Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Nach Trojaner Probleme mit Internet Videos

Nach Trojaner Probleme mit Internet Videos


Log-Analyse und Auswertung: Nach Trojaner Probleme mit Internet Videos

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 4 1 2 34
Alt 02.03.2012, 18:30   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.03.2012, 19:10   #17
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


So hier der Log von OTL

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.03.2012 18:51:43 - Run 1
OTL by OldTimer - Version 3.2.34.0     Folder = C:\Users\Falk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 72,15% Memory free
6,21 Gb Paging File | 4,48 Gb Available in Paging File | 72,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,79 Gb Total Space | 69,29 Gb Free Space | 48,87% Space Free | Partition Type: NTFS
Drive D: | 141,65 Gb Total Space | 81,01 Gb Free Space | 57,19% Space Free | Partition Type: NTFS
Drive E: | 123,71 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: FALK-PC | User Name: Falk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.02 18:48:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.12 11:23:20 | 000,018,432 | ---- | M] () -- C:\Users\Falk\AppData\LocalLow\WOT\IE\WOTUpdater.exe
PRC - [2012.01.04 14:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.17 15:30:18 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\fsav32.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.08 13:07:28 | 001,008,296 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\fssm32.exe
PRC - [2011.09.08 13:07:27 | 000,512,680 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32.exe
PRC - [2011.05.23 16:25:06 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe
PRC - [2010.12.01 13:27:05 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\FWES\program\fsdfwd.exe
PRC - [2010.08.20 20:45:26 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.07.21 17:07:04 | 001,778,064 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe
PRC - [2010.07.21 17:07:04 | 000,493,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
PRC - [2010.01.23 23:08:03 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.12 21:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE
PRC - [2009.08.05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Common\FSM32.EXE
PRC - [2009.08.05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Common\FSHDLL32.EXE
PRC - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.06.06 18:17:16 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.09 18:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 10:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.10.11 19:53:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 11:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2006.05.29 19:29:46 | 001,708,032 | ---- | M] () -- C:\Programme\NETGEAR\WG111v3\WG111v3.exe
PRC - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfprsrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.16 14:04:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012.02.16 14:04:12 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012.02.16 14:02:17 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.17 12:16:04 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.08.20 20:45:36 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010.08.20 20:45:26 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.01.23 23:08:00 | 000,061,496 | ---- | M] () -- C:\Programme\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2009.08.05 16:59:02 | 000,001,536 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSPC\fspcfsm.eng
MOD - [2009.08.05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll
MOD - [2009.08.05 16:57:04 | 000,081,920 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\strres.eng
MOD - [2009.08.05 16:56:56 | 000,920,160 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\gres.dll
MOD - [2009.08.05 16:56:50 | 000,143,360 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\flyerres.eng
MOD - [2009.08.05 16:56:50 | 000,045,056 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\fsavures.eng
MOD - [2009.08.05 16:56:32 | 000,838,240 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\about.dll
MOD - [2009.08.05 16:56:32 | 000,088,672 | ---- | M] () -- C:\Programme\Unitymedia\Sicherheitspaket\FSGUI\aboutres.dll
MOD - [2008.03.04 23:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.09 18:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2006.05.29 19:29:46 | 001,708,032 | ---- | M] () -- C:\Programme\NETGEAR\WG111v3\WG111v3.exe
MOD - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfprsrv.exe
MOD - [2006.05.04 06:58:38 | 001,239,040 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfdialogs100.bpl
MOD - [2006.05.04 06:58:38 | 000,237,056 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\expertpdf4core.bpl
MOD - [2006.05.04 06:58:36 | 003,014,656 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfcore100.bpl
MOD - [2006.05.04 06:58:36 | 001,026,048 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vsvector100.bpl
MOD - [2006.05.04 06:58:36 | 000,230,912 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vspdfeditor100.bpl
MOD - [2006.04.15 06:34:26 | 000,568,320 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\TMSlite100.bpl
MOD - [2006.03.02 20:39:28 | 001,844,224 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\te100.bpl
MOD - [2006.03.02 20:33:18 | 000,444,928 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\VirtualTree100.bpl
MOD - [2006.03.02 20:28:36 | 000,139,776 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\uoolep100.bpl
MOD - [2006.03.02 20:01:50 | 000,071,168 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\VSDesktop100.bpl
MOD - [2006.03.02 19:57:48 | 000,383,488 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\visage100.bpl
MOD - [2006.03.02 19:55:22 | 000,089,088 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\vsmisc100.bpl
MOD - [2005.12.26 13:20:52 | 002,098,176 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\PKIECtrl100.bpl
MOD - [2003.08.22 07:23:16 | 000,225,792 | ---- | M] () -- C:\Programme\Visagesoft\eXPert PDF\sqlite.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.02.15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.12 11:23:20 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Falk\AppData\LocalLow\WOT\IE\WOTUpdater.exe -- (WOTUpdater)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.23 16:25:06 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.12.01 13:27:05 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 10:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011.09.08 13:08:12 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2011.08.17 19:00:01 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.12.16 14:25:17 | 000,073,160 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2010.12.16 14:24:36 | 000,036,792 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.10.14 07:07:40 | 000,348,160 | ---- | M] (NETGEAR Inc.                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.08.05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Programme\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 16:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Programme\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.04.30 23:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009.04.30 22:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008.09.05 02:01:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2008.09.05 02:01:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.06.07 11:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.11.18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.11.06 09:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 09:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.07.19 01:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.07 14:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 03:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2003.10.15 16:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)
DRV - [2003.04.18 23:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 16:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Programme\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=0809&m=aspire_m3641
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=2cec11f3000000000000001b2fcde29b
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - C:\Programme\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
IE - HKU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=2cec11f3000000000000001b2fcde29b
IE - HKU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE359
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:2.7.2.0
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {a51a36e6-31e7-4838-9ff7-76298b527ec0}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=109867&babsrc=adbartrp&mntrId=2cec11f3000000000000001b2fcde29b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Unitymedia\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.02.22 21:40:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.22 21:39:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.26 18:55:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010.10.18 23:20:36 | 000,000,000 | ---D | M]
 
