| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus - Betreibssystem blockiert, 50 Euro zahlenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.03.2012, 10:07
| #1 |
 |  Virus - Betreibssystem blockiert, 50 Euro zahlen Sehr geehrtes Trojaner Board, nach ein wenig Googlen und suchen hier im Forum, habe ich herausgefunden, dass dieses Problem anscheinend sowohl bekannt als auch verbreitet ist (Falls man das überhaupt zu Viren etc sagen kann ) Könnt ihr mir bitte helfen? Wäre super, danke.... Gruß, Christian Hier der OTL.TXT OTL: OTL logfile created on: 3/3/2012 9:31:57 AM - Run 1 OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\ace-dajana\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.91 Gb Total Physical Memory | 3.32 Gb Available Physical Memory | 84.86% Memory free 7.82 Gb Paging File | 7.24 Gb Available in Paging File | 92.61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 657.54 Gb Total Space | 450.42 Gb Free Space | 68.50% Space Free | Partition Type: NTFS Drive D: | 37.99 Gb Total Space | 8.16 Gb Free Space | 21.49% Space Free | Partition Type: NTFS Computer Name: ACE-DAJANA-PC | User Name: ace-dajana | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/03/03 08:32:08 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2011/07/20 23:02:45 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006/12/19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011/08/31 18:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/07/27 07:44:01 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011/07/27 07:44:01 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011/07/20 22:50:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/04/15 00:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011/03/24 14:47:04 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2011/03/24 14:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011/03/24 14:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011/03/15 17:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/24 19:40:20 | 008,591,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011/02/10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011/02/10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011/01/25 20:48:04 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011/01/24 10:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010/10/15 00:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010/09/16 08:08:50 | 001,077,416 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764) DRV:64bit: - [2010/09/03 13:46:48 | 001,392,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/06/25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010/04/22 02:06:42 | 000,399,936 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2_usb.sys -- (NUMARK_OMNICONTROL) DRV:64bit: - [2010/04/22 02:06:40 | 000,050,240 | ---- | M] (Numark) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2_wdm.sys -- (NUMARK_OMNICONTROL_WDM) DRV:64bit: - [2010/04/22 02:06:38 | 000,031,296 | ---- | M] (Numark) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2midi.sys -- (NUMARK_OMNICONTROL_MIDI) DRV:64bit: - [2009/11/01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2009/06/29 17:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/13 20:47:44 | 000,032,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF) DRV:64bit: - [2009/05/13 20:26:14 | 000,015,896 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10hid.sys -- (X10Hid) DRV:64bit: - [2009/04/09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {7B61669A-BD41-4028-97CE-5436F1821D34} IE - HKCU\..\SearchScopes\{7B61669A-BD41-4028-97CE-5436F1821D34}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.100 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/03 18:06:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/14 19:05:47 | 000,000,000 | ---D | M] [2011/07/20 21:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Extensions [2012/02/28 22:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions [2011/12/29 13:58:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/07/20 20:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions\nostmp [2012/02/16 14:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/01/05 14:47:47 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de () (No name found) -- C:\USERS\ACE-DAJANA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J0LOKSL1.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI () (No name found) -- C:\USERS\ACE-DAJANA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J0LOKSL1.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI [2012/02/21 15:06:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/07/11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012/02/08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/02/08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/02/08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/02/08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/02/08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/02/08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll File not found O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL File not found O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File not found O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll File not found O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp File not found O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s File not found O4:64bit: - HKLM..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe File not found O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found O4 - HKLM..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min File not found O4 - HKLM..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" File not found O4 - HKLM..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart File not found O4 - HKLM..\Run: [HotkeyApp] "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe" File not found O4 - HKLM..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe" File not found O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Wbutton] "C:\Program Files (x86)\Launch Manager\Wbutton.exe" File not found O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found O4 - HKCU..\Run: [SkypeM] C:\Users\ace-dajana\AppData\Local\Skype\Skype.exe (Unizeto Sp. z o.o.) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll File not found O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll File not found O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll File not found O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C98CD9E-06C7-4B36-AC4B-6E3E3B0E020D}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL File not found O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{30bbd6cb-022a-11e1-9ba9-001e101f63cf}\Shell - "" = AutoRun O33 - MountPoints2\{30bbd6cb-022a-11e1-9ba9-001e101f63cf}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{30bbd6da-022a-11e1-9ba9-001e101f63cf}\Shell - "" = AutoRun O33 - MountPoints2\{30bbd6da-022a-11e1-9ba9-001e101f63cf}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{370d8c3d-0088-11e1-b156-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{370d8c3d-0088-11e1-b156-00262dc6ff00}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{370d8c46-0088-11e1-b156-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{370d8c46-0088-11e1-b156-00262dc6ff00}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f61bac3d-02fc-11e1-b8ed-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{f61bac3d-02fc-11e1-b8ed-00262dc6ff00}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP MsConfig:64bit - StartUpFolder: C:^Users^ace-dajana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Versandhelfer.lnk - - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - File not found MsConfig:64bit - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - File not found MsConfig:64bit - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) MsConfig:64bit - StartUpReg: XboxStat - hkey= - key= - File not found MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012/03/03 18:17:58 | 000,000,000 | -HSD | C] -- C:\found.000 [2012/03/03 08:32:06 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe [2012/03/02 09:06:08 | 000,000,000 | ---D | C] -- C:\InstantOnOS [2012/03/02 08:07:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/02/29 17:35:37 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Controlling mit Excel [2012/02/29 17:35:32 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Braunhart E&F [2012/02/26 22:32:03 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Local\Zattoo [2012/02/26 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2012/02/26 22:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2012/02/26 22:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4 [2012/02/26 21:47:27 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\JLC's Software [2012/02/26 21:47:20 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JLC's Software [2012/02/26 21:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JLC's Software [2012/02/26 21:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JLC's Software [2012/02/26 21:25:50 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\Podcast Studio [2012/02/26 21:25:19 | 000,962,560 | ---- | C] (East Wind Software) -- C:\Windows\SysWow64\advdaudio.ocx [2012/02/26 21:25:19 | 000,634,880 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll [2012/02/26 21:25:19 | 000,522,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll [2012/02/26 21:25:19 | 000,467,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll [2012/02/26 21:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design [2012/02/26 21:25:18 | 000,966,144 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll [2012/02/26 21:25:18 | 000,877,568 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll [2012/02/26 21:25:18 | 000,467,456 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll [2012/02/26 21:25:17 | 000,413,696 | ---- | C] (Gabest) -- C:\Windows\SysWow64\flvsplitter.ax [2012/02/26 21:25:17 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\onlineTV 6 [2012/02/26 21:25:17 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\concept design [2012/02/22 14:50:48 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Local\SKIDROW [2012/02/22 14:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2012/02/22 14:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ [2012/02/13 11:02:21 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Soca Alben [2012/02/13 11:01:55 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Soca+Znouk+Calypso Alben [2012/02/13 10:57:53 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Riddims check [2012/02/12 22:18:26 