Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.
Hallo Leute,
Habe ein ernsthaftes Problem und hab kein ahnung wie ich dieses beheben soll. Seit Gestern scheint bei mir, immer wenn ich eine Internetverbindung aufbaue, eine Meldung auf, das ich eine Straftat begangen habe mit dem Titel "Cyber Crime Investigation Dpartment".Was soll ich jetzt tun ?
P.S.: Ich habe keinerlei Erfahrung in solchen sachen, und bitte deshalb um eine deteilierte Anleitung um dieses Problem wieder loszuwerden.
hi
Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:
Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.
Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.
Vielen Dank für den Tipp !!!
Ich werde es heute Abend gleich ausprobieren!!!
Falls das gnze hinhaut ist der Trojaner dann ganz bestimmt weg oder.....??
Gut, habe nun den Scan durchgeführt.
Kann ich jetzt wieder versuchen ins Internet zu gehen oder noch abwarten?
Wie gewünscht hier der Inhalt der OTL-Datei:
Code:
ATTFilter
OTL logfile created on: 9/3/2012 10:50:15 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 199.88 Gb Free Space | 69.33% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 160.99 Gb Free Space | 54.01% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (WwanSvc)
SRV - File not found [On_Demand] -- -- (WbioSrvc)
SRV - File not found [On_Demand] -- -- (wbengine)
SRV - File not found [On_Demand] -- -- (WatAdminSvc)
SRV - File not found [On_Demand] -- -- (UmRdpService)
SRV - File not found [Auto] -- -- (Themes)
SRV - File not found [On_Demand] -- -- (StorSvc)
SRV - File not found [On_Demand] -- -- (sppuinotify)
SRV - File not found [Auto] -- -- (sppsvc)
SRV - File not found [Auto] -- -- (SkypeUpdate)
SRV - File not found [Auto] -- -- (Skype C2C Service)
SRV - File not found [On_Demand] -- -- (SensrSvc)
SRV - File not found [Auto] -- -- (RpcEptMapper)
SRV - File not found [Auto] -- -- (Power)
SRV - File not found [On_Demand] -- -- (PNRPsvc)
SRV - File not found [On_Demand] -- -- (PNRPAutoReg)
SRV - File not found [Auto] -- -- (PnkBstrA)
SRV - File not found [On_Demand] -- -- (PeerDistSvc)
SRV - File not found [Auto] -- -- (PC Performer Manager)
SRV - File not found [On_Demand] -- -- (p2pimsvc)
SRV - File not found [On_Demand] -- -- (odserv)
SRV - File not found [On_Demand] -- -- (Microsoft Office Groove Audit Service)
SRV - File not found [On_Demand] -- -- (McComponentHostService)
SRV - File not found [Auto] -- -- (McAfee SiteAdvisor Service)
SRV - File not found [Auto] -- -- (MBAMService)
SRV - File not found [On_Demand] -- -- (HomeGroupProvider)
SRV - File not found [On_Demand] -- -- (HomeGroupListener)
SRV - File not found [Auto] -- -- (GS In-Game Service)
SRV - File not found [Auto] -- -- (FontCache)
SRV - File not found [On_Demand] -- -- (Fax)
SRV - File not found [Auto] -- -- (Dhcp)
SRV - File not found [On_Demand] -- -- (defragsvc)
SRV - File not found [Auto] -- -- (CscService)
SRV - File not found [Auto] -- -- (C-DillaCdaC11BA)
SRV - File not found [On_Demand] -- -- (BDESVC)
SRV - File not found [On_Demand] -- -- (BBUpdate)
SRV - File not found [Auto] -- -- (BBSvc)
SRV - File not found [On_Demand] -- -- (AxInstSV)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - File not found [On_Demand] -- -- (AppIDSvc)
SRV - File not found [Auto] -- -- (AMD External Events Utility)
SRV - File not found [On_Demand] -- -- (AdobeFlashPlayerUpdateSvc)
SRV - File not found [Auto] -- -- (AcrSch2Svc)
SRV - File not found [Auto] -- -- (ACDaemon)
SRV - [2012/06/29 10:47:21 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 00:53:00 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (yukonw7)
DRV - File not found [Kernel | On_Demand] -- -- (WinUsb)
DRV - File not found [File_System | On_Demand] -- -- (WIMMount)
DRV - File not found [Kernel | System] -- -- (WfpLwf)
DRV - File not found [Kernel | On_Demand] -- -- (vwifibus)
DRV - File not found [Kernel | On_Demand] -- -- (VMBusHID)
DRV - File not found [Kernel | Boot] -- -- (vmbus)
DRV - File not found [Kernel | On_Demand] -- -- (vhdmp)
DRV - File not found [Kernel | Boot] -- -- (vdrvroot)
DRV - File not found [Kernel | On_Demand] -- -- (usbscan)
DRV - File not found [Kernel | On_Demand] -- -- (usb_rndisx)
DRV - File not found [Kernel | On_Demand] -- -- (TsUsbFlt)
DRV - File not found [Kernel | Boot] -- -- (timounter)
DRV - File not found [File_System | Auto] -- -- (tifsfilter)
DRV - File not found [Kernel | Boot] -- -- (tdrpman139) Acronis Try&Decide and Restore Points filter (build 139)
DRV - File not found [Kernel | On_Demand] -- -- (storvsc)
DRV - File not found [Kernel | Boot] -- -- (storflt)
DRV - File not found [Kernel | On_Demand] -- -- (stexstor)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdm)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdfl)
DRV - File not found [Kernel | On_Demand] -- -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - File not found [Kernel | Boot] -- -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - File not found [Kernel | On_Demand] -- -- (scfilter)
DRV - File not found [Kernel | On_Demand] -- -- (s3cap)
DRV - File not found [Kernel | Boot] -- -- (rdyboost)
DRV - File not found [Kernel | System] -- -- (RDPREFMP)