[2009.12.26 13:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Extensions
[2012.02.25 14:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions
[2010.02.15 17:18:20 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.01.26 01:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.04 20:58:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.14 21:00:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(402)
[2012.01.11 14:40:37 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.02.13 21:01:02 | 000,000,000 | ---D | M] (softonic-Germany Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{a51a36e6-31e7-4838-9ff7-76298b527ec0}(403)
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.13 21:00:53 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}(405)
[2012.01.09 14:11:38 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
[2012.01.27 01:30:52 | 000,000,000 | ---D | M] (SFT_de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ff88a983-649d-4207-9336-9b999280b436}
[2011.03.24 16:08:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\engine@conduit.com
[2012.01.26 01:05:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\wotstats@mywot.com
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\conduit.xml
[2012.02.24 21:01:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-1.xml
[2010.09.18 10:28:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-10.xml
[2010.10.19 14:16:01 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-11.xml
[2010.10.27 13:20:57 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-12.xml
[2010.12.11 00:02:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-13.xml
[2010.12.19 13:29:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-14.xml
[2011.03.05 13:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-15.xml
[2011.03.24 00:14:21 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-16.xml
[2011.04.29 17:47:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-17.xml
[2011.05.20 00:33:38 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-18.xml
[2011.06.22 11:01:59 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-19.xml
[2010.03.11 21:36:22 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-2.xml
[2011.09.04 21:12:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-20.xml
[2011.09.07 19:39:19 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-21.xml
[2011.09.29 03:10:30 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-22.xml
[2011.11.21 13:56:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-23.xml
[2010.03.22 02:49:25 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-3.xml
[2010.04.03 11:49:26 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-4.xml
[2010.06.24 12:28:58 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-5.xml
[2010.06.28 10:52:12 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-6.xml
[2010.07.21 20:58:04 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-7.xml
[2010.08.15 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-8.xml
[2010.09.02 16:13:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin.xml
[2010.02.15 17:20:39 | 000,001,201 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\winamp-search.xml
[2012.02.19 21:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.02.08 21:16:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.22 21:39:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.02.22 21:39:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.02.17 23:27:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.19 21:37:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.12 21:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.01.17 14:07:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.25 02:30:51 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.01.17 14:07:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.17 14:07:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.17 14:07:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.17 14:07:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.17 14:07:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (WOT) - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Falk\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
O2 - BHO: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Programme\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Programme\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Programme\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll̀ File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - C:\Programme\SFT_de3\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [ICQ] C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1001..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - Startup: C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96DF96FC-D1D2-403C-9451-9A031973ED11}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Falk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Falk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.02 14:19:24 | 000,000,089 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2010.02.02 14:19:24 | 000,302,440 | R--- | M] (Hewlett-Packard Co.)
O33 - MountPoints2\{8e56d21a-ef09-11de-b632-0021857285c7}\Shell\AutoRun\command - "" = J:\Get_Started_for_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.02 18:47:47 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2012.03.02 15:06:02 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Falk\Desktop\esetsmartinstaller_enu.exe
[2012.02.27 16:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.02.27 16:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.02.27 16:35:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Falk\Desktop\dds.scr
[2012.02.27 15:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.27 15:16:37 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.27 15:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.26 18:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.02.25 02:39:19 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2012.02.25 02:36:15 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC
[2012.02.25 02:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Vlcclassic
[2012.02.25 02:31:06 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012.02.25 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Local\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.02.24 22:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.02.24 21:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.02.24 21:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.02.24 21:53:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.02.19 21:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.02 18:52:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.02 18:48:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2012.03.02 18:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.02 18:16:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.02 17:39:40 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2012.03.02 15:06:06 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Falk\Desktop\esetsmartinstaller_enu.exe
[2012.03.02 14:16:18 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.02 14:16:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.02 14:16:02 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.01 13:43:35 | 000,116,193 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (5).zip
[2012.03.01 13:43:09 | 000,122,579 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (5).odt
[2012.02.29 19:24:15 | 000,183,074 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (4).zip
[2012.02.29 19:23:27 | 000,188,054 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (4).odt
[2012.02.29 19:20:32 | 000,532,817 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu).zip
[2012.02.29 19:18:36 | 000,312,803 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (2).zip
[2012.02.29 19:18:24 | 000,218,243 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (3).zip
[2012.02.29 19:14:43 | 000,230,351 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (3).odt
[2012.02.29 19:13:00 | 000,320,994 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (2).odt
[2012.02.29 19:11:29 | 000,544,047 | ---- | M] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu).odt
[2012.02.27 19:42:20 | 000,000,930 | ---- | M] () -- C:\Users\Falk\Desktop\mbam-log-2012-02-27 (17-44-23).zip
[2012.02.27 18:45:35 | 000,017,198 | ---- | M] () -- C:\Users\Falk\Desktop\Anschreiben.odt
[2012.02.27 17:28:34 | 000,000,401 | ---- | M] () -- C:\Users\Falk\Desktop\defogger_disable.zip
[2012.02.27 17:28:20 | 000,003,477 | ---- | M] () -- C:\Users\Falk\Desktop\Attach.zip
[2012.02.27 17:28:06 | 000,008,231 | ---- | M] () -- C:\Users\Falk\Desktop\DDS.zip
[2012.02.27 17:27:47 | 000,007,739 | ---- | M] () -- C:\Users\Falk\Desktop\DDS.7z
[2012.02.27 17:16:04 | 277,400,196 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.02.27 16:39:11 | 000,302,592 | ---- | M] () -- C:\Users\Falk\Desktop\ssr2tibw.exe
[2012.02.27 16:35:40 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Falk\Desktop\dds.scr
[2012.02.27 16:00:53 | 000,000,000 | ---- | M] () -- C:\Users\Falk\defogger_reenable
[2012.02.27 16:00:01 | 000,050,477 | ---- | M] () -- C:\Users\Falk\Desktop\Defogger.exe
[2012.02.27 15:17:35 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.27 15:16:42 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.26 18:55:19 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.02.25 15:00:59 | 000,033,053 | ---- | M] () -- C:\Users\Falk\Desktop\183304_132772360124925_100001764865427_228180_1903939_n.jpg
[2012.02.25 14:59:47 | 000,190,073 | ---- | M] () -- C:\Users\Falk\Desktop\photo.php
[2012.02.25 02:36:15 | 000,001,058 | ---- | M] () -- C:\Users\Falk\Desktop\VLC.lnk
[2012.02.25 02:31:08 | 000,000,237 | ---- | M] () -- C:\user.js
[2012.02.24 22:05:04 | 001,382,491 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0005.jpg
[2012.02.24 22:02:37 | 001,279,391 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0011.jpg
[2012.02.24 22:02:27 | 001,299,827 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0010.jpg
[2012.02.24 21:53:19 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.02.22 23:24:56 | 000,005,120 | ---- | M] () -- C:\Users\Falk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.22 18:53:36 | 000,001,037 | ---- | M] () -- C:\Users\Falk\Desktop\DVDVideoSoft Free Studio.lnk
[2012.02.22 18:53:35 | 000,001,196 | ---- | M] () -- C:\Users\Falk\Desktop\Free YouTube to MP3 Converter.lnk
[2012.02.21 00:14:32 | 000,636,076 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.21 00:14:32 | 000,603,370 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.21 00:14:32 | 000,129,678 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.21 00:14:32 | 000,107,302 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.16 13:59:15 | 000,407,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.02 17:39:36 | 000,000,584 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2012.02.29 19:24:19 | 000,116,193 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (5).zip
[2012.02.29 19:24:15 | 000,183,074 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (4).zip
[2012.02.29 19:23:33 | 000,122,579 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (5).odt
[2012.02.29 19:23:07 | 000,188,054 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (4).odt
[2012.02.29 19:18:36 | 000,312,803 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (2).zip
[2012.02.29 19:18:30 | 000,532,817 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu).zip
[2012.02.29 19:18:24 | 000,218,243 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (3).zip
[2012.02.29 19:13:31 | 000,230,351 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (3).odt
[2012.02.29 19:11:36 | 000,320,994 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu) (2).odt
[2012.02.29 19:07:56 | 000,544,047 | ---- | C] () -- C:\Users\Falk\Desktop\OpenDocument Text (neu).odt
[2012.02.27 19:42:20 | 000,000,930 | ---- | C] () -- C:\Users\Falk\Desktop\mbam-log-2012-02-27 (17-44-23).zip
[2012.02.27 18:05:16 | 000,017,198 | ---- | C] () -- C:\Users\Falk\Desktop\Anschreiben.odt
[2012.02.27 17:28:34 | 000,000,401 | ---- | C] () -- C:\Users\Falk\Desktop\defogger_disable.zip
[2012.02.27 17:28:20 | 000,003,477 | ---- | C] () -- C:\Users\Falk\Desktop\Attach.zip
[2012.02.27 17:27:47 | 000,007,739 | ---- | C] () -- C:\Users\Falk\Desktop\DDS.7z
[2012.02.27 17:24:46 | 000,008,231 | ---- | C] () -- C:\Users\Falk\Desktop\DDS.zip
[2012.02.27 16:54:45 | 277,400,196 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.02.27 16:39:07 | 000,302,592 | ---- | C] () -- C:\Users\Falk\Desktop\ssr2tibw.exe
[2012.02.27 16:00:53 | 000,000,000 | ---- | C] () -- C:\Users\Falk\defogger_reenable
[2012.02.27 15:59:39 | 000,050,477 | ---- | C] () -- C:\Users\Falk\Desktop\Defogger.exe
[2012.02.27 15:16:42 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.26 18:55:19 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.02.26 18:55:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.02.25 15:00:59 | 000,033,053 | ---- | C] () -- C:\Users\Falk\Desktop\183304_132772360124925_100001764865427_228180_1903939_n.jpg
[2012.02.25 14:59:45 | 000,190,073 | ---- | C] () -- C:\Users\Falk\Desktop\photo.php
[2012.02.25 02:36:15 | 000,001,058 | ---- | C] () -- C:\Users\Falk\Desktop\VLC.lnk
[2012.02.25 02:31:07 | 000,000,237 | ---- | C] () -- C:\user.js
[2012.02.24 22:04:53 | 001,382,491 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0005.jpg
[2012.02.24 22:02:27 | 001,279,391 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0011.jpg
[2012.02.24 22:02:16 | 001,299,827 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0010.jpg
[2012.02.24 21:53:19 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.02.22 23:24:40 | 000,005,120 | ---- | C] () -- C:\Users\Falk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.26 01:36:51 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll
[2011.12.13 18:53:48 | 000,000,156 | ---- | C] () -- C:\Windows\wininit.ini
[2011.12.06 00:51:22 | 000,407,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.10.10 14:17:08 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.06.22 21:49:57 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe
[2011.06.22 21:49:56 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2011.06.22 21:49:56 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.27 00:43:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011.02.07 17:39:58 | 000,186,609 | ---- | C] () -- C:\Windows\hpoins21.dat
[2011.01.11 15:47:55 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010.11.30 21:10:40 | 000,042,672 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.10.17 17:12:24 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010.04.13 13:18:33 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2010.04.13 13:18:33 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
 
========== LOP Check ==========
 
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acer GameZone Console
[2011.02.25 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acreon
[2012.02.25 02:30:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Babylon
[2011.12.02 01:44:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\BitTorrent
[2012.02.22 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoft
[2011.08.04 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.22 21:40:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\eXPert PDF Editor
[2012.02.25 02:39:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2011.08.17 00:54:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Firstload
[2010.02.22 17:08:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\GetRightToGo
[2012.03.02 04:43:17 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\ICQ
[2010.01.26 19:42:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Leadertech
[2011.06.21 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\OpenOffice.org
[2011.06.20 02:10:51 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\SoftGrid Client
[2010.12.07 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TeamViewer
[2011.06.19 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TP
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TS3Client
[2011.02.27 04:46:00 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Tunngle
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\Acer GameZone Console
[2012.03.02 04:47:23 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.02 17:39:40 | 000,000,584 | ---- | M] () -- C:\Windows\Tasks\Scheduled scanning task.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acer GameZone Console
[2011.02.25 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acreon
[2011.12.02 00:59:29 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Adobe
[2011.11.02 00:14:32 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Apple Computer
[2012.02.25 02:30:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Babylon
[2011.12.02 01:44:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\BitTorrent
[2010.10.26 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DivX
[2012.02.22 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoft
[2011.08.04 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.22 21:40:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\eXPert PDF Editor
[2012.02.25 02:39:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2011.08.17 00:54:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Firstload
[2010.02.22 17:08:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\GetRightToGo
[2009.12.26 13:41:43 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Google
[2011.02.07 18:07:35 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\HP
[2012.02.01 18:21:15 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\HpUpdate
[2012.03.02 04:43:17 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\ICQ
[2009.12.22 15:59:47 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Identities
[2010.01.26 19:42:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Leadertech
[2009.12.22 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Macromedia
[2011.11.22 21:41:33 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Media Center Programs
[2012.02.01 18:19:11 | 000,000,000 | --SD | M] -- C:\Users\Falk\AppData\Roaming\Microsoft
[2009.12.26 13:44:45 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Mozilla
[2011.08.18 19:42:31 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\NVIDIA
[2011.06.21 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\OpenOffice.org
[2011.08.18 22:05:03 | 000,000,000 | RH-D | M] -- C:\Users\Falk\AppData\Roaming\SecuROM
[2012.03.02 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Skype
[2011.06.26 01:39:59 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\skypePM
[2011.06.20 02:10:51 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\SoftGrid Client
[2010.06.09 19:22:48 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\teamspeak2
[2010.12.07 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TeamViewer
[2011.06.19 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TP
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TS3Client
[2011.02.27 04:46:00 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Tunngle
[2012.02.25 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Winamp
[2010.10.25 19:44:47 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.02.25 13:52:09 | 000,272,384 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2005.10.12 05:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_2517c98a\iaStor.sys
[2005.10.12 05:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ef2f01d9\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\drivers\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_d8b4315a\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_101ee613\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.12.08 06:28:10 | 000,140,320 | ---- | M] (NVIDIA Corporation) MD5=689A2160B851F8BF88F20728FD2F30BD -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_a5207023\nvstor32.sys
[2007.09.11 08:19:16 | 000,114,208 | ---- | M] (NVIDIA Corporation) MD5=8FFB327669B980549BD318D939A34F9B -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_4b699c67\nvstor32.sys
[2007.09.11 08:19:18 | 000,114,208 | ---- | M] (NVIDIA Corporation) MD5=AFD01721DC3297E6715C5F472DD8BCCD -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_8225a48e\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\DRV\RAID\NVIDIA\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\DRV\RaidV2\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\Windows\System32\drivers\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_52f8ebc7\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.03.21 22:08:02 | 013,115,392 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.03.21 22:07:55 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.03.21 22:08:02 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008.03.21 22:08:10 | 017,629,184 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008.03.21 22:08:11 | 006,639,616 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >

