262 5936 tbhsd - ok
14:14:59.0337 5936 Tcpip (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
14:14:59.0411 5936 Tcpip - ok
14:14:59.0457 5936 Tcpip6 (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
14:14:59.0527 5936 Tcpip6 - ok
14:14:59.0547 5936 tcpipreg (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
14:14:59.0577 5936 tcpipreg - ok
14:14:59.0601 5936 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
14:14:59.0637 5936 TDPIPE - ok
14:14:59.0652 5936 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
14:14:59.0700 5936 TDTCP - ok
14:14:59.0725 5936 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
14:14:59.0756 5936 tdx - ok
14:14:59.0776 5936 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
14:14:59.0797 5936 TermDD - ok
14:14:59.0833 5936 tifsfilter (fe95379561b6554611f47e29f48ee931) C:\Windows\system32\DRIVERS\tifsfilt.sys
14:14:59.0851 5936 tifsfilter - ok
14:14:59.0884 5936 timounter (2d0dc8f1578cf9c1434fd41de46fa00a) C:\Windows\system32\DRIVERS\timntr.sys
14:14:59.0930 5936 timounter - ok
14:14:59.0949 5936 truecrypt - ok
14:14:59.0984 5936 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:00.0020 5936 tssecsrv - ok
14:15:00.0036 5936 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
14:15:00.0066 5936 tunmp - ok
14:15:00.0089 5936 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
14:15:00.0119 5936 tunnel - ok
14:15:00.0143 5936 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
14:15:00.0161 5936 uagp35 - ok
14:15:00.0192 5936 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
14:15:00.0229 5936 udfs - ok
14:15:00.0254 5936 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
14:15:00.0272 5936 uliagpkx - ok
14:15:00.0295 5936 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
14:15:00.0317 5936 uliahci - ok
14:15:00.0338 5936 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
14:15:00.0357 5936 UlSata - ok
14:15:00.0384 5936 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
14:15:00.0404 5936 ulsata2 - ok
14:15:00.0435 5936 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
14:15:00.0471 5936 umbus - ok
14:15:00.0522 5936 upperdev (9856c38ab8faacca4dd99dac7b42f838) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:15:00.0549 5936 upperdev - ok
14:15:00.0581 5936 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:15:00.0623 5936 USBAAPL64 - ok
14:15:00.0649 5936 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:00.0679 5936 usbccgp - ok
14:15:00.0701 5936 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
14:15:00.0755 5936 usbcir - ok
14:15:00.0771 5936 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
14:15:00.0801 5936 usbehci - ok
14:15:00.0826 5936 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
14:15:00.0864 5936 usbhub - ok
14:15:00.0880 5936 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
14:15:00.0916 5936 usbohci - ok
14:15:00.0936 5936 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
14:15:00.0972 5936 usbprint - ok
14:15:01.0006 5936 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
14:15:01.0036 5936 usbscan - ok
14:15:01.0067 5936 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
14:15:01.0103 5936 usbser - ok
14:15:01.0132 5936 UsbserFilt (89123dc822ac7a708bd4c9e196a37610) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
14:15:01.0157 5936 UsbserFilt - ok
14:15:01.0176 5936 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:01.0208 5936 USBSTOR - ok
14:15:01.0228 5936 usbuhci (7bf55d2538740b25936e93553e5d190d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:15:01.0277 5936 usbuhci - ok
14:15:01.0314 5936 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
14:15:01.0342 5936 usb_rndisx - ok
14:15:01.0383 5936 VClone (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys
14:15:01.0412 5936 VClone - ok
14:15:01.0444 5936 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:01.0480 5936 vga - ok
14:15:01.0513 5936 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