DRV - File not found [Kernel | On_Demand] -- -- (rdpbus)
DRV - File not found [Kernel | On_Demand] -- -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - File not found [Kernel | Boot] -- -- (pcw)
DRV - File not found [Kernel | On_Demand] -- -- (netw5v32) Intel(R)
DRV - File not found [Kernel | On_Demand] -- -- (NdisCap)
DRV - File not found [Kernel | On_Demand] -- -- (MTConfig)
DRV - File not found [Kernel | On_Demand] -- -- (mshidkmdf)
DRV - File not found [File_System | On_Demand] -- -- (MBAMProtector)
DRV - File not found [Kernel | On_Demand] -- -- (LSI_SAS2)
DRV - File not found [Kernel | Boot] -- -- (KSecPkg)
DRV - File not found [Kernel | Boot] -- -- (hwpolicy)
DRV - File not found [Kernel | On_Demand] -- -- (HpSAMD)
DRV - File not found [Kernel | On_Demand] -- -- (HidBatt)
DRV - File not found [Kernel | On_Demand] -- -- (hcw85cir)
DRV - File not found [Kernel | Boot] -- -- (fvevol)
DRV - File not found [File_System | On_Demand] -- -- (FsDepends)
DRV - File not found [Kernel | On_Demand] -- -- (ebdrv)
DRV - File not found [Kernel | System] -- -- (dtsoftbus01)
DRV - File not found [Kernel | System] -- -- (discache)
DRV - File not found [Kernel | System] -- -- (CSC)
DRV - File not found [Kernel | On_Demand] -- -- (CompositeBus)
DRV - File not found [Kernel | Boot] -- -- (CNG)
DRV - File not found [Kernel | Auto] -- -- (CdaC15BA)
DRV - File not found [Kernel | On_Demand] -- -- (b57nd60x)
DRV - File not found [Kernel | On_Demand] -- -- (b06bdrv)
DRV - File not found [Kernel | On_Demand] -- -- (AppID)
DRV - File not found [Kernel | Boot] -- -- (amdxata)
DRV - File not found [Kernel | On_Demand] -- -- (amdsbs)
DRV - File not found [Kernel | On_Demand] -- -- (amdsata)
DRV - File not found [Kernel | On_Demand] -- -- (AmdPPM)
DRV - File not found [Kernel | On_Demand] -- -- (amdkmdap)
DRV - File not found [Kernel | On_Demand] -- -- (AcpiPmi)
DRV - File not found [Kernel | On_Demand] -- -- (1394ohci)
DRV - [2011/07/20 03:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/07/20 03:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/07/20 03:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/07/20 03:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/07/20 03:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2007/12/20 18:55:05 | 003,478,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/12/20 18:55:05 | 003,478,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2007/08/08 23:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 14:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 13:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 14:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/06/17 00:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2006/12/14 11:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/22 13:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startsearcher.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.startsearcher.com
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Admin_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\Admin_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 1A 21 B1 C8 63 CC 01 [binary data]
IE - HKU\Anna_ON_D\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKU\Anna_ON_D\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - File not found
IE - HKU\Anna_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 13 AE 62 CF 94 CC 01 [binary data]
IE - HKU\Hannes_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.at/ [binary data]
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startsearcher.com
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.startsearcher.com
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 74 E5 54 15 63 CC 01 [binary data]
IE - HKU\Tobi_ON_D\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - Reg Error: Key error. File not found
IE - HKU\Tobi_ON_D\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
IE - HKU\Tobi_ON_D\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKU\Tobi_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tobi_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: F:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: F:\Program Files\McAfee\SiteAdvisor
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: F:\ProgramData\PC Performer Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2010/07/20 17:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/20 17:16:27 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/13 18:04:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/05/06 16:06:44 | 000,002,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/07/13 18:04:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/07/17 13:46:42 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010/07/13 18:04:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/07/13 18:04:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/07/13 18:04:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - File not found
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - File not found
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - File not found