< End of report >
--- --- ---
__________________
Alt 05.03.2012, 10:07   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Zitat:
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
..
..
Wieso müllst du dir das System mit nutzlosen Toolbars zu?
Deinstalliere über Systemsteuerung unter Software bzw. Programme und Funktionen alles wo Toolbar zu sehen ist. Bei zukünftigen Programminstallation immer die benutzerdefinierte Methode anklicken, damit man bei der Installation mögliche Toolbars abwählen kann.
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung.
__________________
__________________
Alt 05.03.2012, 15:47   #19
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


So, hab nun die ganzen Toolbars + unnötigen Programme deinstalliert.
es besteht jedoch dasselbe Problem wie vorher, die Videos laden immer noch so langsam wie vorher.

Achja, vor 2 Tagen als ich den Computer hochgefahren habe, waren ungefähr die hälfte meiner Desktop Symbole verschwunden, nach einer Systemwiederherstellung vom vorherigen Tag waren sie wieder da...aber ist trozdem komisch.

UND; seit heute kann ich auf verschiedene Dateien nicht mehr zugreifen, z.B. /C:>Prgramme nicht mehr, ''Zugriff verweigert''... mit Rechtsklick > Eigenschaften > Freigabe > erweiterte Freigabe kann ich das auch nicht mehr erlauben, sprich dadrauf zugreifen. Wird verweigert.

Alt 05.03.2012, 16:08   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Wir sind ja auch noch nicht fertig und ich habe nicht behauptet, dass alles an Problemen weg ist wenn man die Toolbars deinstalliert.

mach bitte wie oben beschrieben ein neues OTL-Log

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.03.2012, 16:32   #21
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


So, hier der Log

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.03.2012 16:10:40 - Run 1
OTL by OldTimer - Version 3.2.34.0     Folder = C:\Users\Falk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,68% Memory free
6,22 Gb Paging File | 4,18 Gb Available in Paging File | 67,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,79 Gb Total Space | 69,57 Gb Free Space | 49,07% Space Free | Partition Type: NTFS
Drive D: | 141,65 Gb Total Space | 81,00 Gb Free Space | 57,18% Space Free | Partition Type: NTFS
Drive E: | 123,71 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: FALK-PC | User Name: Falk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.02 18:48:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
PRC - [2012.02.17 23:27:49 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.12 11:23:20 | 000,018,432 | ---- | M] () -- C:\Users\Falk\AppData\LocalLow\WOT\IE\WOTUpdater.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.17 15:30:18 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsav32.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.08 13:07:28 | 001,008,296 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fssm32.exe
PRC - [2011.09.08 13:07:27 | 000,512,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32.exe
PRC - [2011.05.23 16:25:06 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe
PRC - [2010.12.01 13:27:05 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\FWES\program\fsdfwd.exe
PRC - [2010.08.20 20:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.01.23 23:08:03 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.12 21:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE
PRC - [2009.08.05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE
PRC - [2009.08.05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSHDLL32.EXE
PRC - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.06.06 18:17:16 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.09 18:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007.10.17 10:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007.10.11 19:53:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007.09.06 11:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2006.05.29 19:29:46 | 001,708,032 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.26 18:20:21 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.17 23:27:48 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.16 14:04:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012.02.16 14:04:12 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012.02.16 14:02:17 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.17 12:16:04 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.10.15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010.08.20 20:45:36 | 000,095,528 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010.08.20 20:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.01.23 23:08:00 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2009.08.05 16:59:02 | 000,001,536 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSPC\fspcfsm.eng
MOD - [2009.08.05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\unitymedia\sicherheitspaket\hips\fshook32.dll
MOD - [2009.08.05 16:57:04 | 000,081,920 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\strres.eng
MOD - [2009.08.05 16:56:56 | 000,920,160 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\gres.dll
MOD - [2009.08.05 16:56:50 | 000,143,360 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\flyerres.eng
MOD - [2009.08.05 16:56:50 | 000,045,056 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\fsavures.eng
MOD - [2009.08.05 16:56:32 | 000,838,240 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\about.dll
MOD - [2009.08.05 16:56:32 | 000,088,672 | ---- | M] () -- C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\aboutres.dll
MOD - [2008.03.04 23:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.01.09 18:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2006.05.29 19:29:46 | 001,708,032 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
MOD - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
MOD - [2006.05.04 06:58:38 | 001,239,040 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfdialogs100.bpl
MOD - [2006.05.04 06:58:38 | 000,237,056 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\expertpdf4core.bpl
MOD - [2006.05.04 06:58:36 | 003,014,656 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfcore100.bpl
MOD - [2006.05.04 06:58:36 | 001,026,048 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vsvector100.bpl
MOD - [2006.05.04 06:58:36 | 000,230,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfeditor100.bpl
MOD - [2006.04.15 06:34:26 | 000,568,320 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\TMSlite100.bpl
MOD - [2006.03.02 20:39:28 | 001,844,224 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\te100.bpl
MOD - [2006.03.02 20:33:18 | 000,444,928 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\VirtualTree100.bpl
MOD - [2006.03.02 20:28:36 | 000,139,776 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\uoolep100.bpl
MOD - [2006.03.02 20:01:50 | 000,071,168 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\VSDesktop100.bpl
MOD - [2006.03.02 19:57:48 | 000,383,488 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\visage100.bpl
MOD - [2006.03.02 19:55:22 | 000,089,088 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vsmisc100.bpl
MOD - [2005.12.26 13:20:52 | 002,098,176 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\PKIECtrl100.bpl
MOD - [2003.08.22 07:23:16 | 000,225,792 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\sqlite.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.12 11:23:20 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Falk\AppData\LocalLow\WOT\IE\WOTUpdater.exe -- (WOTUpdater)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.23 16:25:06 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010.12.01 13:27:05 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007.10.17 10:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.10.01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011.09.08 13:08:12 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2011.08.17 19:00:01 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.12.16 14:25:17 | 000,073,160 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2010.12.16 14:24:36 | 000,036,792 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.10.14 07:07:40 | 000,348,160 | ---- | M] (NETGEAR Inc.                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.08.05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.08.05 16:56:12 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009.04.30 23:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009.04.30 22:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008.09.05 02:01:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2008.09.05 02:01:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.06.07 11:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.11.18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.11.06 09:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007.11.06 09:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.07.19 01:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.07 14:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.03 03:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2003.10.15 16:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)
DRV - [2003.04.18 23:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 16:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=0809&m=aspire_m3641
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=2cec11f3000000000000001b2fcde29b
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - No CLSID value found
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=2cec11f3000000000000001b2fcde29b
IE - HKU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE359
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778
IE - HKU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://search.avg.com/route/?d=4ba6cb5c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:2.7.2.0
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {a51a36e6-31e7-4838-9ff7-76298b527ec0}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=109867&babsrc=adbartrp&mntrId=2cec11f3000000000000001b2fcde29b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files\Unitymedia\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.02.22 21:40:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.22 21:39:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.26 18:55:19 | 000,000,000 | ---D | M]
 