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ [2012/02/12 22:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ [2012/02/09 20:23:35 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Naturbilder [2012/02/07 22:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker [2012/02/07 18:03:18 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\Meine empfangenen Dateien [2012/02/07 17:31:33 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Telekom Unterlagen [2012/02/03 20:53:43 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\888poker [2012/02/03 20:53:43 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker [2012/02/03 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\PacificPoker [2012/02/03 20:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PacificPoker [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/03/03 09:26:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/03/03 09:26:57 | 3148,091,392 | -HS- | M] () -- C:\hiberfil.sys [2012/03/03 09:25:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/03/03 09:25:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/03/03 08:32:08 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe [2012/03/02 08:11:35 | 087,227,952 | ---- | M] () -- C:\Users\ace-dajana\Desktop\avira_free_antivirus_898de.exe [2012/03/01 20:51:06 | 000,537,331 | ---- | M] () -- C:\Users\ace-dajana\Desktop\E&F_Gruppenarbeit_dt. Bankenlandschaft_WS 2011-12.pdf [2012/03/01 17:48:41 | 001,761,096 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/03/01 17:48:41 | 000,754,068 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/03/01 17:48:41 | 000,699,084 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/03/01 17:48:41 | 000,172,008 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/03/01 17:48:41 | 000,138,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/02/29 20:48:44 | 000,017,408 | ---- | M] () -- C:\Users\ace-dajana\AppData\Local\WebpageIcons.db [2012/02/29 19:53:06 | 000,667,881 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Postbank.pdf [2012/02/29 10:01:18 | 178,097,074 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Richie Stephens feat. Gentleman - Warrior (OFFICIAL MUSIC VI.mp4 [2012/02/27 09:43:35 | 058,654,584 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Dancehall Mix 1_2012.mp3 [2012/02/26 22:30:15 | 000,001,872 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Zattoo.lnk [2012/02/26 21:51:05 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012/02/22 18:32:54 | 000,181,736 | ---- | M] () -- C:\Users\ace-dajana\Desktop\C_Bolln_SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 18:25:56 | 000,653,399 | ---- | M] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-005121.pdf [2012/02/22 14:53:01 | 000,012,926 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Saints Row 3.lnk [2012/02/22 08:10:16 | 000,161,508 | ---- | M] () -- C:\Users\ace-dajana\Desktop\2SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 07:57:24 | 000,269,384 | ---- | M] () -- C:\Users\ace-dajana\Desktop\barclaycard.pdf [2012/02/21 12:59:40 | 000,653,804 | ---- | M] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/20 10:01:27 | 000,183,112 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/02/16 14:29:15 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/02/16 03:35:43 | 000,511,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/02/12 22:18:27 | 000,000,973 | ---- | M] () -- C:\Users\ace-dajana\Desktop\VirtualDJ PRO Full.lnk [2012/02/11 21:07:20 | 000,413,696 | ---- | M] (Gabest) -- C:\Windows\SysWow64\flvsplitter.ax [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/03/02 08:15:01 | 087,227,952 | ---- | C] () -- C:\Users\ace-dajana\Desktop\avira_free_antivirus_898de.exe [2012/03/02 08:07:32 | 3148,091,392 | -HS- | C] () -- C:\hiberfil.sys [2012/03/01 21:49:43 | 001,536,258 | ---- | C] () -- C:\Users\ace-dajana\Desktop\IMG_1918.JPG [2012/03/01 20:51:05 | 000,537,331 | ---- | C] () -- C:\Users\ace-dajana\Desktop\E&F_Gruppenarbeit_dt. Bankenlandschaft_WS 2011-12.pdf [2012/02/29 19:53:06 | 000,667,881 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Postbank.pdf [2012/02/29 09:59:30 | 178,097,074 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Richie Stephens feat. Gentleman - Warrior (OFFICIAL MUSIC VI.mp4 [2012/02/27 09:39:59 | 058,654,584 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Dancehall Mix 1_2012.mp3 [2012/02/26 22:32:03 | 000,017,408 | ---- | C] () -- C:\Users\ace-dajana\AppData\Local\WebpageIcons.db [2012/02/26 22:30:15 | 000,001,872 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Zattoo.lnk [2012/02/26 21:51:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012/02/26 21:25:19 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2012/02/26 21:25:19 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2012/02/26 21:25:18 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2012/02/22 18:32:48 | 000,181,736 | ---- | C] () -- C:\Users\ace-dajana\Desktop\C_Bolln_SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 18:25:56 | 000,653,399 | ---- | C] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-005121.pdf [2012/02/22 14:53:01 | 000,012,926 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Saints Row 3.lnk [2012/02/22 08:10:13 | 000,161,508 | ---- | C] () -- C:\Users\ace-dajana\Desktop\2SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 07:57:19 | 000,269,384 | ---- | C] () -- C:\Users\ace-dajana\Desktop\barclaycard.pdf [2012/02/21 12:59:39 | 000,653,804 | ---- | C] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/16 14:29:15 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/02/12 22:18:27 | 000,000,973 | ---- | C] () -- C:\Users\ace-dajana\Desktop\VirtualDJ PRO Full.lnk [2011/12/13 21:26:19 | 000,007,607 | ---- | C] () -- C:\Users\ace-dajana\AppData\Local\Resmon.ResmonCfg [2011/11/16 00:08:51 | 000,000,120 | ---- | C] () -- C:\Users\ace-dajana\AppData\Roaming\default.pls [2011/11/13 19:46:52 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\GkSui20.EXE [2011/10/28 15:18:47 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/08/31 18:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/08/31 18:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/08/31 18:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/07/21 15:54:32 | 000,000,316 | ---- | C] () -- C:\Windows\ODBC.INI [2011/07/21 15:53:14 | 001,738,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/07/20 23:02:46 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/07/20 23:02:39 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/07/20 22:42:21 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2011/04/24 12:57:25 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2011/04/24 12:57:24 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe [2011/04/24 12:35:41 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/04/24 12:35:38 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== LOP Check ========== [2011/12/11 17:06:34 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\ASCOMP Software [2012/01/06 21:43:16 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Ashampoo [2012/01/09 08:58:27 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2012/01/09 08:56:43 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Command and Conquer 3 Kanes Wrath [2012/03/03 18:06:07 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\concept design [2011/12/11 17:11:41 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\DAEMON Tools Lite [2011/07/30 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1 [2011/07/29 13:37:40 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\HTC [2011/07/29 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012/02/26 21:47:27 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\JLC's Software [2011/07/20 22:59:59 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Leadertech [2012/03/03 18:06:05 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Mp3tag [2011/12/08 07:07:28 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Notepad++ [2012/03/03 18:06:02 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\PacificPoker [2011/10/30 16:26:01 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\pdfforge [2012/03/03 09:25:43 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\uTorrent [2011/10/29 11:12:35 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Vodafone [2011/11/23 17:38:17 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012/03/02 08:07:47 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012/03/03 18:17:58 | 000,000,000 | -HSD | M] -- C:\found.000 [2012/03/02 09:06:08 | 000,000,000 | ---D | M] -- C:\InstantOnOS [2012/03/03 18:06:12 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012/02/20 15:11:37 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011/07/20 20:04:56 | 000,000,000 | -HSD | M] -- C:\Recovery [2012/03/03 09:29:14 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011/07/21 17:09:51 | 000,000,000 | R--D | M] -- C:\Users [2012/03/03 09:26:57 | 000,000,000 | ---D | M] -- C:\Windows [2012/01/02 15:30:03 | 000,000,000 | ---D | M] -- C:\Wirtschaftinformatik < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTOR.SYS > [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys < MD5 for: IASTORV.SYS > [2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %USERPROFILE%\*.* > [2012/01/06 21:44:23 | 000,001,024 | ---- | M] () -- C:\Users\ace-dajana\.rnd [2012/03/03 09:38:57 | 008,388,608 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat [2012/03/03 09:38:57 | 000,262,144 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat.LOG1 [2011/07/20 20:14:57 | 000,000,000 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat.LOG2 [2011/07/20 22:34:37 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2011/07/20 22:34:37 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2011/07/20 22:34:37 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2011/11/07 11:24:40 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TM.blf [2011/11/07 11:24:40 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TMContainer00000000000000000001.regtrans-ms [2011/11/07 11:24:40 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TMContainer00000000000000000002.regtrans-ms [2012/02/07 22:45:48 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TM.blf [2012/02/07 22:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TMContainer00000000000000000001.regtrans-ms [2012/02/07 22:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TMContainer00000000000000000002.regtrans-ms [2011/07/20 20:14:57 | 000,000,020 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < End of report > Danke schonmal für eure Hilfe... |
|
03.03.2012, 10:08