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Anna_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Anna_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [APSDaemon] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [DATAMNGR] File not found
O4 - HKLM..\Run: [DivXUpdate] File not found
O4 - HKLM..\Run: [GrooveMonitor] File not found
O4 - HKLM..\Run: [HP Software Update] File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] File not found
O4 - HKLM..\Run: [Nikon Message Center 2] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] File not found
O4 - HKU\Anna_ON_D..\Run: [Google Update] File not found
O4 - HKU\Anna_ON_D..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Anna_ON_D..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Tobi_ON_D..\Run: [DAEMON Tools Lite] File not found
O4 - HKU\Tobi_ON_D..\Run: [Facebook Update] File not found
O4 - HKU\Tobi_ON_D..\Run: [Google Update] File not found
O4 - HKU\Tobi_ON_D..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Tobi_ON_D..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Tobi_ON_D..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Tobi_ON_D..\Run: [Steam] File not found
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Admin_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Anna_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Hannes_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tobi_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - File not found
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - File not found
O20 - AppInit_DLLs: (f:\progra~2\pcperf~1\22580~1.182\{16cdf~1\pcpmngr.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - F:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - F:\Windows\system32\Rundll32.exe F:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - F:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "F:\Windows\System32\rundll32.exe" "F:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: seclogon - D:\Windows\System32\seclogon.dll (Microsoft Corporation)
NetSvcs: Themes - File not found
NetSvcs: BDESVC - File not found
NetSvcs: AppMgmt - File not found
========== Files/Folders - Created Within 30 Days ==========
[2007/01/24 14:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/09 17:11:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/09 17:11:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/09 17:09:58 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/09 17:09:53 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:09:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:09:43 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/25 05:53:24 | 000,747,592 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011/08/25 05:53:24 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011/08/25 05:53:22 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011/07/26 11:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/07/26 11:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/07/26 11:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/07/26 11:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/07/26 11:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/04/09 02:49:30 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2009/12/06 08:26:59 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2009/12/06 08:26:59 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2009/09/09 13:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/02/05 15:56:49 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/01/13 13:52:39 | 000,000,284 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/12/25 03:12:44 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/25 03:12:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/23 16:15:33 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/04 08:02:14 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2008/07/04 08:02:11 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/07/04 08:02:00 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2008/07/04 07:57:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008/07/04 07:54:13 | 000,000,024 | ---- | C] () -- C:\Windows\System32\ChkMail.ini
[2008/07/04 06:35:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/07/04 06:29:32 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/04/16 07:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 07:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 07:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 07:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/04/16 06:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/12/20 18:02:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/20 17:33:43 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/11/08 13:54:33 | 000,159,146 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/08/06 13:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007/03/30 07:31:20 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dec_jl6.dll
[2007/03/06 10:39:19 | 000,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,464,192 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 05:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/04/03 03:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1998/05/06 08:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