[2009.12.26 13:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Extensions
[2012.02.25 14:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions
[2010.02.15 17:18:20 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.01.26 01:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.04 20:58:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.14 21:00:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(402)
[2012.01.11 14:40:37 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.02.13 21:01:02 | 000,000,000 | ---D | M] (softonic-Germany Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{a51a36e6-31e7-4838-9ff7-76298b527ec0}(403)
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.13 21:00:53 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}(405)
[2012.01.09 14:11:38 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
[2012.01.27 01:30:52 | 000,000,000 | ---D | M] (SFT_de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ff88a983-649d-4207-9336-9b999280b436}
[2011.03.24 16:08:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\engine@conduit.com
[2012.01.26 01:05:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\wotstats@mywot.com
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\conduit.xml
[2012.02.24 21:01:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-1.xml
[2010.09.18 10:28:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-10.xml
[2010.10.19 14:16:01 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-11.xml
[2010.10.27 13:20:57 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-12.xml
[2010.12.11 00:02:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-13.xml
[2010.12.19 13:29:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-14.xml
[2011.03.05 13:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-15.xml
[2011.03.24 00:14:21 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-16.xml
[2011.04.29 17:47:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-17.xml
[2011.05.20 00:33:38 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-18.xml
[2011.06.22 11:01:59 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-19.xml
[2010.03.11 21:36:22 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-2.xml
[2011.09.04 21:12:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-20.xml
[2011.09.07 19:39:19 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-21.xml
[2011.09.29 03:10:30 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-22.xml
[2011.11.21 13:56:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-23.xml
[2010.03.22 02:49:25 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-3.xml
[2010.04.03 11:49:26 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-4.xml
[2010.06.24 12:28:58 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-5.xml
[2010.06.28 10:52:12 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-6.xml
[2010.07.21 20:58:04 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-7.xml
[2010.08.15 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-8.xml
[2010.09.02 16:13:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin.xml
[2010.02.15 17:20:39 | 000,001,201 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\winamp-search.xml
[2012.02.19 21:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.08 21:16:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.22 21:39:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.02.17 23:27:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.19 21:37:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.12 21:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.01.17 14:07:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.25 02:30:51 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.01.17 14:07:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.17 14:07:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.17 14:07:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.17 14:07:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.17 14:07:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (WOT) - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Falk\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Unitymedia\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [ICQ] C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1001..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - Startup: C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96DF96FC-D1D2-403C-9451-9A031973ED11}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Falk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Falk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.02 14:19:24 | 000,000,089 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2010.02.02 14:19:24 | 000,302,440 | R--- | M] (Hewlett-Packard Co.)
O33 - MountPoints2\{8e56d21a-ef09-11de-b632-0021857285c7}\Shell\AutoRun\command - "" = J:\Get_Started_for_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.05 15:38:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.02 18:47:47 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2012.03.02 15:06:02 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Falk\Desktop\esetsmartinstaller_enu.exe
[2012.02.27 16:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.02.27 16:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.02.27 16:35:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Falk\Desktop\dds.scr
[2012.02.27 15:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.27 15:16:37 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.27 15:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.26 18:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.02.25 02:39:19 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2012.02.25 02:36:15 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC
[2012.02.25 02:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Vlcclassic
[2012.02.25 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Local\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.02.24 22:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.02.19 21:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.05 16:08:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.05 16:08:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.05 14:08:40 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2012.03.05 14:08:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.05 14:08:36 | 3220,312,064 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.02 18:48:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Falk\Desktop\OTL.exe
[2012.03.02 15:06:06 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Falk\Desktop\esetsmartinstaller_enu.exe
[2012.02.27 17:16:04 | 277,400,196 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.02.27 16:39:11 | 000,302,592 | ---- | M] () -- C:\Users\Falk\Desktop\ssr2tibw.exe
[2012.02.27 16:35:40 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Falk\Desktop\dds.scr
[2012.02.27 16:00:53 | 000,000,000 | ---- | M] () -- C:\Users\Falk\defogger_reenable
[2012.02.27 16:00:01 | 000,050,477 | ---- | M] () -- C:\Users\Falk\Desktop\Defogger.exe
[2012.02.27 15:17:35 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.27 15:16:42 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.26 18:55:19 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.02.25 02:36:15 | 000,001,058 | ---- | M] () -- C:\Users\Falk\Desktop\VLC.lnk
[2012.02.25 02:31:08 | 000,000,237 | ---- | M] () -- C:\user.js
[2012.02.24 22:05:04 | 001,382,491 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0005.jpg
[2012.02.24 22:02:37 | 001,279,391 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0011.jpg
[2012.02.24 22:02:27 | 001,299,827 | ---- | M] () -- C:\Users\Falk\Documents\Scannen0010.jpg
[2012.02.22 23:24:56 | 000,005,120 | ---- | M] () -- C:\Users\Falk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.22 18:53:36 | 000,001,037 | ---- | M] () -- C:\Users\Falk\Desktop\DVDVideoSoft Free Studio.lnk
[2012.02.22 18:53:35 | 000,001,196 | ---- | M] () -- C:\Users\Falk\Desktop\Free YouTube to MP3 Converter.lnk
[2012.02.21 00:14:32 | 000,636,076 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.21 00:14:32 | 000,603,370 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.21 00:14:32 | 000,129,678 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.21 00:14:32 | 000,107,302 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.16 13:59:15 | 000,407,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.02 17:39:36 | 000,000,584 | ---- | C] () -- C:\Windows\tasks\Scheduled scanning task.job
[2012.02.27 16:54:45 | 277,400,196 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.02.27 16:39:07 | 000,302,592 | ---- | C] () -- C:\Users\Falk\Desktop\ssr2tibw.exe
[2012.02.27 16:00:53 | 000,000,000 | ---- | C] () -- C:\Users\Falk\defogger_reenable
[2012.02.27 15:59:39 | 000,050,477 | ---- | C] () -- C:\Users\Falk\Desktop\Defogger.exe
[2012.02.27 15:16:42 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.26 18:55:19 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.02.26 18:55:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.02.25 02:36:15 | 000,001,058 | ---- | C] () -- C:\Users\Falk\Desktop\VLC.lnk
[2012.02.25 02:31:07 | 000,000,237 | ---- | C] () -- C:\user.js
[2012.02.24 22:04:53 | 001,382,491 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0005.jpg
[2012.02.24 22:02:27 | 001,279,391 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0011.jpg
[2012.02.24 22:02:16 | 001,299,827 | ---- | C] () -- C:\Users\Falk\Documents\Scannen0010.jpg
[2012.02.22 23:24:40 | 000,005,120 | ---- | C] () -- C:\Users\Falk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.26 01:36:51 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll
[2011.12.13 18:53:48 | 000,000,156 | ---- | C] () -- C:\Windows\wininit.ini
[2011.12.06 00:51:22 | 000,407,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.10.10 14:17:08 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.06.22 21:49:57 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe
[2011.06.22 21:49:56 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2011.06.22 21:49:56 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.27 00:43:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011.02.07 17:39:58 | 000,186,609 | ---- | C] () -- C:\Windows\hpoins21.dat
[2011.01.11 15:47:55 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010.11.30 21:10:40 | 000,042,672 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2010.10.17 17:12:24 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010.04.13 13:18:33 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2010.04.13 13:18:33 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
 
========== LOP Check ==========
 
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acer GameZone Console
[2011.02.25 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acreon
[2012.02.25 02:30:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Babylon
[2012.02.22 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoft
[2011.08.04 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.22 21:40:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\eXPert PDF Editor
[2012.02.25 02:39:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2010.02.22 17:08:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\GetRightToGo
[2012.03.04 02:45:12 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\ICQ
[2010.01.26 19:42:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Leadertech
[2011.06.21 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\OpenOffice.org
[2011.06.20 02:10:51 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\SoftGrid Client
[2010.12.07 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TeamViewer
[2011.06.19 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TP
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TS3Client
[2011.02.27 04:46:00 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Tunngle
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\Acer GameZone Console
[2012.03.05 03:46:28 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.05 14:08:40 | 000,000,584 | ---- | M] () -- C:\Windows\Tasks\Scheduled scanning task.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.03.21 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acer GameZone Console
[2011.02.25 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Acreon
[2011.12.02 00:59:29 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Adobe
[2011.11.02 00:14:32 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Apple Computer
[2012.02.25 02:30:46 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Babylon
[2010.10.26 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DivX
[2012.02.22 19:03:24 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoft
[2011.08.04 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.22 21:40:07 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\eXPert PDF Editor
[2012.02.25 02:39:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\F-Secure
[2010.02.22 17:08:19 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\GetRightToGo
[2009.12.26 13:41:43 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Google
[2011.02.07 18:07:35 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\HP
[2012.02.01 18:21:15 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\HpUpdate
[2012.03.04 02:45:12 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\ICQ
[2009.12.22 15:59:47 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Identities
[2010.01.26 19:42:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Leadertech
[2009.12.22 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Macromedia
[2011.11.22 21:41:33 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Media Center Programs
[2012.02.01 18:19:11 | 000,000,000 | --SD | M] -- C:\Users\Falk\AppData\Roaming\Microsoft
[2009.12.26 13:44:45 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Mozilla
[2011.08.18 19:42:31 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\NVIDIA
[2011.06.21 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\OpenOffice.org
[2011.08.18 22:05:03 | 000,000,000 | RH-D | M] -- C:\Users\Falk\AppData\Roaming\SecuROM
[2012.03.05 15:42:28 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Skype
[2011.06.26 01:39:59 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\skypePM
[2011.06.20 02:10:51 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\SoftGrid Client
[2010.06.09 19:22:48 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\teamspeak2
[2010.12.07 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TeamViewer
[2011.06.19 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TP
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\TS3Client
[2011.02.27 04:46:00 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Tunngle
[2012.02.25 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\Winamp
[2010.10.25 19:44:47 | 000,000,000 | ---D | M] -- C:\Users\Falk\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.02.25 13:52:09 | 000,272,384 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2005.10.12 05:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_2517c98a\iaStor.sys
[2005.10.12 05:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ef2f01d9\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\drivers\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_d8b4315a\iaStor.sys
[2006.06.13 21:56:40 | 000,247,808 | ---- | M] (Intel Corporation) MD5=580BFEC487C55264BFE3D60C3C24EEE1 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_101ee613\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.12.08 06:28:10 | 000,140,320 | ---- | M] (NVIDIA Corporation) MD5=689A2160B851F8BF88F20728FD2F30BD -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_a5207023\nvstor32.sys
[2007.09.11 08:19:16 | 000,114,208 | ---- | M] (NVIDIA Corporation) MD5=8FFB327669B980549BD318D939A34F9B -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_4b699c67\nvstor32.sys
[2007.09.11 08:19:18 | 000,114,208 | ---- | M] (NVIDIA Corporation) MD5=AFD01721DC3297E6715C5F472DD8BCCD -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_8225a48e\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\DRV\RAID\NVIDIA\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\DRV\RaidV2\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\Windows\System32\drivers\nvstor32.sys
[2008.06.07 11:13:40 | 000,145,440 | ---- | M] (NVIDIA Corporation) MD5=D7B213299852D2026DBC90DAB77EF06C -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_52f8ebc7\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.03.21 22:08:02 | 013,115,392 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.03.21 22:07:55 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.03.21 22:08:02 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008.03.21 22:08:10 | 017,629,184 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008.03.21 22:08:11 | 006,639,616 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >

< End of report >
--- --- ---

Alt 05.03.2012, 18:55   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109867&babsrc=adbartrp&mntrId=2cec11f3000000000000001b2fcde29b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p="
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
[2010.02.15 17:18:20 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.01.26 01:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.04 20:58:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.14 21:00:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(402)
[2012.01.11 14:40:37 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.02.13 21:01:02 | 000,000,000 | ---D | M] (softonic-Germany Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{a51a36e6-31e7-4838-9ff7-76298b527ec0}(403)
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.13 21:00:53 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}(405)
[2012.01.09 14:11:38 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
[2012.01.27 01:30:52 | 000,000,000 | ---D | M] (SFT_de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ff88a983-649d-4207-9336-9b999280b436}
[2011.03.24 16:08:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\engine@conduit.com
[2012.01.26 01:05:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\wotstats@mywot.com
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\conduit.xml
[2012.02.24 21:01:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-1.xml
[2010.09.18 10:28:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-10.xml
[2010.10.19 14:16:01 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-11.xml
[2010.10.27 13:20:57 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-12.xml
[2010.12.11 00:02:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-13.xml
[2010.12.19 13:29:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-14.xml
[2011.03.05 13:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-15.xml
[2011.03.24 00:14:21 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-16.xml
[2011.04.29 17:47:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-17.xml
[2011.05.20 00:33:38 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-18.xml
[2011.06.22 11:01:59 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-19.xml
[2010.03.11 21:36:22 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-2.xml
[2011.09.04 21:12:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-20.xml
[2011.09.07 19:39:19 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-21.xml
[2011.09.29 03:10:30 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-22.xml
[2011.11.21 13:56:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-23.xml
[2010.03.22 02:49:25 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-3.xml
[2010.04.03 11:49:26 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-4.xml
[2010.06.24 12:28:58 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-5.xml
[2010.06.28 10:52:12 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-6.xml
[2010.07.21 20:58:04 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-7.xml
[2010.08.15 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-8.xml
[2010.09.02 16:13:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin.xml
[2010.02.15 17:20:39 | 000,001,201 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\winamp-search.xml
[2010.02.08 21:16:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.25 02:30:51 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.02 14:19:24 | 000,000,089 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2010.02.02 14:19:24 | 000,302,440 | R--- | M] (Hewlett-Packard Co.)
O33 - MountPoints2\{8e56d21a-ef09-11de-b632-0021857285c7}\Shell\AutoRun\command - "" = J:\Get_Started_for_Win.exe
[2012.02.25 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Local\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.03.2012, 23:49   #23
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Nun ist ein weiteres Problem da.
Beim Fix, bzw beim Versuch, hängt sich OTL auf und geht nicht weiter, auch nach 1 Stunde nicht.

Hab alles so gemacht, wie beschrieben. Auch nach dem 3.ten mal starten + neu hochfahren hat OTL sich aufgehangen.

Alt 06.03.2012, 04:32   #24
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Es hängt sich immer bei: "processing O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) usw. auf..
Und sorry, konnte nicht mehr editieren :-S
Geändert von Esel03 (06.03.2012 um 04:40 Uhr)

Alt 06.03.2012, 13:37   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Mach den Fix im abgsicherten Modus mal
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.03.2012, 14:24   #26
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Auch im abgesicherten Modus besteht das Problem :x

Alt 06.03.2012, 14:56   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Probier es mal mit diesem Fixscript

Code:
ATTFilter
:OTL
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109867&babsrc=adbartrp&mntrId=2cec11f3000000000000001b2fcde29b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p="
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
[2010.02.15 17:18:20 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012.01.26 01:30:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.04 20:58:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.14 21:00:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(402)
[2012.01.11 14:40:37 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012.02.13 21:01:02 | 000,000,000 | ---D | M] (softonic-Germany Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{a51a36e6-31e7-4838-9ff7-76298b527ec0}(403)
[2012.02.22 21:40:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.13 21:00:53 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}(405)
[2012.01.09 14:11:38 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}
[2012.01.27 01:30:52 | 000,000,000 | ---D | M] (SFT_de3 Community Toolbar) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ff88a983-649d-4207-9336-9b999280b436}
[2011.03.24 16:08:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\engine@conduit.com
[2012.01.26 01:05:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\wotstats@mywot.com
[2011.01.08 11:23:32 | 000,000,935 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\conduit.xml
[2012.02.24 21:01:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-1.xml
[2010.09.18 10:28:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-10.xml
[2010.10.19 14:16:01 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-11.xml
[2010.10.27 13:20:57 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-12.xml
[2010.12.11 00:02:40 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-13.xml
[2010.12.19 13:29:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-14.xml
[2011.03.05 13:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-15.xml
[2011.03.24 00:14:21 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-16.xml
[2011.04.29 17:47:24 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-17.xml
[2011.05.20 00:33:38 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-18.xml
[2011.06.22 11:01:59 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-19.xml
[2010.03.11 21:36:22 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-2.xml
[2011.09.04 21:12:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-20.xml
[2011.09.07 19:39:19 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-21.xml
[2011.09.29 03:10:30 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-22.xml
[2011.11.21 13:56:42 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-23.xml
[2010.03.22 02:49:25 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-3.xml
[2010.04.03 11:49:26 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-4.xml
[2010.06.24 12:28:58 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-5.xml
[2010.06.28 10:52:12 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-6.xml
[2010.07.21 20:58:04 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-7.xml
[2010.08.15 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-8.xml
[2010.09.02 16:13:47 | 000,000,950 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin.xml
[2010.02.15 17:20:39 | 000,001,201 | ---- | M] () -- C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\winamp-search.xml
[2010.02.08 21:16:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.25 02:30:51 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe File not found
O4 - HKU\S-1-5-21-2303213444-1857024994-1684439035-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.02 14:19:24 | 000,000,089 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2010.02.02 14:19:24 | 000,302,440 | R--- | M] (Hewlett-Packard Co.)
O33 - MountPoints2\{8e56d21a-ef09-11de-b632-0021857285c7}\Shell\AutoRun\command - "" = J:\Get_Started_for_Win.exe
[2012.02.25 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Local\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\Users\Falk\AppData\Roaming\Babylon
[2012.02.25 02:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
:Commands
[emptytemp]
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.03.2012, 15:06   #28
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Diesmal gings :P

Hier der Log

Code:
ATTFilter
 All processes killed
========== OTL ==========
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "softonic-Germany Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
Prefs.js: "hxxp://search.babylon.com/?AF=109867&babsrc=adbartrp&mntrId=2cec11f3000000000000001b2fcde29b&q=" removed from keyword.URL
Prefs.js: "ICQ Search" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "ICQ Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "hxxp://www.google.de/" removed from browser.startup.homepage
Prefs.js: "hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p=" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0\ not found.
File C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(402)\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{a51a36e6-31e7-4838-9ff7-76298b527ec0}(403)\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}(405)\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\{ff88a983-649d-4207-9336-9b999280b436}\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\engine@conduit.com\ not found.
Folder C:\Users\Falk\AppData\Roaming\mozilla\Firefox\Profiles\o93ropm4.default\extensions\wotstats@mywot.com\ not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\conduit.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-1.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-10.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-11.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-12.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-13.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-14.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-15.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-16.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-17.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-18.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-19.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-2.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-20.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-21.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-22.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-23.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-3.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-4.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-5.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-6.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-7.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-8.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin-9.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\icqplugin.xml not found.
File C:\Users\Falk\AppData\Roaming\Mozilla\Firefox\Profiles\o93ropm4.default\searchplugins\winamp-search.xml not found.
Folder C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
File C:\Program Files\mozilla firefox\searchplugins\babylon.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c9508125-4747-4733-b048-e4b82dc9716d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9508125-4747-4733-b048-e4b82dc9716d}\ not found.
File C:\Program Files\PHPNukeDE\tbPHPN.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}\ deleted successfully.
C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c9508125-4747-4733-b048-e4b82dc9716d} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9508125-4747-4733-b048-e4b82dc9716d}\ not found.
File C:\Program Files\PHPNukeDE\tbPHPN.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C9508125-4747-4733-B048-E4B82DC9716D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9508125-4747-4733-B048-E4B82DC9716D}\ not found.
File C:\Program Files\PHPNukeDE\tbPHPN.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C9508125-4747-4733-B048-E4B82DC9716D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9508125-4747-4733-B048-E4B82DC9716D}\ not found.
File C:\Program Files\PHPNukeDE\tbPHPN.dll not found.
Registry value HKEY_USERS\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
File C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C9508125-4747-4733-B048-E4B82DC9716D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9508125-4747-4733-B048-E4B82DC9716D}\ not found.
File C:\Program Files\PHPNukeDE\tbPHPN.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PC Speed Maximizer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2303213444-1857024994-1684439035-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83a5d88b-93a0-11de-bfe6-806e6f6e6963}\ not found.
File move failed. E:\Setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e56d21a-ef09-11de-b632-0021857285c7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e56d21a-ef09-11de-b632-0021857285c7}\ not found.
File J:\Get_Started_for_Win.exe not found.
C:\Users\Falk\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Users\Falk\AppData\Local\Babylon\Setup folder moved successfully.
C:\Users\Falk\AppData\Local\Babylon folder moved successfully.
C:\Users\Falk\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Falk
->Temp folder emptied: 36220672 bytes
->Temporary Internet Files folder emptied: 57391652 bytes
->Java cache emptied: 41860548 bytes
->FireFox cache emptied: 329570032 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 29939 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32981641 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 475,00 mb
 
 
OTL by OldTimer - Version 3.2.35.1 log created on 03062012_145823

Files\Folders moved on Reboot...
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\Setup.exe scheduled to be moved on reboot.
File\Folder C:\Windows\temp\logishrd\LVPrcInj04.dll not found!
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Alt 06.03.2012, 15:11   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.03.2012, 15:29   #30
Esel03
 