| #2 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen ... und hier der Extras.TXT:OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 3/3/2012 9:31:57 AM - Run 1 OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\ace-dajana\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.91 Gb Total Physical Memory | 3.32 Gb Available Physical Memory | 84.86% Memory free 7.82 Gb Paging File | 7.24 Gb Available in Paging File | 92.61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 657.54 Gb Total Space | 450.42 Gb Free Space | 68.50% Space Free | Partition Type: NTFS Drive D: | 37.99 Gb Total Space | 8.16 Gb Free Space | 21.49% Space Free | Partition Type: NTFS Computer Name: ACE-DAJANA-PC | User Name: ace-dajana | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/03/03 08:32:08 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2011/07/20 23:02:45 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006/12/19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011/08/31 18:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/07/27 07:44:01 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011/07/27 07:44:01 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011/07/20 22:50:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/04/15 00:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011/03/24 14:47:04 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2011/03/24 14:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011/03/24 14:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011/03/15 17:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/24 19:40:20 | 008,591,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011/02/10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011/02/10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011/01/25 20:48:04 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011/01/24 10:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010/10/15 00:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010/09/16 08:08:50 | 001,077,416 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764) DRV:64bit: - [2010/09/03 13:46:48 | 001,392,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/06/25 15:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010/04/22 02:06:42 | 000,399,936 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2_usb.sys -- (NUMARK_OMNICONTROL) DRV:64bit: - [2010/04/22 02:06:40 | 000,050,240 | ---- | M] (Numark) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2_wdm.sys -- (NUMARK_OMNICONTROL_WDM) DRV:64bit: - [2010/04/22 02:06:38 | 000,031,296 | ---- | M] (Numark) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nkc2midi.sys -- (NUMARK_OMNICONTROL_MIDI) DRV:64bit: - [2009/11/01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2009/06/29 17:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/13 20:47:44 | 000,032,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF) DRV:64bit: - [2009/05/13 20:26:14 | 000,015,896 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10hid.sys -- (X10Hid) DRV:64bit: - [2009/04/09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {7B61669A-BD41-4028-97CE-5436F1821D34} IE - HKCU\..\SearchScopes\{7B61669A-BD41-4028-97CE-5436F1821D34}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.100 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/03 18:06:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/14 19:05:47 | 000,000,000 | ---D | M] [2011/07/20 21:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Extensions [2012/02/28 22:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions [2011/12/29 13:58:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/07/20 20:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ace-dajana\AppData\Roaming\mozilla\Firefox\Profiles\j0loksl1.default\extensions\nostmp [2012/02/16 14:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/01/05 14:47:47 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de () (No name found) -- C:\USERS\ACE-DAJANA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J0LOKSL1.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI () (No name found) -- C:\USERS\ACE-DAJANA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J0LOKSL1.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI [2012/02/21 15:06:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/07/11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012/02/08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/02/08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/02/08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/02/08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/02/08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/02/08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll File not found O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL File not found O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File not found O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll File not found O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp File not found O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s File not found O4:64bit: - HKLM..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe File not found O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found O4 - HKLM..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min File not found O4 - HKLM..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" File not found O4 - HKLM..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart File not found O4 - HKLM..\Run: [HotkeyApp] "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe" File not found O4 - HKLM..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe" File not found O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [Wbutton] "C:\Program Files (x86)\Launch Manager\Wbutton.exe" File not found O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found O4 - HKCU..\Run: [SkypeM] C:\Users\ace-dajana\AppData\Local\Skype\Skype.exe (Unizeto Sp. z o.o.) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll File not found O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll File not found O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll File not found O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C98CD9E-06C7-4B36-AC4B-6E3E3B0E020D}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL File not found O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{30bbd6cb-022a-11e1-9ba9-001e101f63cf}\Shell - "" = AutoRun O33 - MountPoints2\{30bbd6cb-022a-11e1-9ba9-001e101f63cf}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{30bbd6da-022a-11e1-9ba9-001e101f63cf}\Shell - "" = AutoRun O33 - MountPoints2\{30bbd6da-022a-11e1-9ba9-001e101f63cf}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{370d8c3d-0088-11e1-b156-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{370d8c3d-0088-11e1-b156-00262dc6ff00}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{370d8c46-0088-11e1-b156-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{370d8c46-0088-11e1-b156-00262dc6ff00}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f61bac3d-02fc-11e1-b8ed-00262dc6ff00}\Shell - "" = AutoRun O33 - MountPoints2\{f61bac3d-02fc-11e1-b8ed-00262dc6ff00}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP MsConfig:64bit - StartUpFolder: C:^Users^ace-dajana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Versandhelfer.lnk - - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - File not found MsConfig:64bit - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - File not found MsConfig:64bit - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) MsConfig:64bit - StartUpReg: XboxStat - hkey= - key= - File not found MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012/03/03 18:17:58 | 000,000,000 | -HSD | C] -- C:\found.000 [2012/03/03 08:32:06 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe [2012/03/02 09:06:08 | 000,000,000 | ---D | C] -- C:\InstantOnOS [2012/03/02 08:07:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/02/29 17:35:37 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Controlling mit Excel [2012/02/29 17:35:32 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Braunhart E&F [2012/02/26 22:32:03 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Local\Zattoo [2012/02/26 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2012/02/26 22:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2012/02/26 22:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4 [2012/02/26 21:47:27 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\JLC's Software [2012/02/26 21:47:20 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JLC's Software [2012/02/26 21:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JLC's Software [2012/02/26 21:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JLC's Software [2012/02/26 21:25:50 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\Podcast Studio [2012/02/26 21:25:19 | 000,962,560 | ---- | C] (East Wind Software) -- C:\Windows\SysWow64\advdaudio.ocx [2012/02/26 21:25:19 | 000,634,880 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll [2012/02/26 21:25:19 | 000,522,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll [2012/02/26 21:25:19 | 000,467,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll [2012/02/26 21:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design [2012/02/26 21:25:18 | 000,966,144 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll [2012/02/26 21:25:18 | 000,877,568 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll [2012/02/26 21:25:18 | 000,467,456 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll [2012/02/26 21:25:17 | 000,413,696 | ---- | C] (Gabest) -- C:\Windows\SysWow64\flvsplitter.ax [2012/02/26 21:25:17 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\onlineTV 6 [2012/02/26 21:25:17 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\concept design [2012/02/22 14:50:48 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Local\SKIDROW [2012/02/22 14:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2012/02/22 14:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ [2012/02/13 11:02:21 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Soca Alben [2012/02/13 11:01:55 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Soca+Znouk+Calypso Alben [2012/02/13 10:57:53 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Riddims check [2012/02/12 22:18:26 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ [2012/02/12 22:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ [2012/02/09 20:23:35 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Naturbilder [2012/02/07 22:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker [2012/02/07 18:03:18 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\Meine empfangenen Dateien [2012/02/07 17:31:33 