========== LOP Check ==========
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/01/02 05:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2008/12/27 14:09:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2011/06/23 15:19:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Big Fish Games
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/10/15 09:24:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/08/14 15:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Intenium
[2009/03/26 14:34:58 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2011/05/06 16:10:38 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2009/03/26 14:34:58 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2008/07/04 07:44:00 | 000,000,000 | ---D | M] -- C:\ProgramData\P4G
[2011/08/11 14:53:59 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2011/08/15 16:36:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/05/31 10:50:02 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/02/14 05:05:53 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/26 14:33:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\{783529ED-FB56-4E47-9A20-F9C23D22C2D0}
[2009/03/26 14:34:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8AF9D3CF-B9B5-4F8E-B47F-D26DF984D190}
[2009/03/26 14:33:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\{C3358ED5-0ADD-4BA0-8F60-B5A7CD34BD14}
[2011/08/11 15:03:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/05/30 13:39:56 | 000,000,252 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012/08/09 17:11:45 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
Invalid Environment Variable: %SYSTEMDRIVE %\*.
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Preload\drivers\IASTOR.SYS
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008/01/20 23:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 23:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 23:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
Gut, habe nun den Scan durchgeführt.
Kann ich jetzt wieder versuchen ins Internet zu gehen oder noch abwarten?
Wie gewünscht hier der Inhalt der OTL-Datei:
Code:
ATTFilter
OTL logfile created on: 9/3/2012 10:50:15 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 199.88 Gb Free Space | 69.33% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 160.99 Gb Free Space | 54.01% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (WwanSvc)
SRV - File not found [On_Demand] -- -- (WbioSrvc)
SRV - File not found [On_Demand] -- -- (wbengine)
SRV - File not found [On_Demand] -- -- (WatAdminSvc)
SRV - File not found [On_Demand] -- -- (UmRdpService)
SRV - File not found [Auto] -- -- (Themes)
SRV - File not found [On_Demand] -- -- (StorSvc)
SRV - File not found [On_Demand] -- -- (sppuinotify)
SRV - File not found [Auto] -- -- (sppsvc)
SRV - File not found [Auto] -- -- (SkypeUpdate)
SRV - File not found [Auto] -- -- (Skype C2C Service)
SRV - File not found [On_Demand] -- -- (SensrSvc)
SRV - File not found [Auto] -- -- (RpcEptMapper)
SRV - File not found [Auto] -- -- (Power)
SRV - File not found [On_Demand] -- -- (PNRPsvc)
SRV - File not found [On_Demand] -- -- (PNRPAutoReg)
SRV - File not found [Auto] -- -- (PnkBstrA)
SRV - File not found [On_Demand] -- -- (PeerDistSvc)
SRV - File not found [Auto] -- -- (PC Performer Manager)
SRV - File not found [On_Demand] -- -- (p2pimsvc)
SRV - File not found [On_Demand] -- -- (odserv)
SRV - File not found [On_Demand] -- -- (Microsoft Office Groove Audit Service)
SRV - File not found [On_Demand] -- -- (McComponentHostService)
SRV - File not found [Auto] -- -- (McAfee SiteAdvisor Service)
SRV - File not found [Auto] -- -- (MBAMService)
SRV - File not found [On_Demand] -- -- (HomeGroupProvider)
SRV - File not found [On_Demand] -- -- (HomeGroupListener)
SRV - File not found [Auto] -- -- (GS In-Game Service)
SRV - File not found [Auto] -- -- (FontCache)
SRV - File not found [On_Demand] -- -- (Fax)
SRV - File not found [Auto] -- -- (Dhcp)
SRV - File not found [On_Demand] -- -- (defragsvc)
SRV - File not found [Auto] -- -- (CscService)
SRV - File not found [Auto] -- -- (C-DillaCdaC11BA)
SRV - File not found [On_Demand] -- -- (BDESVC)
SRV - File not found [On_Demand] -- -- (BBUpdate)
SRV - File not found [Auto] -- -- (BBSvc)
SRV - File not found [On_Demand] -- -- (AxInstSV)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - File not found [On_Demand] -- -- (AppIDSvc)
SRV - File not found [Auto] -- -- (AMD External Events Utility)
SRV - File not found [On_Demand] -- -- (AdobeFlashPlayerUpdateSvc)
SRV - File not found [Auto] -- -- (AcrSch2Svc)
SRV - File not found [Auto] -- -- (ACDaemon)
SRV - [2012/06/29 10:47:21 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 00:53:00 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (yukonw7)
DRV - File not found [Kernel | On_Demand] -- -- (WinUsb)
DRV - File not found [File_System | On_Demand] -- -- (WIMMount)
DRV - File not found [Kernel | System] -- -- (WfpLwf)
DRV - File not found [Kernel | On_Demand] -- -- (vwifibus)
DRV - File not found [Kernel | On_Demand] -- -- (VMBusHID)
DRV - File not found [Kernel | Boot] -- -- (vmbus)