Nach Trojaner Probleme mit Internet Videos - Standard

Nach Trojaner Probleme mit Internet Videos


Es werden ja immer mehr Dateien die infiziert sind

Hier der Log

Code:
ATTFilter
 15:25:34.0792 4640	TDSS rootkit removing tool 2.7.19.0 Mar  5 2012 11:23:39
15:25:34.0974 4640	============================================================
15:25:34.0974 4640	Current date / time: 2012/03/06 15:25:34.0974
15:25:34.0974 4640	SystemInfo:
15:25:34.0974 4640	
15:25:34.0974 4640	OS Version: 6.0.6002 ServicePack: 2.0
15:25:34.0974 4640	Product type: Workstation
15:25:34.0974 4640	ComputerName: FALK-PC
15:25:34.0975 4640	UserName: Falk
15:25:34.0975 4640	Windows directory: C:\Windows
15:25:34.0975 4640	System windows directory: C:\Windows
15:25:34.0975 4640	Processor architecture: Intel x86
15:25:34.0975 4640	Number of processors: 4
15:25:34.0975 4640	Page size: 0x1000
15:25:34.0975 4640	Boot type: Normal boot
15:25:34.0975 4640	============================================================
15:25:35.0529 4640	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:25:35.0541 4640	\Device\Harddisk0\DR0:
15:25:35.0562 4640	MBR used
15:25:35.0562 4640	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1D4B800, BlocksNum 0x11B96800
15:25:35.0562 4640	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x138E2000, BlocksNum 0x11B4C000
15:25:35.0883 4640	Initialize success
15:25:35.0883 4640	============================================================
15:26:27.0393 2564	============================================================
15:26:27.0393 2564	Scan started
15:26:27.0393 2564	Mode: Manual; SigCheck; TDLFS; 
15:26:27.0393 2564	============================================================
15:26:28.0370 2564	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:26:28.0460 2564	ACPI - ok
15:26:28.0698 2564	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:26:28.0722 2564	adp94xx - ok
15:26:28.0934 2564	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:26:28.0951 2564	adpahci - ok
15:26:29.0284 2564	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:26:29.0303 2564	adpu160m - ok
15:26:29.0427 2564	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:26:29.0439 2564	adpu320 - ok
15:26:29.0642 2564	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:26:29.0707 2564	AFD - ok
15:26:30.0087 2564	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:26:30.0134 2564	agp440 - ok
15:26:30.0717 2564	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:26:30.0732 2564	aic78xx - ok
15:26:31.0111 2564	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:26:31.0123 2564	aliide - ok
15:26:31.0628 2564	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:26:31.0646 2564	amdagp - ok
15:26:31.0895 2564	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:26:31.0913 2564	amdide - ok
15:26:32.0328 2564	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:26:32.0375 2564	AmdK7 - ok
15:26:32.0895 2564	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:26:32.0982 2564	AmdK8 - ok
15:26:33.0446 2564	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:26:33.0460 2564	arc - ok
15:26:33.0981 2564	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:26:33.0993 2564	arcsas - ok
15:26:34.0547 2564	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:26:34.0628 2564	AsyncMac - ok
15:26:35.0283 2564	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:26:35.0293 2564	atapi - ok
15:26:35.0955 2564	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
15:26:36.0005 2564	avmeject ( UnsignedFile.Multi.Generic ) - warning
15:26:36.0005 2564	avmeject - detected UnsignedFile.Multi.Generic (1)
15:26:36.0520 2564	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:26:36.0613 2564	Beep - ok
15:26:36.0764 2564	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:26:36.0811 2564	blbdrive - ok
15:26:36.0977 2564	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:26:37.0078 2564	bowser - ok
15:26:37.0264 2564	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:26:37.0348 2564	BrFiltLo - ok
15:26:37.0905 2564	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:26:37.0953 2564	BrFiltUp - ok
15:26:38.0465 2564	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:26:38.0614 2564	Brserid - ok
15:26:39.0165 2564	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:26:39.0255 2564	BrSerWdm - ok
15:26:39.0815 2564	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:26:39.0907 2564	BrUsbMdm - ok
15:26:40.0382 2564	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:26:40.0458 2564	BrUsbSer - ok
15:26:40.0881 2564	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:26:40.0986 2564	BTHMODEM - ok
15:26:41.0457 2564	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:26:41.0532 2564	cdfs - ok
15:26:41.0802 2564	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:26:41.0885 2564	cdrom - ok
15:26:42.0115 2564	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:26:42.0186 2564	circlass - ok
15:26:42.0733 2564	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:26:42.0748 2564	CLFS - ok
15:26:43.0215 2564	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:26:43.0227 2564	cmdide - ok
15:26:43.0299 2564	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
15:26:43.0314 2564	Compbatt - ok
15:26:43.0613 2564	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:26:43.0622 2564	crcdisk - ok
15:26:43.0984 2564	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:26:44.0033 2564	Crusoe - ok
15:26:44.0459 2564	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:26:44.0544 2564	DfsC - ok
15:26:44.0997 2564	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:26:45.0007 2564	disk - ok
15:26:45.0148 2564	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:26:45.0196 2564	drmkaud - ok
15:26:45.0535 2564	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:26:45.0559 2564	DXGKrnl - ok
15:26:45.0917 2564	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:26:45.0944 2564	E1G60 - ok
15:26:46.0093 2564	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:26:46.0105 2564	Ecache - ok
15:26:46.0663 2564	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:26:46.0682 2564	elxstor - ok
15:26:47.0067 2564	enodpl          (b4556f3d468c8dcb0b259d9d866cd4c4) C:\Windows\system32\drivers\enodpl.sys
15:26:47.0125 2564	enodpl ( UnsignedFile.Multi.Generic ) - warning
15:26:47.0125 2564	enodpl - detected UnsignedFile.Multi.Generic (1)
15:26:47.0287 2564	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:26:47.0361 2564	ErrDev - ok
15:26:47.0561 2564	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:26:47.0625 2564	exfat - ok
15:26:48.0021 2564	F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys
15:26:48.0049 2564	F-Secure Gatekeeper - ok
15:26:48.0399 2564	F-Secure HIPS   (f5aca65237c7511d5803cdc5e7003d75) C:\Program Files\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys
15:26:48.0408 2564	F-Secure HIPS - ok
15:26:48.0908 2564	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:26:48.0932 2564	fastfat - ok
15:26:49.0405 2564	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:26:49.0487 2564	fdc - ok
15:26:49.0665 2564	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:26:49.0675 2564	FileInfo - ok
15:26:50.0339 2564	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:26:50.0413 2564	Filetrace - ok
15:26:50.0647 2564	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:26:50.0700 2564	flpydisk - ok
15:26:50.0965 2564	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:26:50.0978 2564	FltMgr - ok
15:26:51.0472 2564	fsbts           (343786e182b9c9ae3066e00dec650f50) C:\Windows\system32\Drivers\fsbts.sys
15:26:51.0481 2564	fsbts - ok
15:26:51.0768 2564	FSES            (2bffae1318ce3d9847a8d61b3726e54e) C:\Windows\system32\drivers\fses.sys
15:26:51.0776 2564	FSES - ok
15:26:52.0104 2564	FSFW            (73e6e711455491da6ebbaf9603e96323) C:\Windows\system32\drivers\fsdfw.sys
15:26:52.0114 2564	FSFW - ok
15:26:52.0340 2564	fsvista         (f4a1769bd7a3f073c492663e6a7decd1) C:\Program Files\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys
15:26:52.0346 2564	fsvista - ok
15:26:52.0696 2564	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
15:26:52.0771 2564	Fs_Rec - ok
15:26:53.0221 2564	FWLANUSB        (ff12fa487265da2ac7de4be53f72ff1a) C:\Windows\system32\DRIVERS\fwlanusb.sys
15:26:53.0231 2564	FWLANUSB ( UnsignedFile.Multi.Generic ) - warning
15:26:53.0231 2564	FWLANUSB - detected UnsignedFile.Multi.Generic (1)
15:26:53.0492 2564	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:26:53.0504 2564	gagp30kx - ok
15:26:53.0963 2564	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:26:53.0970 2564	GEARAspiWDM - ok
15:26:54.0142 2564	hamachi         (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
15:26:54.0155 2564	hamachi - ok
15:26:54.0391 2564	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:26:54.0491 2564	HdAudAddService - ok
15:26:54.0902 2564	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:26:54.0975 2564	HDAudBus - ok
15:26:55.0264 2564	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:26:55.0325 2564	HidBth - ok
15:26:55.0481 2564	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:26:55.0542 2564	HidIr - ok
15:26:55.0831 2564	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:26:55.0883 2564	HidUsb - ok
15:26:56.0248 2564	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:26:56.0260 2564	HpCISSs - ok
15:26:56.0574 2564	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:26:56.0720 2564	HTTP - ok
15:26:56.0892 2564	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:26:56.0903 2564	i2omp - ok
15:26:57.0029 2564	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:26:57.0110 2564	i8042prt - ok
15:26:57.0210 2564	iaStor          (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
15:26:57.0290 2564	iaStor - ok
15:26:57.0457 2564	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:26:57.0475 2564	iaStorV - ok
15:26:57.0648 2564	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:26:57.0659 2564	iirsp - ok
15:26:57.0766 2564	int15           (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
15:26:57.0774 2564	int15 - ok
15:26:58.0294 2564	IntcAzAudAddService (f6e17c275666a4402588a30e36565910) C:\Windows\system32\drivers\RTKVHDA.sys
15:26:58.0410 2564	IntcAzAudAddService - ok
15:26:58.0822 2564	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:26:58.0834 2564	intelide - ok
15:26:59.0267 2564	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:26:59.0339 2564	intelppm - ok
15:26:59.0676 2564	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:26:59.0758 2564	IpFilterDriver - ok
15:26:59.0842 2564	IpInIp - ok
15:27:00.0248 2564	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:27:00.0271 2564	IPMIDRV - ok
15:27:00.0640 2564	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:27:00.0669 2564	IPNAT - ok
15:27:00.0915 2564	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:27:00.0993 2564	IRENUM - ok
15:27:01.0282 2564	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:27:01.0294 2564	isapnp - ok
15:27:01.0775 2564	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:27:01.0788 2564	iScsiPrt - ok
15:27:02.0090 2564	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:27:02.0106 2564	iteatapi - ok
15:27:02.0507 2564	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:27:02.0516 2564	iteraid - ok
15:27:02.0806 2564	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:02.0815 2564	kbdclass - ok
15:27:03.0317 2564	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:03.0368 2564	kbdhid - ok
15:27:03.0626 2564	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:27:03.0646 2564	KSecDD - ok
15:27:04.0130 2564	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:27:04.0201 2564	lltdio - ok
15:27:04.0339 2564	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:27:04.0353 2564	LSI_FC - ok
15:27:04.0416 2564	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:27:04.0428 2564	LSI_SAS - ok
15:27:04.0831 2564	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:27:04.0844 2564	LSI_SCSI - ok
15:27:05.0150 2564	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:27:05.0227 2564	luafv - ok
15:27:05.0416 2564	LVPr2Mon        (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
15:27:05.0425 2564	LVPr2Mon - ok
15:27:05.0674 2564	LVRS            (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys
15:27:05.0692 2564	LVRS - ok
15:27:05.0821 2564	LVUSBSta        (caef4c05ba2c1acad4ebcaa4261cd55d) C:\Windows\system32\drivers\LVUSBSta.sys
15:27:05.0832 2564	LVUSBSta - ok
15:27:06.0111 2564	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
15:27:06.0127 2564	MBAMProtector - ok
15:27:06.0506 2564	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:27:06.0517 2564	megasas - ok
15:27:06.0697 2564	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:27:06.0790 2564	MegaSR - ok
15:27:07.0171 2564	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:27:07.0239 2564	Modem - ok
15:27:07.0562 2564	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:27:07.0640 2564	monitor - ok
15:27:08.0009 2564	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:27:08.0018 2564	mouclass - ok
15:27:08.0427 2564	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:27:08.0479 2564	mouhid - ok
15:27:08.0674 2564	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:27:08.0684 2564	MountMgr - ok
15:27:08.0840 2564	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:27:08.0853 2564	mpio - ok
15:27:08.0890 2564	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:27:08.0961 2564	mpsdrv - ok
15:27:09.0290 2564	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:27:09.0301 2564	Mraid35x - ok
15:27:09.0469 2564	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:27:09.0573 2564	MRxDAV - ok
15:27:09.0676 2564	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:09.0696 2564	mrxsmb - ok
15:27:09.0915 2564	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:09.0995 2564	mrxsmb10 - ok
15:27:10.0110 2564	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:10.0192 2564	mrxsmb20 - ok
15:27:10.0345 2564	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
15:27:10.0357 2564	msahci - ok
15:27:10.0413 2564	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:27:10.0426 2564	msdsm - ok
15:27:10.0739 2564	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:27:10.0837 2564	Msfs - ok
15:27:10.0946 2564	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:27:10.0956 2564	msisadrv - ok
15:27:11.0255 2564	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:27:11.0364 2564	MSKSSRV - ok
15:27:11.0744 2564	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:11.0770 2564	MSPCLOCK - ok
15:27:12.0120 2564	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:27:12.0148 2564	MSPQM - ok
15:27:12.0477 2564	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:27:12.0490 2564	MsRPC - ok
15:27:12.0878 2564	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:27:12.0888 2564	mssmbios - ok
15:27:13.0290 2564	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:27:13.0315 2564	MSTEE - ok
15:27:13.0775 2564	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:27:13.0786 2564	Mup - ok
15:27:13.0985 2564	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:27:14.0025 2564	NativeWifiP - ok
15:27:14.0239 2564	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:27:14.0261 2564	NDIS - ok
15:27:14.0708 2564	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:14.0783 2564	NdisTapi - ok
15:27:15.0161 2564	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:15.0182 2564	Ndisuio - ok
15:27:15.0576 2564	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:15.0642 2564	NdisWan - ok