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Desktop\Telekom Unterlagen [2012/02/03 20:53:43 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\Documents\888poker [2012/02/03 20:53:43 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker [2012/02/03 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\ace-dajana\AppData\Roaming\PacificPoker [2012/02/03 20:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PacificPoker [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/03/03 09:26:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/03/03 09:26:57 | 3148,091,392 | -HS- | M] () -- C:\hiberfil.sys [2012/03/03 09:25:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/03/03 09:25:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/03/03 08:32:08 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\ace-dajana\Desktop\OTL.exe [2012/03/02 08:11:35 | 087,227,952 | ---- | M] () -- C:\Users\ace-dajana\Desktop\avira_free_antivirus_898de.exe [2012/03/01 20:51:06 | 000,537,331 | ---- | M] () -- C:\Users\ace-dajana\Desktop\E&F_Gruppenarbeit_dt. Bankenlandschaft_WS 2011-12.pdf [2012/03/01 17:48:41 | 001,761,096 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/03/01 17:48:41 | 000,754,068 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/03/01 17:48:41 | 000,699,084 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/03/01 17:48:41 | 000,172,008 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/03/01 17:48:41 | 000,138,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/02/29 20:48:44 | 000,017,408 | ---- | M] () -- C:\Users\ace-dajana\AppData\Local\WebpageIcons.db [2012/02/29 19:53:06 | 000,667,881 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Postbank.pdf [2012/02/29 10:01:18 | 178,097,074 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Richie Stephens feat. Gentleman - Warrior (OFFICIAL MUSIC VI.mp4 [2012/02/27 09:43:35 | 058,654,584 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Dancehall Mix 1_2012.mp3 [2012/02/26 22:30:15 | 000,001,872 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Zattoo.lnk [2012/02/26 21:51:05 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012/02/22 18:32:54 | 000,181,736 | ---- | M] () -- C:\Users\ace-dajana\Desktop\C_Bolln_SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 18:25:56 | 000,653,399 | ---- | M] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-005121.pdf [2012/02/22 14:53:01 | 000,012,926 | ---- | M] () -- C:\Users\ace-dajana\Desktop\Saints Row 3.lnk [2012/02/22 08:10:16 | 000,161,508 | ---- | M] () -- C:\Users\ace-dajana\Desktop\2SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 07:57:24 | 000,269,384 | ---- | M] () -- C:\Users\ace-dajana\Desktop\barclaycard.pdf [2012/02/21 12:59:40 | 000,653,804 | ---- | M] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/20 10:01:27 | 000,183,112 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/02/16 14:29:15 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/02/16 03:35:43 | 000,511,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/02/12 22:18:27 | 000,000,973 | ---- | M] () -- C:\Users\ace-dajana\Desktop\VirtualDJ PRO Full.lnk [2012/02/11 21:07:20 | 000,413,696 | ---- | M] (Gabest) -- C:\Windows\SysWow64\flvsplitter.ax [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/03/02 08:15:01 | 087,227,952 | ---- | C] () -- C:\Users\ace-dajana\Desktop\avira_free_antivirus_898de.exe [2012/03/02 08:07:32 | 3148,091,392 | -HS- | C] () -- C:\hiberfil.sys [2012/03/01 21:49:43 | 001,536,258 | ---- | C] () -- C:\Users\ace-dajana\Desktop\IMG_1918.JPG [2012/03/01 20:51:05 | 000,537,331 | ---- | C] () -- C:\Users\ace-dajana\Desktop\E&F_Gruppenarbeit_dt. Bankenlandschaft_WS 2011-12.pdf [2012/02/29 19:53:06 | 000,667,881 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Postbank.pdf [2012/02/29 09:59:30 | 178,097,074 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Richie Stephens feat. Gentleman - Warrior (OFFICIAL MUSIC VI.mp4 [2012/02/27 09:39:59 | 058,654,584 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Dancehall Mix 1_2012.mp3 [2012/02/26 22:32:03 | 000,017,408 | ---- | C] () -- C:\Users\ace-dajana\AppData\Local\WebpageIcons.db [2012/02/26 22:30:15 | 000,001,872 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Zattoo.lnk [2012/02/26 21:51:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012/02/26 21:25:19 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2012/02/26 21:25:19 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2012/02/26 21:25:18 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2012/02/22 18:32:48 | 000,181,736 | ---- | C] () -- C:\Users\ace-dajana\Desktop\C_Bolln_SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 18:25:56 | 000,653,399 | ---- | C] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-005121.pdf [2012/02/22 14:53:01 | 000,012,926 | ---- | C] () -- C:\Users\ace-dajana\Desktop\Saints Row 3.lnk [2012/02/22 08:10:13 | 000,161,508 | ---- | C] () -- C:\Users\ace-dajana\Desktop\2SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/22 07:57:19 | 000,269,384 | ---- | C] () -- C:\Users\ace-dajana\Desktop\barclaycard.pdf [2012/02/21 12:59:39 | 000,653,804 | ---- | C] () -- C:\Users\ace-dajana\Desktop\SchadenOnlineMeldung_SON-12-004929.pdf [2012/02/16 14:29:15 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/02/12 22:18:27 | 000,000,973 | ---- | C] () -- C:\Users\ace-dajana\Desktop\VirtualDJ PRO Full.lnk [2011/12/13 21:26:19 | 000,007,607 | ---- | C] () -- C:\Users\ace-dajana\AppData\Local\Resmon.ResmonCfg [2011/11/16 00:08:51 | 000,000,120 | ---- | C] () -- C:\Users\ace-dajana\AppData\Roaming\default.pls [2011/11/13 19:46:52 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\GkSui20.EXE [2011/10/28 15:18:47 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/08/31 18:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/08/31 18:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/08/31 18:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/07/21 15:54:32 | 000,000,316 | ---- | C] () -- C:\Windows\ODBC.INI [2011/07/21 15:53:14 | 001,738,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/07/20 23:02:46 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/07/20 23:02:39 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/07/20 22:42:21 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2011/04/24 12:57:25 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2011/04/24 12:57:24 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe [2011/04/24 12:35:41 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/04/24 12:35:38 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== LOP Check ========== [2011/12/11 17:06:34 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\ASCOMP Software [2012/01/06 21:43:16 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Ashampoo [2012/01/09 08:58:27 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2012/01/09 08:56:43 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Command and Conquer 3 Kanes Wrath [2012/03/03 18:06:07 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\concept design [2011/12/11 17:11:41 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\DAEMON Tools Lite [2011/07/30 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1 [2011/07/29 13:37:40 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\HTC [2011/07/29 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012/02/26 21:47:27 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\JLC's Software [2011/07/20 22:59:59 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Leadertech [2012/03/03 18:06:05 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Mp3tag [2011/12/08 07:07:28 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Notepad++ [2012/03/03 18:06:02 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\PacificPoker [2011/10/30 16:26:01 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\pdfforge [2012/03/03 09:25:43 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\uTorrent [2011/10/29 11:12:35 | 000,000,000 | ---D | M] -- C:\Users\ace-dajana\AppData\Roaming\Vodafone [2011/11/23 17:38:17 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012/03/02 08:07:47 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012/03/03 18:17:58 | 000,000,000 | -HSD | M] -- C:\found.000 [2012/03/02 09:06:08 | 000,000,000 | ---D | M] -- C:\InstantOnOS [2012/03/03 18:06:12 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012/02/20 15:11:37 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011/07/20 20:04:56 | 000,000,000 | -HSD | M] -- C:\Recovery [2012/03/03 09:29:14 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011/07/21 17:09:51 | 000,000,000 | R--D | M] -- C:\Users [2012/03/03 09:26:57 | 000,000,000 | ---D | M] -- C:\Windows [2012/01/02 15:30:03 | 000,000,000 | ---D | M] -- C:\Wirtschaftinformatik < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTOR.SYS > [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys < MD5 for: IASTORV.SYS > [2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %USERPROFILE%\*.* > [2012/01/06 21:44:23 | 000,001,024 | ---- | M] () -- C:\Users\ace-dajana\.rnd [2012/03/03 09:38:57 | 008,388,608 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat [2012/03/03 09:38:57 | 000,262,144 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat.LOG1 [2011/07/20 20:14:57 | 000,000,000 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat.LOG2 [2011/07/20 22:34:37 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2011/07/20 22:34:37 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2011/07/20 22:34:37 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2011/11/07 11:24:40 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TM.blf [2011/11/07 11:24:40 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TMContainer00000000000000000001.regtrans-ms [2011/11/07 11:24:40 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cbbf8a73-085a-11e1-91e0-00262dc6ff00}.TMContainer00000000000000000002.regtrans-ms [2012/02/07 22:45:48 | 000,065,536 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TM.blf [2012/02/07 22:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TMContainer00000000000000000001.regtrans-ms [2012/02/07 22:45:48 | 000,524,288 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.dat{cec7beb5-51cd-11e1-bce0-bc773720b9cf}.TMContainer00000000000000000002.regtrans-ms [2011/07/20 20:14:57 | 000,000,020 | -HS- | M] () -- C:\Users\ace-dajana\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < End of report > |
|
03.03.2012, 11:35
| #3 |
| /// Malware-holic   | Virus - Betreibssystem blockiert, 50 Euro zahlen hi
__________________dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - HKCU..\Run: [SkypeM] C:\Users\ace-dajana\AppData\Local\Skype\Skype.exe (Unizeto Sp. z o.o.)