DRV - File not found [Kernel | On_Demand] -- -- (vhdmp)
DRV - File not found [Kernel | Boot] -- -- (vdrvroot)
DRV - File not found [Kernel | On_Demand] -- -- (usbscan)
DRV - File not found [Kernel | On_Demand] -- -- (usb_rndisx)
DRV - File not found [Kernel | On_Demand] -- -- (TsUsbFlt)
DRV - File not found [Kernel | Boot] -- -- (timounter)
DRV - File not found [File_System | Auto] -- -- (tifsfilter)
DRV - File not found [Kernel | Boot] -- -- (tdrpman139) Acronis Try&Decide and Restore Points filter (build 139)
DRV - File not found [Kernel | On_Demand] -- -- (storvsc)
DRV - File not found [Kernel | Boot] -- -- (storflt)
DRV - File not found [Kernel | On_Demand] -- -- (stexstor)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdm)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdfl)
DRV - File not found [Kernel | On_Demand] -- -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - File not found [Kernel | Boot] -- -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - File not found [Kernel | On_Demand] -- -- (scfilter)
DRV - File not found [Kernel | On_Demand] -- -- (s3cap)
DRV - File not found [Kernel | Boot] -- -- (rdyboost)
DRV - File not found [Kernel | System] -- -- (RDPREFMP)
DRV - File not found [Kernel | On_Demand] -- -- (rdpbus)
DRV - File not found [Kernel | On_Demand] -- -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - File not found [Kernel | Boot] -- -- (pcw)
DRV - File not found [Kernel | On_Demand] -- -- (netw5v32) Intel(R)
DRV - File not found [Kernel | On_Demand] -- -- (NdisCap)
DRV - File not found [Kernel | On_Demand] -- -- (MTConfig)
DRV - File not found [Kernel | On_Demand] -- -- (mshidkmdf)
DRV - File not found [File_System | On_Demand] -- -- (MBAMProtector)
DRV - File not found [Kernel | On_Demand] -- -- (LSI_SAS2)
DRV - File not found [Kernel | Boot] -- -- (KSecPkg)
DRV - File not found [Kernel | Boot] -- -- (hwpolicy)
DRV - File not found [Kernel | On_Demand] -- -- (HpSAMD)
DRV - File not found [Kernel | On_Demand] -- -- (HidBatt)
DRV - File not found [Kernel | On_Demand] -- -- (hcw85cir)
DRV - File not found [Kernel | Boot] -- -- (fvevol)
DRV - File not found [File_System | On_Demand] -- -- (FsDepends)
DRV - File not found [Kernel | On_Demand] -- -- (ebdrv)
DRV - File not found [Kernel | System] -- -- (dtsoftbus01)
DRV - File not found [Kernel | System] -- -- (discache)
DRV - File not found [Kernel | System] -- -- (CSC)
DRV - File not found [Kernel | On_Demand] -- -- (CompositeBus)
DRV - File not found [Kernel | Boot] -- -- (CNG)
DRV - File not found [Kernel | Auto] -- -- (CdaC15BA)
DRV - File not found [Kernel | On_Demand] -- -- (b57nd60x)
DRV - File not found [Kernel | On_Demand] -- -- (b06bdrv)
DRV - File not found [Kernel | On_Demand] -- -- (AppID)
DRV - File not found [Kernel | Boot] -- -- (amdxata)
DRV - File not found [Kernel | On_Demand] -- -- (amdsbs)
DRV - File not found [Kernel | On_Demand] -- -- (amdsata)
DRV - File not found [Kernel | On_Demand] -- -- (AmdPPM)
DRV - File not found [Kernel | On_Demand] -- -- (amdkmdap)
DRV - File not found [Kernel | On_Demand] -- -- (AcpiPmi)
DRV - File not found [Kernel | On_Demand] -- -- (1394ohci)
DRV - [2011/07/20 03:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/07/20 03:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/07/20 03:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/07/20 03:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/07/20 03:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2007/12/20 18:55:05 | 003,478,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/12/20 18:55:05 | 003,478,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2007/08/08 23:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 14:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 13:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 14:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/06/17 00:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2006/12/14 11:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/22 13:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startsearcher.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.startsearcher.com
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKLM\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Admin_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\Admin_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Anna_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 1A 21 B1 C8 63 CC 01 [binary data]
IE - HKU\Anna_ON_D\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKU\Anna_ON_D\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - File not found
IE - HKU\Anna_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Hannes_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 13 AE 62 CF 94 CC 01 [binary data]
IE - HKU\Hannes_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.at/ [binary data]
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startsearcher.com
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.startsearcher.com
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Tobi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 74 E5 54 15 63 CC 01 [binary data]