15:27:16.0011 2564	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:27:16.0082 2564	NDProxy - ok
15:27:16.0254 2564	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:27:16.0313 2564	NetBIOS - ok
15:27:16.0871 2564	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:27:16.0925 2564	netbt - ok
15:27:17.0349 2564	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:27:17.0361 2564	nfrd960 - ok
15:27:17.0795 2564	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:27:17.0814 2564	Npfs - ok
15:27:18.0266 2564	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:27:18.0342 2564	nsiproxy - ok
15:27:19.0012 2564	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:27:19.0127 2564	Ntfs - ok
15:27:19.0618 2564	NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:27:19.0678 2564	NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
15:27:19.0678 2564	NTIDrvr - detected UnsignedFile.Multi.Generic (1)
15:27:20.0074 2564	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:27:20.0123 2564	ntrigdigi - ok
15:27:20.0518 2564	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:27:20.0592 2564	Null - ok
15:27:21.0161 2564	NVENETFD        (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
15:27:21.0194 2564	NVENETFD - ok
15:27:21.0414 2564	NVHDA           (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys
15:27:21.0423 2564	NVHDA - ok
15:27:22.0628 2564	nvlddmkm        (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:27:23.0026 2564	nvlddmkm - ok
15:27:23.0268 2564	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:27:23.0278 2564	nvraid - ok
15:27:23.0657 2564	nvrd32          (6934105ecc6a19570160d794e301e595) C:\Windows\system32\drivers\nvrd32.sys
15:27:23.0666 2564	nvrd32 - ok
15:27:24.0076 2564	nvsmu           (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
15:27:24.0139 2564	nvsmu - ok
15:27:24.0497 2564	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:27:24.0509 2564	nvstor - ok
15:27:24.0882 2564	nvstor32        (d7b213299852d2026dbc90dab77ef06c) C:\Windows\system32\drivers\nvstor32.sys
15:27:24.0891 2564	nvstor32 - ok
15:27:25.0042 2564	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:27:25.0055 2564	nv_agp - ok
15:27:25.0327 2564	NwlnkFlt - ok
15:27:25.0727 2564	NwlnkFwd - ok
15:27:26.0249 2564	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
15:27:26.0320 2564	ohci1394 - ok
15:27:26.0586 2564	ovt519          (4cdadec3dc1300ee1d313ea5494e6472) C:\Windows\system32\Drivers\ov519vid.sys
15:27:26.0679 2564	ovt519 ( UnsignedFile.Multi.Generic ) - warning
15:27:26.0679 2564	ovt519 - detected UnsignedFile.Multi.Generic (1)
15:27:27.0070 2564	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:27:27.0166 2564	Parport - ok
15:27:27.0680 2564	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:27:27.0691 2564	partmgr - ok
15:27:28.0035 2564	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:27:28.0138 2564	Parvdm - ok
15:27:28.0462 2564	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:27:28.0474 2564	pci - ok
15:27:29.0077 2564	pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:27:29.0088 2564	pciide - ok
15:27:29.0537 2564	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:27:29.0550 2564	pcmcia - ok
15:27:30.0189 2564	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:27:30.0253 2564	PEAUTH - ok
15:27:30.0843 2564	pepifilter      (b20f958b207e6aaac5f70d04dd2c30d8) C:\Windows\system32\DRIVERS\lv302af.sys
15:27:30.0853 2564	pepifilter - ok
15:27:31.0644 2564	PID_PEPI        (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
15:27:31.0774 2564	PID_PEPI - ok
15:27:32.0204 2564	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:27:32.0256 2564	PptpMiniport - ok
15:27:32.0728 2564	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:27:32.0805 2564	Processor - ok
15:27:33.0419 2564	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:27:33.0487 2564	PSched - ok
15:27:33.0893 2564	PSDFilter       (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
15:27:33.0900 2564	PSDFilter - ok
15:27:34.0462 2564	PSDNServ        (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
15:27:34.0469 2564	PSDNServ - ok
15:27:34.0836 2564	psdvdisk        (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:27:34.0843 2564	psdvdisk - ok
15:27:35.0318 2564	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:27:35.0443 2564	ql2300 - ok
15:27:35.0853 2564	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:27:35.0868 2564	ql40xx - ok
15:27:36.0222 2564	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:27:36.0316 2564	QWAVEdrv - ok
15:27:36.0432 2564	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:27:36.0488 2564	RasAcd - ok
15:27:37.0030 2564	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:27:37.0102 2564	Rasl2tp - ok
15:27:37.0486 2564	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:27:37.0555 2564	RasPppoe - ok
15:27:37.0814 2564	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:27:37.0828 2564	RasSstp - ok
15:27:38.0317 2564	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:27:38.0383 2564	rdbss - ok
15:27:38.0678 2564	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:27:38.0740 2564	RDPCDD - ok
15:27:39.0244 2564	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:27:39.0273 2564	rdpdr - ok
15:27:39.0669 2564	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:27:39.0749 2564	RDPENCDD - ok
15:27:40.0344 2564	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
15:27:40.0395 2564	RDPWD - ok
15:27:40.0771 2564	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:27:40.0796 2564	rspndr - ok
15:27:41.0117 2564	RTL8187B        (d5d2e9f785fda3c1e021fde9f218c7f5) C:\Windows\system32\DRIVERS\wg111v3.sys
15:27:41.0260 2564	RTL8187B - ok
15:27:41.0601 2564	RTL8192su - ok
15:27:41.0828 2564	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:27:41.0841 2564	sbp2port - ok
15:27:42.0370 2564	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:27:42.0466 2564	secdrv - ok
15:27:43.0091 2564	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
15:27:43.0115 2564	Serenum - ok
15:27:43.0713 2564	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
15:27:43.0776 2564	Serial - ok
15:27:43.0989 2564	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:27:44.0019 2564	sermouse - ok
15:27:44.0430 2564	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:27:44.0450 2564	sffdisk - ok
15:27:44.0855 2564	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:27:44.0923 2564	sffp_mmc - ok
15:27:45.0397 2564	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:27:45.0460 2564	sffp_sd - ok
15:27:46.0088 2564	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:27:46.0181 2564	sfloppy - ok
15:27:46.0691 2564	Sftfs           (d9b734638dd8dba9d59aad3189cd0fad) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:27:46.0742 2564	Sftfs - ok
15:27:47.0318 2564	Sftplay         (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:27:47.0329 2564	Sftplay - ok
15:27:47.0751 2564	Sftredir        (518bac0179f94304f422696b47c0ec12) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:27:47.0760 2564	Sftredir - ok
15:27:48.0328 2564	Sftvol          (747325236d88b3f05ffd27ff9ec711c5) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:27:48.0337 2564	Sftvol - ok
15:27:48.0754 2564	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:27:48.0769 2564	sisagp - ok
15:27:49.0129 2564	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:27:49.0141 2564	SiSRaid2 - ok
15:27:49.0338 2564	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:27:49.0353 2564	SiSRaid4 - ok
15:27:49.0704 2564	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:27:49.0759 2564	Smb - ok
15:27:50.0210 2564	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:27:50.0219 2564	spldr - ok
15:27:50.0784 2564	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:27:50.0870 2564	srv - ok
15:27:51.0294 2564	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:27:51.0392 2564	srv2 - ok
15:27:51.0742 2564	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:27:51.0784 2564	srvnet - ok
15:27:52.0088 2564	StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
15:27:52.0138 2564	StillCam - ok
15:27:52.0562 2564	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:27:52.0572 2564	swenum - ok
15:27:52.0865 2564	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:27:52.0881 2564	Symc8xx - ok
15:27:53.0049 2564	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:27:53.0061 2564	Sym_hi - ok
15:27:53.0089 2564	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:27:53.0102 2564	Sym_u3 - ok
15:27:53.0482 2564	tandpl          (126d7b3b4c7b724491c604060e1f4e14) C:\Windows\system32\drivers\tandpl.sys
15:27:53.0488 2564	tandpl ( UnsignedFile.Multi.Generic ) - warning
15:27:53.0488 2564	tandpl - detected UnsignedFile.Multi.Generic (1)
15:27:53.0875 2564	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
15:27:54.0019 2564	Tcpip - ok
15:27:54.0690 2564	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
15:27:54.0724 2564	Tcpip6 - ok
15:27:55.0274 2564	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:27:55.0349 2564	tcpipreg - ok
15:27:55.0872 2564	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:27:55.0915 2564	TDPIPE - ok
15:27:56.0139 2564	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:27:56.0166 2564	TDTCP - ok
15:27:56.0538 2564	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:27:56.0559 2564	tdx - ok
15:27:56.0945 2564	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:27:56.0957 2564	TermDD - ok
15:27:57.0598 2564	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:27:57.0679 2564	tssecsrv - ok
15:27:58.0273 2564	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:27:58.0341 2564	tunmp - ok
15:27:58.0706 2564	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:27:58.0755 2564	tunnel - ok
15:27:59.0195 2564	tvicport        (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
15:27:59.0250 2564	tvicport ( UnsignedFile.Multi.Generic ) - warning
15:27:59.0250 2564	tvicport - detected UnsignedFile.Multi.Generic (1)
15:27:59.0823 2564	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:27:59.0837 2564	uagp35 - ok
15:28:00.0227 2564	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:28:00.0253 2564	udfs - ok
15:28:00.0711 2564	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:28:00.0723 2564	uliagpkx - ok
15:28:01.0155 2564	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:28:01.0174 2564	uliahci - ok
15:28:01.0455 2564	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:28:01.0471 2564	UlSata - ok
15:28:01.0797 2564	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:28:01.0812 2564	ulsata2 - ok
15:28:02.0186 2564	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:28:02.0262 2564	umbus - ok
15:28:02.0641 2564	usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:28:02.0705 2564	usbaudio - ok
15:28:03.0170 2564	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:28:03.0215 2564	usbccgp - ok
15:28:03.0640 2564	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:28:03.0689 2564	usbcir - ok
15:28:03.0907 2564	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:28:03.0949 2564	usbehci - ok
15:28:04.0487 2564	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:28:04.0554 2564	usbhub - ok
15:28:05.0003 2564	usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
15:28:05.0075 2564	usbohci - ok
15:28:05.0468 2564	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:28:05.0539 2564	usbprint - ok
15:28:06.0079 2564	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:28:06.0103 2564	usbscan - ok
15:28:06.0506 2564	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:28:06.0599 2564	USBSTOR - ok
15:28:06.0885 2564	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:28:06.0938 2564	usbuhci - ok
15:28:07.0118 2564	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:28:07.0175 2564	vga - ok
15:28:07.0480 2564	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:28:07.0560 2564	VgaSave - ok
15:28:07.0910 2564	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:28:07.0923 2564	viaagp - ok
15:28:08.0310 2564	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:28:08.0382 2564	ViaC7 - ok
15:28:08.0701 2564	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:28:08.0713 2564	viaide - ok
15:28:09.0368 2564	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:28:09.0377 2564	volmgr - ok
15:28:10.0027 2564	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:28:10.0042 2564	volmgrx - ok
15:28:10.0619 2564	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:28:10.0633 2564	volsnap - ok
15:28:11.0139 2564	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:28:11.0154 2564	vsmraid - ok
15:28:11.0374 2564	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:28:11.0478 2564	WacomPen - ok
15:28:11.0771 2564	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:28:11.0838 2564	Wanarp - ok
15:28:11.0853 2564	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:28:11.0873 2564	Wanarpv6 - ok
15:28:12.0360 2564	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:28:12.0370 2564	Wd - ok
15:28:12.0934 2564	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:28:12.0953 2564	Wdf01000 - ok
15:28:13.0491 2564	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:28:13.0510 2564	WmiAcpi - ok
15:28:13.0883 2564	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:28:13.0965 2564	WpdUsb - ok
15:28:14.0353 2564	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:28:14.0419 2564	ws2ifsl - ok
15:28:14.0792 2564	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:14.0864 2564	WUDFRd - ok
15:28:14.0966 2564	zntport         (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
15:28:14.0969 2564	zntport ( UnsignedFile.Multi.Generic ) - warning
15:28:14.0969 2564	zntport - detected UnsignedFile.Multi.Generic (1)
15:28:15.0038 2564	MBR (0x1B8)     (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
15:28:17.0523 2564	\Device\Harddisk0\DR0 - ok
15:28:17.0580 2564	Boot (0x1200)   (2479aa3bcda804a83eb559de08200124) \Device\Harddisk0\DR0\Partition0
15:28:17.0617 2564	\Device\Harddisk0\DR0\Partition0 - ok
15:28:17.0647 2564	Boot (0x1200)   (312def6a025f0b67018dadd15856364b) \Device\Harddisk0\DR0\Partition1
15:28:17.0672 2564	\Device\Harddisk0\DR0\Partition1 - ok
15:28:17.0672 2564	============================================================
15:28:17.0672 2564	Scan finished
15:28:17.0672 2564	============================================================
15:28:17.0687 3592	Detected object count: 8
15:28:17.0687 3592	Actual detected object count: 8
15:28:47.0988 3592	avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:47.0988 3592	avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:47.0991 3592	enodpl ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:47.0991 3592	enodpl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:47.0993 3592	FWLANUSB ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:47.0993 3592	FWLANUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:47.0995 3592	NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:47.0995 3592	NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:47.0997 3592	ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:47.0997 3592	ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:48.0001 3592	tandpl ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:48.0001 3592	tandpl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:48.0003 3592	tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:48.0003 3592	tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:48.0005 3592	zntport ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:48.0005 3592	zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip

Antwort
Seite 2 von 4 1 2 34

Themen zu Nach Trojaner Probleme mit Internet Videos
anleitung, antivir, bluescreen, computer, datei, erste mal, fehler, fehlermeldung, folge, gmer, google, infiziert, infizierte, infizierte datei, internet, laden, langsam, malwarebytes, neustart, problem, probleme, programm, scan, trojaner, video, youtube, öffnen


« Es begann mit dem Bundestrojaner und nun versagen oder verschwinden immer mehr Programme | 'Windows Security Center' Trojaner - Windows-Benutzer gesperrt ! »


Ähnliche Themen: Nach Trojaner Probleme mit Internet Videos


  1. Probleme im Internet nach der Entfernung eines Trojaners
    Diskussionsforum - 09.08.2015 (16)
  2. Windows 7 - Internet stürzt nach einigen Minuten ab, besonders beim Abspielen von Videos
    Log-Analyse und Auswertung - 07.01.2015 (19)
  3. Ladeprobleme im Internet Explorer bei Videos
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (5)
  4. Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.
    Log-Analyse und Auswertung - 03.08.2014 (7)
  5. Videos im Internet ruckeln ohne Ausnahme!
    Alles rund um Windows - 30.11.2013 (4)
  6. Windows 7: Probleme mit Virus Win32/Small.CA; PC Stürzt bei Videos ab
    Log-Analyse und Auswertung - 19.11.2013 (16)
  7. Internet funktioniert nach Youtube Videos nicht mehr.
    Alles rund um Windows - 18.10.2013 (0)
  8. Windows XP Neuinstallation und Videos- Probleme
    Alles rund um Windows - 28.09.2013 (9)
  9. Hohe Auslastung bei Internet- Videos
    Log-Analyse und Auswertung - 28.11.2011 (1)
  10. Videos und Filme im Internet ruckeln.
    Alles rund um Windows - 10.08.2011 (34)
  11. Nach (angeblicher) Beseitigung von cycbot.b Probleme mit dem Internet
    Plagegeister aller Art und deren Bekämpfung - 29.01.2011 (22)
  12. Probleme mit Videos nach entfernen von trojanern durch MWB
    Plagegeister aller Art und deren Bekämpfung - 18.11.2010 (16)
  13. Internet Explorer öffnete sich von selbst, nach Löschen des IE immer noch probleme
    Log-Analyse und Auswertung - 07.05.2010 (1)
  14. internet probleme nach zlob
    Log-Analyse und Auswertung - 02.08.2008 (2)
  15. Internet Probleme nach Netpumper Nutzung
    Log-Analyse und Auswertung - 07.11.2007 (1)
  16. Nach installation von F-Secure Internet Security 2007 Probleme
    Log-Analyse und Auswertung - 05.09.2007 (5)
  17. probleme mit gebrannten videos
    Netzwerk und Hardware - 30.09.2003 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Nach Trojaner Probleme mit Internet Videos - Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: - Nach Trojaner Probleme mit Internet Videos...
Archiv
Du betrachtest: Nach Trojaner Probleme mit Internet Videos auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131