:Files
C:\Users\ace-dajana\AppData\Local\Skype
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
03.03.2012, 15:31
| #4 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen Hi, Upload erfolgreich abgeschlossen. Der Text aus der TXT-Datei von OTL lautet: All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SkypeM not found. C:\Users\ace-dajana\AppData\Local\Skype\Skype.exe moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: .wh..wh.orph User: .wh..wh.plnk User: ace-dajana ->Flash cache emptied: 57155 bytes User: All Users User: Default ->Flash cache emptied: 56468 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: .wh..wh.orph User: .wh..wh.plnk User: ace-dajana ->Temp folder emptied: 417867170 bytes ->Temporary Internet Files folder emptied: 2049002 bytes ->Java cache emptied: 567294 bytes ->FireFox cache emptied: 59120054 bytes ->Flash cache emptied: 0 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 57482 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 4857104 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 139010016 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 758 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 595.00 mb OTL by OldTimer - Version 3.2.35.0 log created on 03032012_152421 Files\Folders moved on Reboot... C:\Users\ace-dajana\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... ...ich verstehe nur Bahnhof, bin aber super dankbar, dass ihr mir helft, ganz große Klasse. Danke! Gruß, Chritian |
|
03.03.2012, 15:42
| #5 |
| /// Malware-holic | Virus - Betreibssystem blockiert, 50 Euro zahlen danke für den upload. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2012, 16:00
| #6 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen Combofix Logfile: Code:
ATTFilter ComboFix 12-03-02.01 - ace-dajana 03.03.2012 15:50:36.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4003.2558 [GMT 1:00]
ausgeführt von:: c:\users\ace-dajana\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\ace-dajana\AppData\Local\assembly\tmp
c:\windows\iun6002.exe
c:\windows\SysWow64\html
c:\windows\SysWow64\html\calendar.html
c:\windows\SysWow64\html\calendarbottom.html
c:\windows\SysWow64\html\calendartop.html
c:\windows\SysWow64\html\crystalexportdialog.htm
c:\windows\SysWow64\html\crystalprinthost.html
c:\windows\SysWow64\images
c:\windows\SysWow64\images\toolbar\calendar.gif
c:\windows\SysWow64\images\toolbar\crlogo.gif
c:\windows\SysWow64\images\toolbar\export.gif
c:\windows\SysWow64\images\toolbar\export_over.gif
c:\windows\SysWow64\images\toolbar\exportd.gif
c:\windows\SysWow64\images\toolbar\First.gif
c:\windows\SysWow64\images\toolbar\first_over.gif
c:\windows\SysWow64\images\toolbar\Firstd.gif
c:\windows\SysWow64\images\toolbar\gotopage.gif
c:\windows\SysWow64\images\toolbar\gotopage_over.gif
c:\windows\SysWow64\images\toolbar\gotopaged.gif
c:\windows\SysWow64\images\toolbar\grouptree.gif
c:\windows\SysWow64\images\toolbar\grouptree_over.gif
c:\windows\SysWow64\images\toolbar\grouptreed.gif
c:\windows\SysWow64\images\toolbar\grouptreepressed.gif
c:\windows\SysWow64\images\toolbar\Last.gif
c:\windows\SysWow64\images\toolbar\last_over.gif
c:\windows\SysWow64\images\toolbar\Lastd.gif
c:\windows\SysWow64\images\toolbar\Next.gif
c:\windows\SysWow64\images\toolbar\next_over.gif
c:\windows\SysWow64\images\toolbar\Nextd.gif
c:\windows\SysWow64\images\toolbar\Prev.gif
c:\windows\SysWow64\images\toolbar\prev_over.gif
c:\windows\SysWow64\images\toolbar\Prevd.gif
c:\windows\SysWow64\images\toolbar\print.gif
c:\windows\SysWow64\images\toolbar\print_over.gif
c:\windows\SysWow64\images\toolbar\printd.gif
c:\windows\SysWow64\images\toolbar\Refresh.gif
c:\windows\SysWow64\images\toolbar\refresh_over.gif
c:\windows\SysWow64\images\toolbar\refreshd.gif
c:\windows\SysWow64\images\toolbar\Search.gif
c:\windows\SysWow64\images\toolbar\search_over.gif
c:\windows\SysWow64\images\toolbar\searchd.gif
c:\windows\SysWow64\images\toolbar\up.gif
c:\windows\SysWow64\images\toolbar\up_over.gif
c:\windows\SysWow64\images\toolbar\upd.gif
c:\windows\SysWow64\images\tree\begindots.gif
c:\windows\SysWow64\images\tree\beginminus.gif
c:\windows\SysWow64\images\tree\beginplus.gif
c:\windows\SysWow64\images\tree\blank.gif
c:\windows\SysWow64\images\tree\blankdots.gif
c:\windows\SysWow64\images\tree\dots.gif
c:\windows\SysWow64\images\tree\lastdots.gif
c:\windows\SysWow64\images\tree\lastminus.gif
c:\windows\SysWow64\images\tree\lastplus.gif
c:\windows\SysWow64\images\tree\Magnify.gif
c:\windows\SysWow64\images\tree\minus.gif
c:\windows\SysWow64\images\tree\minusbox.gif
c:\windows\SysWow64\images\tree\plus.gif
c:\windows\SysWow64\images\tree\plusbox.gif
c:\windows\SysWow64\images\tree\singleminus.gif
c:\windows\SysWow64\images\tree\singleplus.gif
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-03 bis 2012-03-03 ))))))))))))))))))))))))))))))
.
.
2012-03-03 17:17 . 2012-03-03 17:17 -------- d-----w- C:\found.000
2012-03-03 14:55 . 2012-03-03 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-03 14:24 . 2012-03-03 14:28 -------- d-----w- C:\_OTL
2012-03-03 12:46 . 2012-03-03 12:51 -------- d-----w- c:\programdata\Spyware Terminator
2012-03-03 12:46 . 2012-03-03 12:46 -------- d-----w- c:\users\ace-dajana\AppData\Roaming\Spyware Terminator
2012-03-03 12:46 . 2012-03-03 12:46 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-03-03 12:44 . 2012-03-03 12:44 -------- d-----w- c:\users\ace-dajana\AppData\Roaming\Malwarebytes
2012-03-03 12:44 . 2012-03-03 12:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-03 12:44 . 2012-03-03 12:44 -------- d-----w- c:\programdata\Malwarebytes
2012-03-03 12:44 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-03 09:23 . 2012-03-03 14:53 -------- d-----w- C:\Program Files
2012-03-02 08:06 . 2012-03-02 08:06 -------- d---a-w- C:\InstantOnOS
2012-03-02 06:48 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB169858-CA15-41E1-88C1-CECDF66A7E97}\mpengine.dll
2012-02-26 21:32 . 2012-02-26 21:32 -------- d-----w- c:\users\ace-dajana\AppData\Local\Zattoo
2012-02-26 21:30 . 2012-03-03 17:06 -------- d-----w- c:\program files (x86)\Zattoo4
2012-02-26 20:47 . 2012-02-26 20:47 -------- d-----w- c:\users\ace-dajana\AppData\Roaming\JLC's Software
2012-02-26 20:47 . 2012-02-26 20:47 -------- d-----w- c:\program files (x86)\JLC's Software
2012-02-26 20:25 . 2011-03-29 11:52 962560 ----a-w- c:\windows\SysWow64\advdaudio.ocx
2012-02-26 20:25 . 2011-03-29 11:52 634880 ----a-w- c:\windows\SysWow64\NCTAudioEditor2.dll
2012-02-26 20:25 . 2011-03-29 11:52 522752 ----a-w- c:\windows\SysWow64\NCTAudioTransform2.dll
2012-02-26 20:25 . 2011-03-29 11:52 467968 ----a-w- c:\windows\SysWow64\NCTAudioRecord2.dll
2012-02-26 20:25 . 2011-03-29 11:52 23040 ----a-w- c:\windows\SysWow64\auth.dll
2012-02-26 20:25 . 2011-03-29 11:52 110080 ----a-w- c:\windows\SysWow64\advd.dll
2012-02-26 20:25 . 2011-03-29 11:52 966144 ----a-w- c:\windows\SysWow64\NCTAudioInformation2.dll
2012-02-26 20:25 . 2011-03-29 11:52 877568 ----a-w- c:\windows\SysWow64\NCTAudioFile2.dll
2012-02-26 20:25 . 2011-03-29 11:52 467456 ----a-w- c:\windows\SysWow64\NCTAudioPlayer2.dll
2012-02-26 20:25 . 2011-03-29 11:52 237568 ----a-w- c:\windows\SysWow64\lame_enc.dll
2012-02-26 20:25 . 2012-03-03 17:06 -------- d-----w- c:\users\ace-dajana\AppData\Roaming\concept design
2012-02-26 20:25 . 2012-02-11 20:07 413696 ----a-w- c:\windows\SysWow64\flvsplitter.ax
2012-02-22 13:50 . 2012-02-22 13:50 -------- d-----w- c:\users\ace-dajana\AppData\Local\SKIDROW
2012-02-22 13:23 . 2012-02-22 13:23 -------- d-----w- c:\program files (x86)\THQ
2012-02-15 09:37 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 09:37 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-15 09:37 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 09:37 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 09:37 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-15 09:37 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 09:37 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 09:37 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-12 21:18 . 2012-02-12 21:18 -------- d-----w- c:\program files (x86)\VirtualDJ
2012-02-03 19:53 . 2012-03-03 17:06 -------- d-----w- c:\users\ace-dajana\AppData\Roaming\PacificPoker