IE - HKU\Tobi_ON_D\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - Reg Error: Key error. File not found
IE - HKU\Tobi_ON_D\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
IE - HKU\Tobi_ON_D\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
IE - HKU\Tobi_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tobi_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: F:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: F:\Program Files\McAfee\SiteAdvisor
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: F:\ProgramData\PC Performer Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2010/07/20 17:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/20 17:16:27 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/13 18:04:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/05/06 16:06:44 | 000,002,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/07/13 18:04:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/07/17 13:46:42 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2010/07/13 18:04:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/07/13 18:04:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/07/13 18:04:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - File not found
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - File not found
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - File not found
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Admin_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Anna_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Anna_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Hannes_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - File not found
O3 - HKU\Tobi_ON_D\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [APSDaemon] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [DATAMNGR] File not found
O4 - HKLM..\Run: [DivXUpdate] File not found
O4 - HKLM..\Run: [GrooveMonitor] File not found
O4 - HKLM..\Run: [HP Software Update] File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] File not found
O4 - HKLM..\Run: [Nikon Message Center 2] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] File not found
O4 - HKU\Anna_ON_D..\Run: [Google Update] File not found
O4 - HKU\Anna_ON_D..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Anna_ON_D..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Tobi_ON_D..\Run: [DAEMON Tools Lite] File not found
O4 - HKU\Tobi_ON_D..\Run: [Facebook Update] File not found
O4 - HKU\Tobi_ON_D..\Run: [Google Update] File not found
O4 - HKU\Tobi_ON_D..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Tobi_ON_D..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Tobi_ON_D..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Tobi_ON_D..\Run: [Steam] File not found
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Admin_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Anna_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Hannes_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tobi_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - File not found
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - File not found
O20 - AppInit_DLLs: (f:\progra~2\pcperf~1\22580~1.182\{16cdf~1\pcpmngr.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - F:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - F:\Windows\system32\Rundll32.exe F:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - F:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "F:\Windows\System32\rundll32.exe" "F:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: seclogon - D:\Windows\System32\seclogon.dll (Microsoft Corporation)
NetSvcs: Themes - File not found
NetSvcs: BDESVC - File not found
NetSvcs: AppMgmt - File not found
========== Files/Folders - Created Within 30 Days ==========
[2007/01/24 14:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/09 17:11:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/09 17:11:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/09 17:09:58 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/09 17:09:53 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:09:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:09:43 | 3220,430,848 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/25 05:53:24 | 000,747,592 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2011/08/25 05:53:24 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2011/08/25 05:53:22 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2011/07/26 11:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/07/26 11:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/07/26 11:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/07/26 11:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/07/26 11:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/04/09 02:49:30 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2009/12/06 08:26:59 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2009/12/06 08:26:59 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2009/09/09 13:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/02/05 15:56:49 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/01/13 13:52:39 | 000,000,284 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/12/25 03:12:44 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/25 03:12:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/23 16:15:33 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/04 08:02:14 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2008/07/04 08:02:11 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/07/04 08:02:00 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2008/07/04 07:57:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008/07/04 07:54:13 | 000,000,024 | ---- | C] () -- C:\Windows\System32\ChkMail.ini