14:15:01.0549 5936 VgaSave - ok
14:15:01.0578 5936 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
14:15:01.0593 5936 viaide - ok
14:15:01.0643 5936 vodafone_K3805-z_dc_enum (107972886ec42b82d839605a726d61f1) C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
14:15:01.0673 5936 vodafone_K3805-z_dc_enum - ok
14:15:01.0700 5936 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
14:15:01.0721 5936 volmgr - ok
14:15:01.0752 5936 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
14:15:01.0782 5936 volmgrx - ok
14:15:01.0814 5936 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
14:15:01.0840 5936 volsnap - ok
14:15:01.0865 5936 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
14:15:01.0883 5936 vsmraid - ok
14:15:01.0910 5936 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
14:15:01.0961 5936 WacomPen - ok
14:15:01.0988 5936 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0029 5936 Wanarp - ok
14:15:02.0033 5936 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0067 5936 Wanarpv6 - ok
14:15:02.0104 5936 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
14:15:02.0120 5936 Wd - ok
14:15:02.0166 5936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:15:02.0209 5936 Wdf01000 - ok
14:15:02.0262 5936 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys
14:15:02.0313 5936 WmiAcpi - ok
14:15:02.0364 5936 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
14:15:02.0395 5936 WpdUsb - ok
14:15:02.0427 5936 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
14:15:02.0470 5936 ws2ifsl - ok
14:15:02.0521 5936 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:02.0561 5936 WUDFRd - ok
14:15:02.0637 5936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:15:02.0756 5936 \Device\Harddisk0\DR0 - ok
14:15:02.0768 5936 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
14:15:02.0808 5936 \Device\Harddisk1\DR1 - ok
14:15:02.0822 5936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
14:15:02.0890 5936 \Device\Harddisk2\DR2 - ok
14:15:02.0893 5936 Boot (0x1200) (d34a71973a4b09188f63935ff862a384) \Device\Harddisk0\DR0\Partition0
14:15:02.0895 5936 \Device\Harddisk0\DR0\Partition0 - ok
14:15:02.0935 5936 Boot (0x1200) (98a1fe948625d6b6226fc305b756b779) \Device\Harddisk0\DR0\Partition1
14:15:02.0935 5936 \Device\Harddisk0\DR0\Partition1 - ok
14:15:02.0947 5936 Boot (0x1200) (1c1ccee7eb9ad72dd2d60949fdc1f33c) \Device\Harddisk1\DR1\Partition0
14:15:02.0948 5936 \Device\Harddisk1\DR1\Partition0 - ok
14:15:02.0960 5936 Boot (0x1200) (9b97f2d95e95a9eb329f22423bd07bfb) \Device\Harddisk1\DR1\Partition1
14:15:02.0960 5936 \Device\Harddisk1\DR1\Partition1 - ok
14:15:02.0991 5936 Boot (0x1200) (3411e83fcf80683ebb361cf1188ac746) \Device\Harddisk2\DR2\Partition0
14:15:02.0991 5936 \Device\Harddisk2\DR2\Partition0 - ok
14:15:03.0013 5936 Boot (0x1200) (6e07eae6253397aee0102363441f01d0) \Device\Harddisk2\DR2\Partition1
14:15:03.0014 5936 \Device\Harddisk2\DR2\Partition1 - ok
14:15:03.0014 5936 ============================================================
14:15:03.0014 5936 Scan finished
14:15:03.0014 5936 ============================================================
14:15:03.0023 5136 Detected object count: 1
14:15:03.0023 5136 Actual detected object count: 1
14:15:22.0239 5136 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:15:22.0239 5136 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) |
| 0x00000001, 64-bit, 7-zip, alternate, bho, blockiert, bonjour, browser, downloader, error, eset nod32, euro, flash player, free download, google, google earth, hotspot, hotspot shield, iexplore.exe, install.exe, intranet, kaspersky, microsoft security, mozilla, mozilla thunderbird, myphoneexplorer, nvidia update, object, origin, picasa, plug-in, registry, scan, security, software, studio, svchost.exe, system, taskmanager, teamspeak, total commander, trojaner, viren, virus, vista, vodafone, warnhinweis, wurde ihr |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