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-26 21:31 . 2011-07-21 15:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-20 09:01 . 2011-07-20 22:02 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-02-16 13:20 . 2011-04-24 10:50 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-07 21:51 . 2011-10-13 09:54 2391136 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2012-01-29 04:10 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-20 10:53 . 2011-07-22 05:58 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-01-20 10:53 . 2011-07-22 05:58 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-01-20 10:53 . 2011-07-22 05:58 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-13 08:35 . 2011-07-24 15:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-01-13 08:35 . 2011-07-24 15:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-01-13 02:21 . 2011-10-06 20:08 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-01-09 20:05 . 2011-07-24 15:54 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-01-09 20:05 . 2011-07-24 15:54 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-01-07 15:06 . 2011-10-28 14:18 2337865 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-01-07 14:15 . 2012-01-07 14:15 4408 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2012-01-07 13:52 . 2012-01-07 13:52 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-09 18:45 . 2011-12-09 18:45 60416 ----a-w- c:\windows\system32\drivers\iBtFltCoex.sys
2011-12-09 18:34 . 2011-12-09 18:34 47616 ----a-w- c:\windows\system32\opphelper.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys [x]
R3 NUMARK_OMNICONTROL;Numark OMNI CONTROL USB driver;c:\windows\system32\Drivers\nkc2_usb.sys [x]
R3 NUMARK_OMNICONTROL_MIDI;Numark OMNI CONTROL WDM MIDI Device;c:\windows\system32\drivers\nkc2midi.sys [x]
R3 NUMARK_OMNICONTROL_WDM;Numark OMNI CONTROL WDM;c:\windows\system32\drivers\nkc2_wdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
AddRemove-888poker - c:\progra~2\PACIFI~1\UNWISE.EXE
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe
AddRemove-InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} - c:\program files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe
AddRemove-InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} - c:\program files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe
AddRemove-InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB} - c:\program files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe
AddRemove-InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861} - c:\program files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe
AddRemove-InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} - c:\program files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe
AddRemove-InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
AddRemove-InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} - c:\program files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe
AddRemove-InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} - c:\program files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe
AddRemove-InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384} - c:\program files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe
AddRemove-InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-_{72DB27D3-FE05-4227-AF5A-11CD101ECF09} - c:\program files (x86)\Common Files\Corel\Shared\Shell Extension\ShellUninst.exe
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe
AddRemove-{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} - c:\program files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{62BBB2F0-E220-4821-A564-730807D2C34D} - c:\program files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe
AddRemove-{80E158EA-7181-40FE-A701-301CE6BE64AB} - c:\program files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe
AddRemove-{B7A0CE06-068E-11D6-97FD-0050BACBF861} - c:\program files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe
AddRemove-{C59C179C-668D-49A9-B6EA-0121CCFC1243} - c:\program files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe
AddRemove-{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
AddRemove-{D0846526-66DD-4DC9-A02C-98F9A2806812} - c:\program files (x86)\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\setup.exe
AddRemove-{D36DD326-7280-11D8-97C8-000129760CBE} - c:\program files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe
AddRemove-{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} - c:\program files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe
AddRemove-{E3739848-5329-48E3-8D28-5BBD6E8BE384} - c:\program files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe
AddRemove-{E3D04529-6EDB-11D8-A372-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3887922315-417070577-2803871075-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:6b,5a,08,bf,74,e5,d1,53,65,28,7f,bf,80,0d,18,3a,c7,c4,3c,83,14,e9,1e,
7f,0f,7d,6a,99,28,e6,d4,b1,0d,ad,75,ff,9b,bd,c4,ec,b4,fb,79,6b,a8,b1,90,46,\
"??"=hex:08,2e,ce,66,27,7b,28,d6,99,1e,98,bb,8f,8f,87,68
.
[HKEY_USERS\S-1-5-21-3887922315-417070577-2803871075-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,a0,5e,e0,ec,e4,f8,6f,a7,44,ae,b0,91,5b,4d,5b,ba,23,62,c7,6d,
f2,a0,d8,f0,af,7f,aa,f0,7a,e4,9b,e1,eb,49,3d,d3,cd,95,fd,de,4f,3d,9f,79,fc,\
"rkeysecu"=hex:98,7f,33,10,fc,61,a3,be,36,28,33,9a,3e,76,52,65
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-03-03 15:58:24
ComboFix-quarantined-files.txt 2012-03-03 14:58
.
Vor Suchlauf: 8 Verzeichnis(se), 493.872.041.984 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 493.723.033.600 Bytes frei
.
- - End Of File - - E6D9CAE90FD9D4F50A7EFD85A6B4DE9D
|
|
03.03.2012, 16:03
| #7 |
| /// Malware-holic | Virus - Betreibssystem blockiert, 50 Euro zahlen öffne Malwarebytes logdateien, poste alle berichte.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2012, 16:12
| #8 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.03.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ace-dajana :: ACE-DAJANA-PC [Administrator] Schutz: Aktiviert 03.03.2012 16:10:33 mbam-log-2012-03-03 (16-10-33).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 205962 Laufzeit: 1 Minute(n), Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
03.03.2012, 16:13
| #9 |
| /// Malware-holic | Virus - Betreibssystem blockiert, 50 Euro zahlen ich will kein neues, ich will die alten logs, wie bereits gesagt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2012, 16:14
| #10 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen 2012/03/03 14:25:13 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting protection 2012/03/03 14:25:16 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Protection started successfully 2012/03/03 14:25:19 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting IP protection 2012/03/03 14:25:20 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection started successfully 2012/03/03 14:27:04 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 121.125.162.208 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:28:09 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 79.135.146.70 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:29:13 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 89.28.62.200 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:29:46 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 89.28.62.200 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:30:18 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 89.28.85.25 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:31:07 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 79.135.131.35 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 14:31:22 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Stopping IP protection 2012/03/03 14:31:44 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Executing scheduled update: Daily 2012/03/03 14:31:44 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Database already up-to-date 2012/03/03 14:32:25 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection stopped 2012/03/03 15:19:19 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting protection 2012/03/03 15:19:21 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Protection started successfully 2012/03/03 15:19:24 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting IP protection 2012/03/03 15:19:25 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection started successfully 2012/03/03 15:27:47 