[2008/07/04 06:35:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/07/04 06:29:32 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/04/16 07:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 07:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 07:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 07:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/04/16 06:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/12/20 18:02:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/20 17:33:43 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/11/08 13:54:33 | 000,159,146 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/08/06 13:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007/03/30 07:31:20 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dec_jl6.dll
[2007/03/06 10:39:19 | 000,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,464,192 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 05:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/04/03 03:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1998/05/06 08:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
========== LOP Check ==========
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/01/02 05:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2008/12/27 14:09:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2011/06/23 15:19:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Big Fish Games
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/10/15 09:24:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/08/14 15:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Intenium
[2009/03/26 14:34:58 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2011/05/06 16:10:38 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2009/03/26 14:34:58 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2008/07/04 07:44:00 | 000,000,000 | ---D | M] -- C:\ProgramData\P4G
[2011/08/11 14:53:59 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2011/08/15 16:36:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/05/31 10:50:02 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/02/14 05:05:53 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/26 14:33:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\{783529ED-FB56-4E47-9A20-F9C23D22C2D0}
[2009/03/26 14:34:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8AF9D3CF-B9B5-4F8E-B47F-D26DF984D190}
[2009/03/26 14:33:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\{C3358ED5-0ADD-4BA0-8F60-B5A7CD34BD14}
[2011/08/11 15:03:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/05/30 13:39:56 | 000,000,252 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012/08/09 17:11:45 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
Invalid Environment Variable: %SYSTEMDRIVE %\*.
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Preload\drivers\IASTOR.SYS
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007/09/29 19:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008/01/20 23:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 23:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 23:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
Sry für die Doppelte Ausgabe hab keine Ahnung wie das passiert ist.
Kann mir jemand bitte sagen wann ich wieder ins Internet gehen kann?
hi
wenn es dir hier nicht schnell genug geht, gehe bitte in ein computer geschäft und zahle für hilfe, ansonsten halte dich an die foren regeln und warte, wie alle andern, bis du drann bistauf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.
Vielen Dank, es stan zwar das nun ein Neustart ausgeführt wird, es geschah aber nichts und als ich manuel neu startete hat es zwar geklappt aber es erschien kein otl.txt Datei. Was soll ich jetzt tun ?
ist ok
wenn du wieder auf windows zugreifen kannst:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel
F:\Users\Tobi\Downloads\WIN RAR + crack\WIN RAR + crack\32 Bit\Keygen WinRAR 3.9 x86 x64 deutsch.exe (RiskWare.Agent.CK) -> Erfolgreich gelöscht und in
die verwendung von keygens etc ist illegal deswegen kann ich dir hier nur beim neu aufsetzen helfen
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:
3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
Zum Thema Cyber Crime Investigation Depatment Virus - Hallo Leute,
Habe ein ernsthaftes Problem und hab kein ahnung wie ich dieses beheben soll. Seit Gestern scheint bei mir, immer wenn ich eine Internetverbindung aufbaue, eine Meldung auf, das - Cyber Crime Investigation Depatment Virus...
03.09.2012, 10:08
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
DDD
Linear-Darstellung