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting protection 2012/03/03 15:27:50 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Protection started successfully 2012/03/03 15:27:53 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting IP protection 2012/03/03 15:27:54 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection started successfully 2012/03/03 15:28:49 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 222.64.219.221 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 15:32:11 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 46.17.98.235 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 15:43:44 +0100 ACE-DAJANA-PC ace-dajana IP-BLOCK 213.186.116.244 (Type: outgoing, Port: 6881, Process: spywareterminatorupdate.exe) 2012/03/03 15:47:35 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Stopping IP protection 2012/03/03 15:48:41 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection stopped 2012/03/03 16:05:19 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting database refresh 2012/03/03 16:05:21 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Database refreshed successfully 2012/03/03 16:10:04 +0100 ACE-DAJANA-PC ace-dajana MESSAGE Starting IP protection 2012/03/03 16:10:04 +0100 ACE-DAJANA-PC ace-dajana MESSAGE IP Protection started successfully |
|
03.03.2012, 16:15
| #11 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.03.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ace-dajana :: ACE-DAJANA-PC [Administrator] Schutz: Deaktiviert 03.03.2012 16:06:23 mbam-log-2012-03-03 (16-06-23).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 205924 Laufzeit: 2 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) mehr hab ich nich.... |
|
03.03.2012, 16:25
| #12 |
| /// Malware-holic | Virus - Betreibssystem blockiert, 50 Euro zahlen ok, jetzt Malwarebytes updaten, vollständiger scan, funde löschen log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2012, 17:16
| #13 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.03.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ace-dajana :: ACE-DAJANA-PC [Administrator] Schutz: Aktiviert 03.03.2012 16:30:28 mbam-log-2012-03-03 (16-30-28).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 371136 Laufzeit: 42 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
03.03.2012, 17:17
| #14 |
| /// Malware-holic | Virus - Betreibssystem blockiert, 50 Euro zahlen sehr gut. lade den CCleaner standard: CCleaner Download - CCleaner 3.16.1666 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2012, 17:37
| #15 |
| | Virus - Betreibssystem blockiert, 50 Euro zahlen gibts irgendwo nen Donate Button? 888poker 06.02.2012 notwendig Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 20.07.2011 6,00MB 10.3.181.34 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 25.02.2012 6,00MB 11.1.102.62 notwendig Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 11.11.2011 6,00MB 11.1.102.55 notwendig Adobe Reader X (10.1.2) - Deutsch Adobe Systems Incorporated 09.02.2012 122,0MB 10.1.2 notwendig AMI VR-pulse OS Switcher American Megatrends Inc. 23.04.2011 0,36MB 1.1 unbekannt Apple Mobile Device Support Apple Inc. 18.08.2011 22,7MB 3.4.1.2 unnötig Apple Software Update Apple Inc. 18.08.2011 2,38MB 2.1.3.127 unnötig Ashampoo Burning Studio ashampoo GmbH & Co. KG 23.04.2011 130,5MB 9.23.0 unnötig Ashampoo Photo Commander ashampoo GmbH & Co. KG 23.04.2011 115,3MB 8.3.2 unnötig Ashampoo Photo Optimizer ashampoo GmbH & Co. KG 23.04.2011 37,1MB 3.12.0 unnötig Ashampoo Snap ashampoo GmbH & Co. KG 23.04.2011 29,8MB 3.4.1 unnötig Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 23.04.2011 1.0.0.39 unbekannt CCleaner Piriform 02.03.2012 3.16 notwendig Codec Pack - All In 1 6.0.3.0 20.07.2011 unbekannt Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 23.04.2011 5,57MB 15.4.5722.2 unbekannt Corel Graphics - Windows Shell Extension Corel Corporation 19.07.2011 2,93MB 15.1.0.588 unbekannt CorelDRAW Essentials X5 - Extra Content Corel Corporation 19.07.2011 unnötig Crystal Reports Basic for Visual Studio 2008 Business Objects 20.07.2011 173,2MB 10.5.0.0 notwendig Crystal Reports Basic German Language Pack for Visual Studio 2008 Business Objects 20.07.2011 19,1MB 10.5.0.0 notwendig Crystal Reports Basic Runtime for Visual Studio 2008 (x64) Business Objects 20.07.2011 64,6MB 10.5.0.0 notwendig Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) Business Objects 20.07.2011 2,51MB 10.5.0.0 notwendig CyberLink LabelPrint CyberLink Corp. 26.04.2011 57,4MB 2.5.3624 unbekannt CyberLink MediaEspresso CyberLink Corp. 26.04.2011 159,0MB 6.5.1508_36229 unbekannt CyberLink MediaShow CyberLink Corp. 26.04.2011 390MB 5.1.2414 unbekannt CyberLink PhotoNow CyberLink Corp. 26.04.2011 21,8MB 1.1.0.6904 unbekannt CyberLink Power2Go CyberLink Corp. 26.04.2011 233MB 7.0.0.1327 unbekannt CyberLink PowerDirector CyberLink Corp. 26.04.2011 358MB 8.0.4020 unbekannt CyberLink PowerDVD 10 CyberLink Corp. 26.04.2011 186,6MB 10.0.2731.02 unbekannt CyberLink PowerDVD Copy CyberLink Corp. 26.04.2011 31,0MB 1.5.1306 unbekannt CyberLink PowerProducer CyberLink Corp. 26.04.2011 183,9MB 5.0.2.3503 unbekannt CyberLink YouCam CyberLink Corp. 26.04.2011 135,8MB 3.1.4013 unbekannt DivX-Setup DivX, LLC 11.01.2012 2.6.1.5 unnötig Dolby Home Theater v4 Dolby Laboratories Inc 23.04.2011 28,1MB 7.2.7000.4 notwendig Dotfuscator Software Services - Community Edition PreEmptive Solutions 28.10.2011 6,45MB 5.0.2500.0 unbekannt Dotfuscator Software Services - Community Edition - DEU PreEmptive Solutions 12.10.2011 2,85MB 5.0.2300.0 unbekannt FIFA 11 Electronic Arts 23.07.2011 6.262MB 1.0.0.0 notwendig HTC BMP USB Driver HTC 28.07.2011 0,28MB 1.0.5375 unbekannt HTC Driver Installer HTC Corporation 28.07.2011 1,87MB 3.0.0.005 unbekannt HTC Sync HTC 28.07.2011 40,8MB 3.0.5517 notwendig Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel Corporation 23.04.2011 88,7MB 1.0.2.0518 unbekannt Intel(R) PROSet/Wireless WiFi Software Intel Corporation 23.04.2011 137,3MB 14.0.3000 unbekannt Intel(R) WiDi Intel Corporation 23.04.2011 141,7MB 2.1.35.0 unbekannt Internet-TV für Windows Media Center Microsoft Corporation 26.02.2012 13,7MB 4.2.2.0 notwendig Java(TM) 6 Update 24 Oracle 23.04.2011 96,9MB 6.0.240 unnötig Java(TM) 6 Update 31 (64-bit) Oracle 15.02.2012 91,8MB 6.0.310 notwendig JLC's Internet TV 25.02.2012 unnötig Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Microsoft Corporation 23.04.2011 5,57MB 15.4.5722.2 unbekannt Launch Manager Wistron Corp. 23.04.2011 1.5.1.3 unbekannt Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 02.03.2012 17,4MB 1.60.1.1000 notwendig Medion Home Cinema CyberLink Corp. 26.04.2011 36,7MB 8.0.2608 unnötig Microsoft .NET Compact Framework 2.0 SP2 Microsoft Corporation 20.07.2011 93,2MB 2.0.7045 unbekannt Microsoft .NET Compact Framework 3.5 Microsoft Corporation 20.07.2011 81,5MB 3.5.7283 unbekannt Microsoft .NET Framework 4 Client Profile Microsoft Corporation 23.04.2011 38,8MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 12.10.2011 2,94MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Extended Microsoft Corporation 12.10.2011 52,0MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 12.10.2011 10,7MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 12.10.2011 83,5MB 4.0.30319 unbekannt Microsoft ASP.NET MVC 2 Microsoft Corporation 12.10.2011 0,47MB 2.0.50217.0 unbekannt Microsoft ASP.NET MVC 2 - DEU Microsoft Corporation 12.10.2011 25,00KB 2.0.50331.0 unbekannt Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 12.10.2011 2,25MB 2.0.50217.0 unbekannt Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU Microsoft Corporation 12.10.2011 2,07MB 2.0.50331.0 unbekannt Microsoft Device Emulator (64 Bit) Version 3.0 - DEU Microsoft Corporation 20.07.2011 2,33MB 9.0.21022 unbekannt Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 23.07.2011 31,3MB 3.5.88.0 unbekannt Microsoft Games for Windows Marketplace Microsoft Corporation 23.07.2011 6,04MB 3.5.50.0 unbekannt Microsoft Silverlight Microsoft Corporation 15.02.2012 100,2MB 4.1.10111.0 unbekannt Microsoft Silverlight 3 SDK - Deutsch Microsoft Corporation 12.10.2011 32,8MB 3.0.40818.0 unbekannt Microsoft Silverlight 4 SDK - Deutsch Microsoft Corporation 28.10.2011 52,4MB 4.0.50826.0 unbekannt Microsoft SQL Server 2005 Microsoft Corporation 20.07.2011 unbekannt Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 23.04.2011 1,70MB 3.1.0000 unbekannt Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 28.10.2011 14,4MB 10.50.1750.9 unbekannt Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft Corporation 28.10.2011 6,59MB 10.50.1750.9 unbekannt Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst Microsoft Corporation 29.10.2011 6,79MB 10.50.1752.9 unbekannt Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework Microsoft Corporation 28.10.2011 5,62MB 10.50.1750.9 unbekannt Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt Microsoft Corporation 28.10.2011 14,1MB 10.50.1750.9 unbekannt Microsoft SQL Server Compact 3.5 Design Tools DEU Microsoft Corporation 20.07.2011 8,53MB 3.5.5386.0 unbekannt Microsoft SQL Server Compact 3.5 for Devices DEU Microsoft Corporation 20.07.2011 46,5MB 3.5.5386.0 unbekannt Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 12.10.2011 3,69MB 3.5.8080.0 unbekannt Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 12.10.2011 4,81MB 3.5.8080.0 unbekannt Microsoft SQL Server Database Publishing Wizard 1.2 Microsoft Corporation 20.07.2011 6,19MB 1.2.0.0 unbekannt Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 12.10.2011 10,2MB 10.1.2512.8 unbekannt Microsoft SQL Server Native Client Microsoft Corporation 20.07.2011 5,89MB 9.00.5000.00 unbekannt Microsoft SQL Server System CLR Types Microsoft Corporation 28.10.2011 0,93MB 10.50.1750.9 unbekannt Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 28.10.2011 0,81MB 10.50.1750.9 unbekannt Microsoft SQL Server VSS Writer Microsoft Corporation 20.07.2011 1,12MB 9.00.5000.00 unbekannt Microsoft Sync Framework Runtime v1.0 SP1 (x64) de Microsoft Corporation 12.10.2011 1,04MB 1.0.3010.0 unbekannt Microsoft Sync Framework SDK v1.0 SP1 de Microsoft Corporation 12.10.2011 30,0MB 1.0.3010.0 unbekannt Microsoft Sync Framework Services v1.0 SP1 (x64) de Microsoft Corporation 12.10.2011 2,89MB 1.0.3010.0 unbekannt Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de Microsoft Corporation 12.10.2011 0,58MB 2.0.3010.0 unbekannt Microsoft Team Foundation Server 2010-Objektmodell - DEU Microsoft Corporation 28.10.2011 10.0.40219 unbekannt Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 22.04.2011 0,25MB 8.0.50727.4053 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 08.01.2012 2,38MB 8.0.56336 unbekannt Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 23.04.2011 0,77MB 9.0.30729 unnötig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 19.12.2011 0,22MB 9.0.30729.4148 unnötig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 20.07.2011 0,77MB 9.0.30729.6161 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 23.07.2011 0,23MB 9.0.30729 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 23.04.2011 0,58MB 9.0.30729 unnötig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 20.07.2011 0,59MB 9.0.30729.6161 unnötig Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Corporation 12.10.2011 0,30MB 10.0.30319 notwendig Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Corporation 28.10.2011 33,5MB 10.0.40219 notwendig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 02.03.2012 11,1MB 10.0.40219 notwendig Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Corporation 28.10.2011 26,3MB 10.0.40219 notwendig Microsoft Visual F# 2.0 Runtime Microsoft Corporation 28.10.2011 5,84MB 10.0.40219 unbekannt Microsoft Visual F# 2.0 Runtime Language Pack - DEU Microsoft Corporation 12.10.2011 1,30MB 10.0.30319 unbekannt Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 28.10.2011 35,3MB 10.0.40219 notwendig Microsoft Visual Studio 2010 Professional - DEU Microsoft Corporation 12.10.2011 10.0.30319 notwendig Microsoft Visual Studio 2010 Service Pack 1 Microsoft Corporation 28.10.2011 76,0MB 10.0.40219 notwendig Microsoft Visual Studio Macro Tools Microsoft Corporation 12.10.2011 9.0.30729 unbekannt Microsoft Visual Studio Macro Tools - DEU Language Pack Microsoft Corporation 12.10.2011 9.0.30729 unbekannt Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools Microsoft 20.07.2011 22,8MB 3.5.21022 unbekannt Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Corporation 20.07.2011 115,0MB 6.1.5288.17011 unbekannt Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Corporation 20.07.2011 6,65MB 6.1.5288.17011 unbekannt Microsoft Windows SDK for Visual Studio 2008 Tools Microsoft Corporation 20.07.2011 15,6MB 6.1.5288.17011 unbekannt Microsoft Windows SDK for Visual Studio 2008 Win32 Tools Microsoft Corporation 20.07.2011 18,6MB 6.1.5288.17011 unbekannt Microsoft Xbox 360 Accessories 1.1 Microsoft 29.07.2011 7,37MB 1.10.123.0 notwendig Mozilla Firefox 10.0.2 (x86 de) Mozilla 20.02.2012 36,0MB 10.0.2 notwendig Mp3tag v2.49b Florian Heidenreich 21.02.2012 v2.49b notwendig MSXML 4.0 SP2 (KB973688) Microsoft Corporation 22.04.2011 1,34MB 4.20.9876.0 unbekannt MSXML 4.0 SP3 Parser Microsoft Corporation 28.07.2011 1,48MB 4.30.2100.0 unbekannt MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 01.08.2011 1,53MB 4.30.2107.0 unbekannt Need for Speed™ Undercover Electronic Arts 19.07.2011 6.620MB 1.0.1.0 notwendig Nero 8 Ultra Edition HD Nero AG 19.07.2011 1.759MB 8.3.312 notwendig Notepad++ 17.11.2011 5.9.6.2 notwendig OMNI CONTROL USB Audio driver 19.01.2012 notwendig OpenAL 23.07.2011 unbekannt PDFCreator Frank Heindörfer, Philip Chinery 29.10.2011 1.2.3 notwendig PlayReady PC Runtime amd64 Microsoft Corporation 19.07.2011 2,06MB 1.3.0 unbekannt PunkBuster Services Even Balance, Inc. 27.10.2011 0.986 unbekannt Realtek USB 2.0 Reader Driver Realtek Semiconductor Corp. 23.04.2011 6.1.7600.10010 unbekannt Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 23.04.2011 1,01MB 2.0.34.0 unbekannt Saints Row The Third 21.02.2012 notwendig Skype™ 5.5 Skype Technologies S.A. 16.11.2011 19,1MB 5.5.124 notwendig Spelling Dictionaries Support For Adobe Reader X Adobe Systems Incorporated 23.04.2011 85,7MB 10.0.0 unbekannt Spyware Terminator 2012 Crawler.com 02.03.2012 19,7MB 3.0.0.61 unnötig Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 20.07.2011 30,6MB 9.00.5000.00 unbekannt Veetle TV 0.9.18 Veetle, Inc 19.01.2012 0.9.18 unnötig VirtualDJ PRO Full Atomix Productions 11.02.2012 49,2MB 7.0.5 notwendig Visual Studio .NET Prerequisites - English Microsoft Corporation 20.07.2011 2,28MB 9.0.21022 unbekannt Visual Studio 2010 Prerequisites - English Microsoft Corporation 28.10.2011 23,3MB 10.0.40219 unbekannt Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 12.10.2011 11,2MB 4.0.8080.0 unbekannt VLC media player 1.1.11 VideoLAN 20.07.2011 1.1.11 notwendig WCF RIA Services V1.0 SP1 Microsoft Corporation 28.10.2011 12,3MB 4.1.60114.0 unbekannt Web Deployment Tool Microsoft Corporation 12.10.2011 3,10MB 1.1.0618 unbekannt Winamp Nullsoft, Inc 20.07.2011 5.621 unnötig Winamp Erkennungs-Plug-in Nullsoft, Inc 20.07.2011 75,00KB 1.0.0.1 unnötig Windows Live Essentials Microsoft Corporation 24.04.2011 15.4.3508.1109 unbekannt Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 23.04.2011 5,38MB 15.4.5722.2 unbekannt Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 23.04.2011 5,58MB 15.4.5722.2 unbekannt Windows Live Mesh ActiveX-objekt til fjernforbindelser Microsoft Corporation 23.04.2011 5,57MB 15.4.5722.2 unbekannt Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz Microsoft Corporation 23.04.2011 5,58MB 15.4.5722.2 unbekannt Windows Media Center Add-in for Silverlight Microsoft Corporation 26.02.2012 0,24MB 4.7.3.0 unbekannt Windows Media Encoder 9 Series 23.04.2011 unbekannt Windows Media Player Firefox Plugin Microsoft Corp 31.07.2011 0,29MB 1.0.0.8 unbekannt Windows Mobile 5.0 SDK R2 for Pocket PC Microsoft Corporation 20.07.2011 130,4MB 5.00.1700.5.14343.06 unbekannt Windows Mobile 5.0 SDK R2 for Smartphone Microsoft Corporation 20.07.2011 79,2MB 5.00.1700.5.14343.06 unbekannt X10 Hardware(TM) 20.07.2011 unbekannt Zattoo4 4.0.5 Zattoo Inc. 25.02.2012 notwendig 4.0.5 unnötig µTorrent 06.01.2012 3.1.0 |
|
| Themen zu Virus - Betreibssystem blockiert, 50 Euro zahlen |
| 50 euro, antivir, antivirus, avira, betriebssystem blockiert bundeskriminalamt trojaner 50euro, bho, blockiert, document, error, euro, firefox, google, gruppe, helper, home, launch, logfile, nvstor.sys, plug-in, problem, realtek, registry, required, rundll, scan, searchscopes, security, senden, software, super, trojaner, trojaner board, usb 3.0, viren, virus, windows |
Linear-Darstellung
